Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Laptop gone slow

Started by Bhele , Sep 16 2011 09:03 AM

Please log in to reply

#1
Bhele

Posted 16 September 2011 - 09:03 AM

Member

Member
23 posts

My laptop has suddently gone slow. this is after I had downloaded a program from OUTUBE. This program was supposed to help with downloadng of Videos from YOUTUBE onto ones computer so that one can be able to play them off-line. I have a Acer Travelmate 6593 (laptop). I am currently running Windows XP (ver 2002). I am also runnig Kaspensky Internet Security 2011. All databases are up-todate. I have since deleted the download program form YOUTUBE.

Find following is my OTL logfile :-
----------------------------------------------------------------------------------------------------------------------

OTL logfile created on: 2011/09/16 09:21:32 AM - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Lungi\Desktop\Checking Malware - 09SEPT2011
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001C09 | Country: South Africa | Language: ENS | Date Format: yyyy/MM/dd

1.91 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 55.54% Memory free
3.76 Gb Paging File | 2.85 Gb Available in Paging File | 75.96% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.57 Gb Total Space | 41.31 Gb Free Space | 37.03% Space Free | Partition Type: NTFS
Drive D: | 111.55 Gb Total Space | 110.65 Gb Free Space | 99.19% Space Free | Partition Type: NTFS
Drive E: | 702.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.45 Gb Total Space | 7.36 Gb Free Space | 98.74% Space Free | Partition Type: FAT32
Drive G: | 35.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LUNGI-2010 | User Name: Lungi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/16 09:18:52 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lungi\Desktop\Checking Malware - 09SEPT2011\OTL.exe
PRC - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2011/01/10 16:24:44 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010/04/28 22:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files\Free Download Manager\fdm.exe
PRC - [2010/04/08 00:11:11 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Lungi\Local Settings\Temp\RtkBtMnt.exe
PRC - [2010/04/08 00:05:33 | 003,566,080 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
PRC - [2010/04/08 00:05:26 | 003,724,800 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
PRC - [2009/11/11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/10/27 09:13:44 | 000,090,112 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
PRC - [2009/07/03 11:40:30 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009/05/26 13:21:52 | 000,651,264 | ---- | M] (Nokia) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/08/07 15:29:58 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
PRC - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\WINDOWS\PLFSetI.exe
PRC - [2008/07/08 18:18:40 | 000,466,944 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008/06/10 00:36:16 | 000,870,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/06/03 03:38:36 | 002,058,776 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2008/06/03 03:38:34 | 000,367,128 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
PRC - [2008/06/03 03:38:30 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\LMS.exe
PRC - [2008/05/08 11:41:00 | 000,140,568 | ---- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\IfxPsdSv.exe
PRC - [2008/05/08 11:40:00 | 000,660,760 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\SpTNA.exe
PRC - [2008/05/08 11:40:00 | 000,185,624 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/18 18:02:08 | 000,069,632 | ---- | M] (Nikon Corporation) -- C:\Program Files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe
PRC - [2007/04/01 09:02:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
PRC - [2007/02/13 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

========== Modules (No Company Name) ==========

MOD - [2011/08/10 09:10:26 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
MOD - [2011/08/10 09:10:09 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/08/10 09:09:52 | 000,679,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
MOD - [2011/08/10 09:09:49 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/08/10 09:07:24 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/10 09:07:19 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011/08/10 09:07:08 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011/08/10 09:04:49 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/06/19 04:42:40 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2010/10/06 14:36:04 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_f93b1dc1\mscorlib.dll
MOD - [2010/10/06 10:06:28 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_705de7a0\system.drawing.dll
MOD - [2010/10/06 10:06:24 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_19126cb3\system.xml.dll
MOD - [2010/10/06 10:06:21 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_233740a0\system.windows.forms.dll
MOD - [2010/10/06 10:06:17 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_669d4af5\system.dll
MOD - [2010/10/06 10:06:12 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010/07/01 21:34:54 | 002,086,584 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avzkrnl.dll
MOD - [2010/06/15 14:40:18 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2010/04/08 00:05:36 | 000,080,896 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll
MOD - [2010/04/08 00:05:33 | 003,566,080 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/04/16 16:31:16 | 004,210,688 | ---- | M] () -- C:\Program Files\Nokia\PC Internet Access\GraphicsResources.ngr
MOD - [2008/12/30 01:03:26 | 000,098,304 | ---- | M] () -- C:\Program Files\Free Download Manager\iefdm2.dll
MOD - [2008/11/12 10:18:00 | 000,011,776 | ---- | M] () -- C:\Program Files\Nokia\PC Internet Access\TextResources_eng-us.nlr
MOD - [2008/08/30 01:21:48 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2008/08/30 01:21:48 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2008/08/30 01:21:48 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2008/08/30 01:21:48 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2008/08/12 10:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\WINDOWS\PLFSetI.exe
MOD - [2008/07/29 13:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2008/07/29 13:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2008/07/29 13:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2008/07/29 13:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2008/07/29 12:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2008/07/08 18:18:40 | 000,466,944 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
MOD - [2008/04/28 18:49:18 | 000,002,560 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
MOD - [2008/04/14 06:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/12/06 04:50:44 | 000,401,408 | ---- | M] () -- C:\Program Files\Free Download Manager\FUM\fumcore.dll
MOD - [2007/09/28 14:12:36 | 000,003,072 | ---- | M] () -- C:\Program Files\CyberLink\PowerDVD\Language\CLMUI\en-US\PDVDEnvRes.dll
MOD - [2007/06/25 04:09:00 | 001,024,000 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
MOD - [2007/06/25 04:09:00 | 000,098,304 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
MOD - [2007/06/25 04:09:00 | 000,061,440 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
MOD - [2007/04/01 09:00:28 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007/04/01 08:57:16 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2005/10/20 17:20:24 | 000,208,896 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\DialogDLL.dll
MOD - [2005/10/11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2003/06/07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011/01/10 16:24:44 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/04/08 00:05:33 | 003,566,080 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/07/03 11:40:30 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/06/03 03:38:36 | 002,058,776 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) Intel®
SRV - [2008/06/03 03:38:30 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel®
SRV - [2008/05/08 11:41:00 | 000,140,568 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\WINDOWS\system32\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2008/01/18 18:02:08 | 000,069,632 | ---- | M] (Nikon Corporation) [Auto | Running] -- C:\Program Files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe -- (NkPtpEnumWT3)
SRV - [2007/02/13 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)

========== Driver Services (SafeList) ==========

DRV - [2011/01/10 16:24:44 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (kl1)
DRV - [2010/05/07 12:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010/04/08 00:05:29 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/11/04 17:59:38 | 000,113,280 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/11/04 17:59:38 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/11/02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/10/06 11:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/10/06 11:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/10/06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/06/29 18:00:50 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/06/21 01:58:08 | 004,741,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/12 18:30:12 | 000,043,608 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008/06/12 18:23:12 | 000,101,848 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (O2SCBUS)
DRV - [2008/05/13 21:49:12 | 000,051,288 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/05/08 11:42:00 | 000,041,216 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2008/05/08 11:41:00 | 000,038,816 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2008/04/28 15:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2008/03/27 05:42:00 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel®
DRV - [2008/03/26 23:12:56 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2008/01/18 18:02:14 | 000,017,824 | ---- | M] (Nikon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NkVBus.sys -- (VBus)
DRV - [2007/10/01 14:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/03/31 22:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/03/31 22:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007/03/23 19:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/03/23 19:50:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/03/23 19:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/03/23 19:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007/01/26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (Int15)
DRV - [2006/12/22 20:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/12/22 20:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/12/22 20:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.za/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://howzit.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-za
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E B1 22 9D D1 CC CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b3d95960-fb6d-4603-b3e7-1d2b7281b0b3}: C:\Program Files\ImageConverter Plus\Firefox Extension

O1 HOSTS File: ([2008/04/14 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEButton Class) - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Boot] C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [NokiaPCInternetAccess] C:\Program Files\Nokia\PC Internet Access\NPCIA.exe (Nokia)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk = C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Convert with ImageConverter Plus... - res://C:\Program Files\ImageConverter Plus\icpwebintegration.exe/200 File not found
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www1.gotomee...ets/g2mdlax.cab (GoToMeeting Web Starter)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) -C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/03 12:05:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/08/03 15:43:46 | 000,000,119 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{166165aa-8050-11df-a57f-001e101f165a}\Shell - "" = AutoRun
O33 - MountPoints2\{166165aa-8050-11df-a57f-001e101f165a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{166165aa-8050-11df-a57f-001e101f165a}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL xoAusUf.EXE
O33 - MountPoints2\{25c58435-65f4-11df-a519-001e101fbcad}\Shell\AutoRun\command - "" = G:\Launcher.exe
O33 - MountPoints2\{30bb0d88-c0c3-11df-a66d-001d72f17f18}\Shell\AUtopLay\command - "" = cwmofe.exe
O33 - MountPoints2\{30bb0d88-c0c3-11df-a66d-001d72f17f18}\Shell\AutoRun\command - "" = cwmofe.exe
O33 - MountPoints2\{30bb0d88-c0c3-11df-a66d-001d72f17f18}\Shell\EXploRe\ComMANd - "" = cwmofe.exe
O33 - MountPoints2\{30bb0d88-c0c3-11df-a66d-001d72f17f18}\Shell\OPeN\CoMmaNd - "" = cwmofe.exe
O33 - MountPoints2\{36d14aa2-2554-11e0-a7ae-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{36d14aa2-2554-11e0-a7ae-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{36d14aa2-2554-11e0-a7ae-001d72f17f18}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sIuOn.exe
O33 - MountPoints2\{42ab463e-8a7e-11df-a59f-001d72f17f18}\Shell\AutoRun\command - "" = Recycle\P-1-3-64-8794238531-8742492-9897532\Redem.exe
O33 - MountPoints2\{42ab463e-8a7e-11df-a59f-001d72f17f18}\Shell\open\command - "" = Recycle\P-1-3-64-8794238531-8742492-9897532\Redem.exe
O33 - MountPoints2\{4a2b269a-dc34-11df-a6e0-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{4a2b269a-dc34-11df-a6e0-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4a2b269a-dc34-11df-a6e0-001d72f17f18}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{6408ab9a-4298-11df-a4a3-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{6408ab9a-4298-11df-a4a3-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6408ab9a-4298-11df-a4a3-00216a0a300e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{65b1cca0-f4a0-11df-a724-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{65b1cca0-f4a0-11df-a724-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{65b1cca0-f4a0-11df-a724-00216a0a300e}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{69b41b3c-6909-11df-a52c-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{69b41b3c-6909-11df-a52c-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{69b41b3c-6909-11df-a52c-001d72f17f18}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{925a1cb6-ccb0-11df-a69e-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{925a1cb6-ccb0-11df-a69e-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{925a1cb6-ccb0-11df-a69e-00216a0a300e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a919b216-43ca-11df-a4ad-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{a919b216-43ca-11df-a4ad-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a919b216-43ca-11df-a4ad-00216a0a300e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b45c2b3d-461a-11df-a4b2-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{b45c2b3d-461a-11df-a4b2-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b45c2b3d-461a-11df-a4b2-001d72f17f18}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- [2009/07/23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)
O33 - MountPoints2\{dcc5b712-b9e4-11df-a652-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{dcc5b712-b9e4-11df-a652-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dcc5b712-b9e4-11df-a652-001d72f17f18}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- [2009/07/23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)
O33 - MountPoints2\{e81ef331-713f-11df-a54d-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{e81ef331-713f-11df-a54d-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e81ef331-713f-11df-a54d-001d72f17f18}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL HAIhaEp.eXE
O33 - MountPoints2\{ef65fe62-4d8d-11e0-a839-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{ef65fe62-4d8d-11e0-a839-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ef65fe62-4d8d-11e0-a839-00216a0a300e}\Shell\AutoRun\command - "" = F:\LAUNCHER.exe
O33 - MountPoints2\{ffa73676-0da3-11e0-a769-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{ffa73676-0da3-11e0-a769-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffa73676-0da3-11e0-a769-001d72f17f18}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/16 09:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Checking Malware - 09SEPT2011
[2011/09/15 15:09:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/09/15 15:03:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Start Menu\Programs\CyberLink PowerDVD
[2011/09/14 10:26:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\DOLLY
[2011/09/14 10:24:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Phiri and Family
[2011/09/14 10:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\SIBANDA Baptismal
[2011/09/14 10:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Medingoane
[2011/09/14 10:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Khosi Car
[2011/09/14 09:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\New Folder
[2011/09/14 09:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011/09/14 09:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Local Settings\Application Data\OpenCandy
[2011/09/14 09:22:06 | 003,486,088 | ---- | C] (Ask) -- C:\Program Files\Common Files\ApnToolbarInstaller.exe
[2011/09/14 09:22:06 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnStub.exe
[2011/09/14 09:22:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Application Data\OpenCandy
[2011/09/14 08:49:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Application Data\Free Download Manager
[2011/09/14 08:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
[2011/09/14 08:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2011/09/14 08:31:26 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2011/09/13 08:40:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\2011 - PHOTO & FILM Expo
[2011/09/12 22:01:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Application Data\Nitro PDF
[2011/09/12 22:00:14 | 000,017,728 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalui.dll
[2011/09/12 22:00:13 | 000,026,432 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalmon.dll
[2011/09/12 21:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2011/09/12 10:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Fixing Fallen Wall
[2011/09/12 10:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Wall working
[2011/09/12 09:57:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Photos 12SEPT2011
[2011/09/11 19:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\KTS Docs with Lungi Mods at 11SEPT2011
[2011/09/09 18:15:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ant.com
[2011/09/09 18:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ant.com
[2011/09/09 18:12:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Local Settings\Application Data\ant.com
[2011/09/05 11:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Watermarked
[2011/08/31 13:44:27 | 000,000,000 | ---D | C] -- C:\Watermark-Image
[2011/08/29 06:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Gov Circulars
[2011/08/26 10:05:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Gov Tenders
[2011/08/24 09:11:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Tifs
[2011/08/19 15:03:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TSR Soft
[2011/08/19 15:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\TSR Soft
[2011/08/18 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\TSR Watermark Image Software - Photo protection using watermarks, freeware for personal use_files
[2010/04/08 00:08:40 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2010/04/08 00:07:26 | 000,024,576 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2010/04/08 00:05:05 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010/04/08 00:05:05 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/04/07 23:49:56 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/16 10:04:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/16 09:53:57 | 000,504,358 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Security Questionnaire- DD 1057 PDF 2003.pdf
[2011/09/16 09:23:04 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Connect.lnk
[2011/09/16 08:41:01 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D0556035-AE1F-4B71-8D60-B92C258E4901}.job
[2011/09/16 08:20:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/15 15:03:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/15 15:03:32 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/15 15:03:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/15 15:03:13 | 2056,007,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 14:00:48 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2011/09/15 12:27:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\RapidStudio Updater.job
[2011/09/14 15:54:19 | 000,002,511 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone SMS.lnk
[2011/09/14 08:31:30 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Free Download Manager.lnk
[2011/09/12 23:06:04 | 000,001,024 | RH-- | M] () -- C:\WINDOWS\System32\NTIMP3.dll
[2011/09/12 22:34:00 | 000,147,483 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Defence Intelligence Proposal_004.png
[2011/09/12 21:32:00 | 002,049,486 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Defence Intelligence Proposal.pdf
[2011/09/12 21:08:10 | 000,115,369 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/09/12 21:08:10 | 000,097,961 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/09/12 16:20:57 | 001,962,686 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\KTS logo.bmp
[2011/09/09 11:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/08 13:38:34 | 001,431,991 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Here is the Love Camp Form 2011.pdf
[2011/09/06 11:55:37 | 000,006,609 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU.rtf
[2011/09/06 11:48:38 | 005,291,524 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU Converted.rtf
[2011/09/06 11:42:33 | 000,352,348 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU.pdf
[2011/09/06 09:54:39 | 000,217,535 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8366.JPG
[2011/09/06 00:30:14 | 000,047,753 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Mail Welcome to Horde.mht
[2011/09/05 11:38:15 | 005,967,914 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr) - b and clnd.jpg
[2011/09/05 11:33:07 | 002,772,933 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr) - brightened.jpg
[2011/09/05 11:31:32 | 003,209,282 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr).JPG
[2011/09/01 13:46:03 | 002,219,573 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\PI_ZA_PROSPECTUS_2011.pdf
[2011/09/01 12:02:41 | 000,881,524 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8178.jpg
[2011/09/01 11:55:49 | 000,593,742 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8173.jpg
[2011/09/01 11:17:43 | 000,698,414 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Gautrain-fares.pdf
[2011/08/31 17:57:38 | 002,718,220 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8165.jpg
[2011/08/30 20:23:55 | 003,160,368 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC7660-testing.JPG
[2011/08/30 12:29:07 | 001,434,041 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\FROM Lungi Siqebengu - Affidavit plus brochure.pdf
[2011/08/30 02:00:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-LUNGI-2010-Lungi.job
[2011/08/29 13:36:01 | 000,075,040 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Lungis photo.jpg
[2011/08/29 06:26:51 | 000,114,580 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Contact RapidStudio 01JUL2011.pdf
[2011/08/21 02:44:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\Driver Fetch.job
[2011/08/19 05:40:26 | 000,772,761 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Job Seeker Registration & CV Upload Jobs_co_za Register on SA’s Job Portal to Apply to Jobs in South Africa.mht
[2011/08/18 13:55:13 | 000,023,392 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\TSR Watermark Image Software - Photo protection using watermarks, freeware for personal use.htm
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/16 09:53:57 | 000,504,358 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Security Questionnaire- DD 1057 PDF 2003.pdf
[2011/09/14 08:31:30 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Free Download Manager.lnk
[2011/09/12 22:34:00 | 000,147,483 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Defence Intelligence Proposal_004.png
[2011/09/12 21:32:00 | 002,049,486 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Defence Intelligence Proposal.pdf
[2011/09/12 16:20:57 | 001,962,686 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\KTS logo.bmp
[2011/09/08 13:38:34 | 001,431,991 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Here is the Love Camp Form 2011.pdf
[2011/09/06 11:48:37 | 005,291,524 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU Converted.rtf
[2011/09/06 11:47:28 | 000,006,609 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU.rtf
[2011/09/06 11:42:33 | 000,352,348 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU.pdf
[2011/09/06 09:54:37 | 000,217,535 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8366.JPG
[2011/09/06 00:30:12 | 000,047,753 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Mail Welcome to Horde.mht
[2011/09/05 11:38:14 | 005,967,914 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr) - b and clnd.jpg
[2011/09/05 11:33:02 | 002,772,933 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr) - brightened.jpg
[2011/09/05 11:31:32 | 003,209,282 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr).JPG
[2011/09/01 13:46:03 | 002,219,573 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\PI_ZA_PROSPECTUS_2011.pdf
[2011/09/01 12:01:54 | 000,881,524 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8178.jpg
[2011/09/01 11:55:48 | 000,593,742 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8173.jpg
[2011/08/31 17:57:29 | 002,718,220 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8165.jpg
[2011/08/30 20:23:54 | 003,160,368 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC7660-testing.JPG
[2011/08/30 12:29:07 | 001,434,041 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\FROM Lungi Siqebengu - Affidavit plus brochure.pdf
[2011/08/29 13:35:58 | 000,075,040 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Lungis photo.jpg
[2011/08/29 06:26:50 | 000,114,580 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Contact RapidStudio 01JUL2011.pdf
[2011/08/19 05:40:20 | 000,772,761 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Job Seeker Registration & CV Upload Jobs_co_za Register on SA’s Job Portal to Apply to Jobs in South Africa.mht
[2011/08/18 13:55:05 | 000,023,392 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\TSR Watermark Image Software - Photo protection using watermarks, freeware for personal use.htm
[2011/08/10 01:21:13 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/07/21 21:36:24 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Lungi\Application Data\Adobe BMP Format CS5 Prefs
[2011/04/24 17:09:51 | 000,000,277 | ---- | C] () -- C:\WINDOWS\ImageInc.ini
[2011/04/01 00:22:52 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Lungi\Application Data\mdbu.bin
[2011/03/13 18:22:52 | 000,000,236 | ---- | C] () -- C:\WINDOWS\BIOLOGIN.EXE
[2011/01/18 12:01:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JCMKR32.INI
[2011/01/17 14:57:35 | 000,507,936 | ---- | C] () -- C:\WINDOWS\System32\RS_Updater_uninstall.exe
[2011/01/09 07:34:38 | 000,115,369 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/01/09 07:34:38 | 000,097,961 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/12/09 08:28:31 | 000,010,709 | ---- | C] () -- C:\WINDOWS\hpwscr19.dat
[2010/10/06 15:51:15 | 016,072,286 | ---- | C] () -- C:\WINDOWS\System32\RapidStudio_RapidStudio_uninstaller.exe
[2010/09/27 17:59:15 | 003,066,992 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/20 02:05:31 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/09/16 22:46:55 | 015,339,517 | ---- | C] () -- C:\WINDOWS\System32\Studio22_Studio22 Album Maker_uninstaller.exe
[2010/08/21 23:27:56 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010/08/21 23:14:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Guides
[2010/08/21 23:14:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Lungi\Application Data\Generic
[2010/08/21 23:14:37 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT
[2010/08/21 23:14:37 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Pop Kit
[2010/08/21 23:14:29 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Guitar
[2010/08/21 23:14:29 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Printer Icons
[2010/08/20 18:35:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/08/20 18:26:42 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Lungi\Application Data\Classical
[2010/08/20 18:26:42 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLeq.DAT
[2010/08/20 18:26:42 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Contents
[2010/08/20 18:25:43 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Lungi\Application Data\Grand Piano
[2010/08/20 18:23:25 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2010/08/19 20:14:56 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/08/19 20:14:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Lungi\Application Data\Channel
[2010/08/19 20:08:33 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/08/19 20:08:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Lungi\Application Data\Calibrators
[2010/04/13 11:31:16 | 000,005,736 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2010/04/13 11:27:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2010/04/13 11:26:50 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2010/04/13 11:26:50 | 000,000,133 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2010/04/09 10:49:56 | 000,088,576 | ---- | C] () -- C:\Documents and Settings\Lungi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 00:51:57 | 000,000,510 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/04/08 00:11:09 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Lungi\Local Settings\Application Data\fusioncache.dat
[2010/04/08 00:09:32 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2010/04/08 00:06:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/04/08 00:06:11 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2010/04/08 00:06:11 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2010/04/08 00:06:11 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/04/08 00:05:49 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\VMC3KAPI.dll
[2010/04/08 00:05:05 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\snp2uvc.sys
[2010/04/08 00:05:05 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/04/08 00:05:05 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\sncduvc.sys
[2010/04/08 00:05:05 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/04/08 00:05:05 | 000,000,169 | ---- | C] () -- C:\WINDOWS\System32\PidList.ini
[2010/04/08 00:04:56 | 000,626,688 | ---- | C] () -- C:\WINDOWS\Image.dll
[2010/04/08 00:04:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\PLFSetI.exe
[2010/04/08 00:04:56 | 000,009,216 | ---- | C] () -- C:\WINDOWS\usbvideo_reg.exe
[2010/04/08 00:04:56 | 000,000,169 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010/04/07 23:48:55 | 000,000,039 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini
[2010/01/27 04:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/16 13:25:02 | 000,121,512 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2008/08/30 02:04:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/08/30 02:03:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/30 01:55:36 | 000,514,150 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/08/30 01:55:36 | 000,098,014 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/08/30 01:50:50 | 003,697,696 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/08/30 01:32:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIOFM4.dll
[2008/08/30 01:32:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN5.dll
[2008/08/30 01:31:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2008/08/30 01:31:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2008/07/03 12:05:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/03 12:03:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/06/27 18:08:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4964.dll
[2008/06/27 17:48:32 | 001,991,464 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2008/06/27 17:48:32 | 000,432,400 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/14 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/01 09:00:28 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/04/01 08:41:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007/01/26 08:32:18 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2007/01/23 14:11:20 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\QFClient2.dll
[2006/03/10 23:18:16 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/14 22:04:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\XMLaunch.exe
[2003/11/25 00:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll
[2003/11/25 00:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll
[2002/11/20 18:51:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2002/09/12 23:41:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/12 23:41:26 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/12/27 01:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/09/04 08:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/31 01:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/24 07:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 1309 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:l5ILdiPNVXxcOxZ7VpIXryo
@Alternate Data Stream - 1248 bytes -> C:\Documents and Settings\Lungi\Cookies:cntaRWH8Q8neFMO4b4
@Alternate Data Stream - 1165 bytes -> C:\Program Files\Common Files\System:g6mOYU7Y1SYGIDzTCd
@Alternate Data Stream - 1152 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:Nz9XeYIOt1hb5mNCYFgAV
@Alternate Data Stream - 1128 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:GiTSzzPtPLUMdtyFC6VkvDi
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

#2
RKinner

Posted 16 September 2011 - 05:58 PM

Malware Expert

Expert
24,625 posts

Copy the text in the code box by highlighting and Ctrl + c


:processes
killallprocesses

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun File not found
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{166165aa-8050-11df-a57f-001e101f165a}\Shell - "" = AutoRun
O33 - MountPoints2\{166165aa-8050-11df-a57f-001e101f165a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{166165aa-8050-11df-a57f-001e101f165a}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL xoAusUf.EXE
O33 - MountPoints2\{25c58435-65f4-11df-a519-001e101fbcad}\Shell\AutoRun\command - "" = G:\Launcher.exe
O33 - MountPoints2\{30bb0d88-c0c3-11df-a66d-001d72f17f18}\Shell\AUtopLay\command - "" = cwmofe.exe
O33 - MountPoints2\{30bb0d88-c0c3-11df-a66d-001d72f17f18}\Shell\AutoRun\command - "" = cwmofe.exe
O33 - MountPoints2\{30bb0d88-c0c3-11df-a66d-001d72f17f18}\Shell\EXploRe\ComMANd - "" = cwmofe.exe
O33 - MountPoints2\{30bb0d88-c0c3-11df-a66d-001d72f17f18}\Shell\OPeN\CoMmaNd - "" = cwmofe.exe
O33 - MountPoints2\{36d14aa2-2554-11e0-a7ae-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{36d14aa2-2554-11e0-a7ae-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{36d14aa2-2554-11e0-a7ae-001d72f17f18}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sIuOn.exe
O33 - MountPoints2\{42ab463e-8a7e-11df-a59f-001d72f17f18}\Shell\AutoRun\command - "" = Recycle\P-1-3-64-8794238531-8742492-9897532\Redem.exe
O33 - MountPoints2\{42ab463e-8a7e-11df-a59f-001d72f17f18}\Shell\open\command - "" = Recycle\P-1-3-64-8794238531-8742492-9897532\Redem.exe
O33 - MountPoints2\{4a2b269a-dc34-11df-a6e0-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{4a2b269a-dc34-11df-a6e0-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4a2b269a-dc34-11df-a6e0-001d72f17f18}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{6408ab9a-4298-11df-a4a3-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{6408ab9a-4298-11df-a4a3-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6408ab9a-4298-11df-a4a3-00216a0a300e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{65b1cca0-f4a0-11df-a724-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{65b1cca0-f4a0-11df-a724-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{65b1cca0-f4a0-11df-a724-00216a0a300e}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{69b41b3c-6909-11df-a52c-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{69b41b3c-6909-11df-a52c-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{69b41b3c-6909-11df-a52c-001d72f17f18}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{925a1cb6-ccb0-11df-a69e-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{925a1cb6-ccb0-11df-a69e-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{925a1cb6-ccb0-11df-a69e-00216a0a300e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a919b216-43ca-11df-a4ad-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{a919b216-43ca-11df-a4ad-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a919b216-43ca-11df-a4ad-00216a0a300e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b45c2b3d-461a-11df-a4b2-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{b45c2b3d-461a-11df-a4b2-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b45c2b3d-461a-11df-a4b2-001d72f17f18}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- [2009/07/23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)
O33 - MountPoints2\{dcc5b712-b9e4-11df-a652-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{dcc5b712-b9e4-11df-a652-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dcc5b712-b9e4-11df-a652-001d72f17f18}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- [2009/07/23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)
O33 - MountPoints2\{e81ef331-713f-11df-a54d-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{e81ef331-713f-11df-a54d-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e81ef331-713f-11df-a54d-001d72f17f18}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL HAIhaEp.eXE
O33 - MountPoints2\{ef65fe62-4d8d-11e0-a839-00216a0a300e}\Shell - "" = AutoRun
O33 - MountPoints2\{ef65fe62-4d8d-11e0-a839-00216a0a300e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ef65fe62-4d8d-11e0-a839-00216a0a300e}\Shell\AutoRun\command - "" = F:\LAUNCHER.exe
O33 - MountPoints2\{ffa73676-0da3-11e0-a769-001d72f17f18}\Shell - "" = AutoRun
O33 - MountPoints2\{ffa73676-0da3-11e0-a769-001d72f17f18}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffa73676-0da3-11e0-a769-001d72f17f18}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
[2011/09/14 09:22:06 | 003,486,088 | ---- | C] (Ask) -- C:\Program Files\Common Files\ApnToolbarInstaller.exe
[2011/09/14 09:22:06 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnStub.exe
[2011/09/14 08:49:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Application Data\Free Download Manager
[2011/09/14 08:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
[2011/09/14 08:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2011/09/14 08:31:26 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
@Alternate Data Stream - 1309 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:l5ILdiPNVXxcOxZ7VpIXryo
@Alternate Data Stream - 1248 bytes -> C:\Documents and Settings\Lungi\Cookies:cntaRWH8Q8neFMO4b4
@Alternate Data Stream - 1165 bytes -> C:\Program Files\Common Files\System:g6mOYU7Y1SYGIDzTCd
@Alternate Data Stream - 1152 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:Nz9XeYIOt1hb5mNCYFgAV
@Alternate Data Stream - 1128 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:GiTSzzPtPLUMdtyFC6VkvDi
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1


:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
c:\Recycle\P-1-3-64-8794238531-8742492-9897532\Redem.exe
C:\cwmofe.exe
C:\HAIhaEp.eXE
C:\sIuOn.exe
C:\windows\cwmofe.exe
C:\windows\HAIhaEp.eXE
C:\windows\sIuOn.exe
C:\windows\system32\cwmofe.exe
C:\windows\system32\HAIhaEp.eXE
C:\windows\system32\sIuOn.exe
C:\Program Files\Free Download Manager

:Commands
[RESETHOSTS]
[purity]
[Reboot]

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Ron

#3
Bhele

Posted 17 September 2011 - 04:11 PM

Member

Topic Starter
Member
23 posts

Dear Ron . Thank you ever sao much for taking your time in asssiting me.
I copied the textbox code you supplied onto OTL (Custom Scans/Fixes box) at the bottom. I clicked RUN FIX. The program run until a message popped-up saying "Cannot create file c:\windows\system32\drivers\etc\hosts". I clicked OK. At that point there was no desktop other than OTL a meassage saying something like running do not interrupt. This run close to 2hours. I then decided to to hit CNTRL+ALT+DEL and I forced the computer to shut down.

I stopped at this point, did not proceed with the rest of the programs that I was supposed to download and execute.
What must I do ? now.

#4
RKinner

Posted 17 September 2011 - 06:44 PM

Malware Expert

Expert
24,625 posts

Just go on with the programs.

Ron

#5
Bhele

Posted 18 September 2011 - 03:23 PM

Member

Topic Starter
Member
23 posts

Dear Ron,
Thank you again for your assistance.

1. OTL

I run (Run Fix) of the OTL after pasting the code. Got the error message “Unable to ……….hosts.” . I could not get a log file after the computer has stopped responding. Nevertheless I proceeded to run the rest of the programs as requested.

2. Malwarebytes' Anti-Malware.

Downloaded Malware and run it . Here is the log :-

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7742

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2011/09/18 05:21:39 PM
mbam-log-2011-09-18 (17-21-39).txt

Scan type: Quick scan
Objects scanned: 213784
Time elapsed: 7 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

3. ComboFix.
Run ComboFix. Here is the log :-

ComboFix 11-09-17.02 - Lungi 2011/09/18 17:38:27.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1961.1032 [GMT 2:00]
Running from: c:\documents and settings\Lungi\Desktop\Checking Malware - 09SEPT2011\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory
c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini
c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory\SL1.tmp.9b34175a.ini
c:\documents and settings\Bhele\Local Settings\Application Data\ApplicationHistory
c:\documents and settings\Bhele\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.40cbe39f.ini
c:\documents and settings\Bhele\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.40cbe39f.ini.inuse
c:\documents and settings\Bhele\Local Settings\Application Data\ApplicationHistory\Framework.Launcher.exe.839fd0b0.ini
c:\documents and settings\Bhele\Local Settings\Application Data\ApplicationHistory\Framework.Launcher.exe.839fd0b0.ini.inuse
c:\documents and settings\Bhele\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini
c:\documents and settings\Bhele\Local Settings\Application Data\ApplicationHistory\SL1.tmp.9b34175a.ini
c:\documents and settings\KTS\Local Settings\Application Data\ApplicationHistory
c:\documents and settings\KTS\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.40cbe39f.ini.inuse
c:\documents and settings\KTS\Local Settings\Application Data\ApplicationHistory\Framework.Launcher.exe.839fd0b0.ini.inuse
c:\documents and settings\KTS\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini
c:\documents and settings\KTS\Local Settings\Application Data\ApplicationHistory\SL1.tmp.9b34175a.ini
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\AcerStore.exe.2f205918.ini
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.40cbe39f.ini
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.40cbe39f.ini.inuse
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\Framework.Launcher.exe.839fd0b0.ini
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\Framework.Launcher.exe.839fd0b0.ini.inuse
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\SL1.tmp.9b34175a.ini
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\WMIAcerCheck.exe.68f817e6.ini
c:\documents and settings\Lungi\Local Settings\Application Data\ApplicationHistory\WMIAcerChecker.exe.5ed31efa.ini
c:\program files\Acer\Acer Bio Protection\PwdFilter.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-08-18 to 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 15:05 . 2011-09-18 15:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-18 15:05 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-17 21:11 . 2011-09-17 21:11 -------- d-----w- C:\_OTM
2011-09-17 19:47 . 2011-09-17 19:47 -------- d-----w- C:\_OTL
2011-09-14 07:22 . 2011-09-14 07:22 -------- d-----w- c:\program files\WinPcap
2011-09-14 07:22 . 2011-09-14 07:22 -------- d-----w- c:\documents and settings\Lungi\Local Settings\Application Data\OpenCandy
2011-09-14 07:22 . 2011-09-14 07:22 -------- d-----w- c:\documents and settings\Lungi\Application Data\OpenCandy
2011-09-12 20:01 . 2011-09-12 20:35 -------- d-----w- c:\documents and settings\Lungi\Application Data\Nitro PDF
2011-09-12 20:00 . 2011-03-21 09:15 17728 ----a-w- c:\windows\system32\nitrolocalui.dll
2011-09-12 20:00 . 2011-03-21 09:15 26432 ----a-w- c:\windows\system32\nitrolocalmon.dll
2011-09-12 19:59 . 2011-09-12 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Nitro PDF
2011-09-09 16:15 . 2011-09-09 16:15 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ant.com
2011-09-09 16:12 . 2011-09-09 16:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Ant.com
2011-09-09 16:12 . 2011-09-11 21:26 -------- d-----w- c:\documents and settings\Lungi\Local Settings\Application Data\ant.com
2011-09-03 16:33 . 2008-04-14 04:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-09-03 16:32 . 2011-09-15 12:00 -------- d-----w- c:\documents and settings\KTS
2011-08-31 11:44 . 2011-08-31 11:44 -------- d-----w- C:\Watermark-Image
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2008-04-14 04:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2008-04-14 04:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-04-14 04:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2008-04-14 04:00 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2008-04-23 04:16 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2008-04-23 04:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 18:36 . 2007-08-14 01:44 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 12:05 . 2008-04-14 04:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2008-04-14 04:00 293376 ----a-w- c:\windows\system32\winsrv.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2009-05-26 651264]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-04-13 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"preload"="c:\windows\RUNXMLPL.exe" [2007-04-21 20480]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-01 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-01 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-01 141848]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1032192]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-26 28672]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-15 30192]
"picon"="c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" [2008-06-03 367128]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2008-05-13 81920]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2008-05-13 57344]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2008-05-08 677144]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2010-04-07 3724800]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-20 16872448]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-18 53248]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-07-08 466944]
"Boot"="c:\program files\Acer\Empowering Technology\ePower\Boot.exe" [2007-12-25 579584]
"eRecoveryService"="c:\program files\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2008-07-10 421888]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-06-09 870920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2011-01-10 352976]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-07-03 2328576]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
c:\documents and settings\Lungi\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acer Empowering Technology.lnk - c:\program files\Acer\Empowering Technology\Framework.Launcher.exe [2010-4-8 45056]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2010-04-07 22:05 3167744 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24779:TCP"= 24779:TCP:BitComet 24779 TCP
"24779:UDP"= 24779:UDP:BitComet 24779 UDP
.
R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\drivers\AlfaFF.sys [2010/04/08 12:05 AM 42608]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010/06/09 05:43 PM 11352]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2008/05/08 11:41 AM 38816]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008/03/03 10:11 PM 16384]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011/09/18 05:05 PM 366152]
R2 NkPtpEnumWT3;NkPtpEnumWT3;c:\program files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe [2008/01/18 06:02 PM 69632]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011/03/21 11:17 AM 68928]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010/01/27 04:09 AM 50704]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008/04/26 06:36 AM 45056]
R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010/04/08 12:00 AM 2058776]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009/07/03 11:40 AM 9216]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008/03/27 05:42 AM 244368]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008/05/08 11:42 AM 41216]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2009/09/14 01:42 PM 32856]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011/09/18 05:05 PM 22216]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2010/04/07 11:59 PM 51288]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2010/04/07 11:59 PM 43608]
R3 VBus;Virtual Bus;c:\windows\system32\drivers\NkVBus.sys [2008/01/18 06:02 PM 17824]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010/04/08 03:29 PM 135664]
S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2010/04/08 12:05 AM 3566080]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008/04/26 06:36 AM 131072]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010/04/08 12:54 AM 113280]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010/04/07 11:58 PM 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010/04/08 03:29 PM 135664]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2010/04/07 11:20 AM 102656]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009/10/02 06:39 PM 19472]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010/05/23 12:48 AM 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010/05/23 12:48 AM 8320]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010/02/19 01:37 PM 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-30 c:\windows\Tasks\AdobeAAMUpdater-1.0-LUNGI-2010-Lungi.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-04-13 01:44]
.
2011-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-08 13:29]
.
2011-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-08 13:29]
.
2011-09-18 c:\windows\Tasks\User_Feed_Synchronization-{D0556035-AE1F-4B71-8D60-B92C258E4901}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.za/
IE: &Convert with ImageConverter Plus... - c:\program files\ImageConverter Plus\icpwebintegration.exe/200
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 196.207.32.83 196.207.32.69
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-Free Download Manager_is1 - c:\program files\Free Download Manager\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-18 17:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3399821252-3749218566-4148857419-1008\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e1,d5,b7,21,9f,fd,47,de,ba,2c,c7,6e,89,e4,cb,85,db,40,de,78,ac,54,83,
92,4c,e7,fa,2e,07,dc,39,e9,95,03,42,b9,a4,9b,b9,85,59,c2,5e,80,43,f1,7b,fb,\
"??"=hex:53,82,8d,d3,3c,01,a3,1c,03,0c,a5,ee,45,5a,bd,da
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1228)
c:\program files\Acer\Acer Bio Protection\WinNotify.dll
c:\program files\Acer\Acer Bio Protection\CustomRes.dll
c:\program files\Common Files\SPBA\vtapip.dll
c:\program files\Common Files\SPBA\infql2.dll
c:\windows\system32\bsapi.dll
c:\program files\Common Files\SPBA\homefus2.dll
c:\program files\Common Files\SPBA\homepass.dll
c:\program files\Common Files\SPBA\bio.dll
c:\program files\Common Files\SPBA\qlbase.dll
.
- - - - - - - > 'explorer.exe'(4956)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\program files\Acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\windows\system32\IFXTCS.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Intel\AMT\LMS.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\windows\system32\IfxPsdSv.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\program files\Infineon\Security Platform Software\PSDrt.exe
c:\program files\Infineon\Security Platform Software\SpTna.exe
c:\docume~1\Lungi\LOCALS~1\Temp\RtkBtMnt.exe
c:\windows\system32\igfxext.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclIrSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Completion time: 2011-09-18 17:58:56 - machine was rebooted
ComboFix-quarantined-files.txt 2011-09-18 15:58
.
Pre-Run: 44,847,312,896 bytes free
Post-Run: 44,661,616,640 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - F17E9E52F1155019F79A6A0650341B24

4. TDSSKiller

Run TDSSKiller . Here is the log :-

2011/09/18 22:37:51.0781 1516 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/18 22:37:51.0859 1516 ================================================================================
2011/09/18 22:37:51.0859 1516 SystemInfo:
2011/09/18 22:37:51.0859 1516
2011/09/18 22:37:51.0859 1516 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/18 22:37:51.0859 1516 Product type: Workstation
2011/09/18 22:37:51.0859 1516 ComputerName: LUNGI-2010
2011/09/18 22:37:51.0859 1516 UserName: Lungi
2011/09/18 22:37:51.0859 1516 Windows directory: C:\WINDOWS
2011/09/18 22:37:51.0859 1516 System windows directory: C:\WINDOWS
2011/09/18 22:37:51.0859 1516 Processor architecture: Intel x86
2011/09/18 22:37:51.0859 1516 Number of processors: 2
2011/09/18 22:37:51.0859 1516 Page size: 0x1000
2011/09/18 22:37:51.0859 1516 Boot type: Normal boot
2011/09/18 22:37:51.0859 1516 ================================================================================
2011/09/18 22:37:52.0265 1516 Initialize success
2011/09/18 22:38:01.0453 3176 ================================================================================
2011/09/18 22:38:01.0453 3176 Scan started
2011/09/18 22:38:01.0453 3176 Mode: Manual;
2011/09/18 22:38:01.0453 3176 ================================================================================
2011/09/18 22:38:03.0015 3176 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/09/18 22:38:03.0031 3176 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/18 22:38:03.0046 3176 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/09/18 22:38:03.0062 3176 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/09/18 22:38:03.0109 3176 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/18 22:38:03.0156 3176 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/18 22:38:03.0171 3176 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/09/18 22:38:03.0187 3176 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/09/18 22:38:03.0203 3176 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/09/18 22:38:03.0218 3176 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/09/18 22:38:03.0234 3176 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/09/18 22:38:03.0281 3176 AlfaFF (4490b8bdf38750458eb9b24835fda8fe) C:\WINDOWS\system32\Drivers\AlfaFF.sys
2011/09/18 22:38:03.0312 3176 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/09/18 22:38:03.0328 3176 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/09/18 22:38:03.0343 3176 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/09/18 22:38:03.0359 3176 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/09/18 22:38:03.0390 3176 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/18 22:38:03.0390 3176 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/09/18 22:38:03.0406 3176 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/09/18 22:38:03.0421 3176 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/09/18 22:38:03.0468 3176 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/18 22:38:03.0484 3176 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/18 22:38:03.0515 3176 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/18 22:38:03.0562 3176 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/18 22:38:03.0640 3176 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/18 22:38:03.0750 3176 btaudio (ecdc40cc54603c711e1a7a1c9255184a) C:\WINDOWS\system32\drivers\btaudio.sys
2011/09/18 22:38:03.0765 3176 BTDriver (58a49bd10e08d3d4333a60dedcb1ced8) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/09/18 22:38:03.0812 3176 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/09/18 22:38:03.0875 3176 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/09/18 22:38:03.0906 3176 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/09/18 22:38:03.0968 3176 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/09/18 22:38:04.0062 3176 BTKRNL (885b6d0f826a216eee4c3ad883809012) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/09/18 22:38:04.0109 3176 BTWDNDIS (b1d350f3f13cf340fce93912d2ba1ebf) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/09/18 22:38:04.0140 3176 btwhid (e48668b4a6a5cf68b33aecad18ee8e1e) C:\WINDOWS\system32\DRIVERS\btwhid.sys
2011/09/18 22:38:04.0171 3176 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/09/18 22:38:04.0234 3176 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/09/18 22:38:04.0250 3176 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/18 22:38:04.0281 3176 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/18 22:38:04.0328 3176 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/09/18 22:38:04.0375 3176 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/18 22:38:04.0390 3176 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/18 22:38:04.0421 3176 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/18 22:38:04.0453 3176 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/09/18 22:38:04.0468 3176 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/09/18 22:38:04.0484 3176 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/09/18 22:38:04.0531 3176 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/09/18 22:38:04.0546 3176 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/09/18 22:38:04.0562 3176 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/09/18 22:38:04.0578 3176 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/18 22:38:04.0609 3176 DKbFltr (060db81dfb79c8244eb65d10b6c7873f) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
2011/09/18 22:38:04.0656 3176 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/18 22:38:04.0718 3176 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/18 22:38:04.0734 3176 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/18 22:38:04.0796 3176 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/18 22:38:04.0875 3176 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
2011/09/18 22:38:04.0937 3176 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
2011/09/18 22:38:04.0968 3176 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
2011/09/18 22:38:04.0984 3176 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
2011/09/18 22:38:05.0000 3176 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/09/18 22:38:05.0046 3176 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/18 22:38:05.0062 3176 e1yexpress (96967facc0307093b9098f817a4409e6) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
2011/09/18 22:38:05.0187 3176 ewusbnet (6295a7a4cb6a85a2d9cecb69c67511bb) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
2011/09/18 22:38:05.0234 3176 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/18 22:38:05.0265 3176 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/18 22:38:05.0328 3176 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/18 22:38:05.0359 3176 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/18 22:38:05.0375 3176 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/09/18 22:38:05.0390 3176 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/18 22:38:05.0406 3176 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/18 22:38:05.0421 3176 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/18 22:38:05.0453 3176 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/18 22:38:05.0484 3176 HECI (2df64415a28ce036ac6acec7645a996f) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/09/18 22:38:05.0515 3176 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/18 22:38:05.0531 3176 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/09/18 22:38:05.0593 3176 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/09/18 22:38:05.0609 3176 HSFHWAZL (6a5c4732d6803f84e2987edd8e4359ce) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/09/18 22:38:05.0687 3176 HSF_DPV (21c31273c6cc4826e74be8ae3b09d4a8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/09/18 22:38:05.0796 3176 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/18 22:38:05.0859 3176 hwdatacard (20330198554b7ddb44403af21d6ae179) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/09/18 22:38:05.0890 3176 hwusbfake (83026e41d9960430491432dbd6af969a) C:\WINDOWS\system32\DRIVERS\ewusbfake.sys
2011/09/18 22:38:05.0937 3176 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/09/18 22:38:06.0015 3176 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/09/18 22:38:06.0062 3176 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/18 22:38:06.0234 3176 ialm (00cd8ece5983c6175a78230653ffdbf1) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/09/18 22:38:06.0453 3176 iaStor (80c633722da72e97f3f5b3b11325696d) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/09/18 22:38:06.0515 3176 IFXTPM (667cfdb801df771f47b7c39373c2d850) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
2011/09/18 22:38:06.0546 3176 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/18 22:38:06.0562 3176 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/09/18 22:38:06.0625 3176 Int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\WINDOWS\System32\drivers\int15.sys
2011/09/18 22:38:06.0781 3176 IntcAzAudAddService (06ae6fa81e2ab6c4df6ed1b2e7e95b4d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/09/18 22:38:06.0984 3176 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/09/18 22:38:07.0031 3176 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/18 22:38:07.0062 3176 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/09/18 22:38:07.0078 3176 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/18 22:38:07.0109 3176 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/18 22:38:07.0140 3176 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/18 22:38:07.0171 3176 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/18 22:38:07.0187 3176 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/09/18 22:38:07.0218 3176 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/18 22:38:07.0234 3176 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/18 22:38:07.0250 3176 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/18 22:38:07.0281 3176 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/18 22:38:07.0312 3176 kl1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\DRIVERS\kl1.sys
2011/09/18 22:38:07.0406 3176 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
2011/09/18 22:38:07.0453 3176 KLIF (395a295fd9ea657b4a3621e402cc56c5) C:\WINDOWS\system32\DRIVERS\klif.sys
2011/09/18 22:38:07.0500 3176 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
2011/09/18 22:38:07.0531 3176 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
2011/09/18 22:38:07.0578 3176 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/18 22:38:07.0640 3176 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/18 22:38:07.0718 3176 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
2011/09/18 22:38:07.0750 3176 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/09/18 22:38:07.0812 3176 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/18 22:38:07.0921 3176 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/18 22:38:07.0953 3176 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/18 22:38:08.0000 3176 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/18 22:38:08.0031 3176 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/18 22:38:08.0046 3176 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/09/18 22:38:08.0062 3176 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/18 22:38:08.0125 3176 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/18 22:38:08.0156 3176 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/18 22:38:08.0187 3176 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/18 22:38:08.0203 3176 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/18 22:38:08.0234 3176 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/18 22:38:08.0265 3176 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/18 22:38:08.0375 3176 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/18 22:38:08.0406 3176 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/18 22:38:08.0421 3176 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/18 22:38:08.0468 3176 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/18 22:38:08.0500 3176 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/18 22:38:08.0546 3176 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/18 22:38:08.0562 3176 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/18 22:38:08.0578 3176 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/18 22:38:08.0625 3176 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/18 22:38:08.0656 3176 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/18 22:38:08.0703 3176 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/18 22:38:08.0828 3176 NETw5x32 (0888844230083ce3b47395102bca8207) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
2011/09/18 22:38:09.0031 3176 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/09/18 22:38:09.0078 3176 nmwcd (357ddb51e03cae598c096d95497373d0) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/09/18 22:38:09.0109 3176 nmwcdc (7cd443f9d36c80e152fadb274089577a) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/09/18 22:38:09.0156 3176 nmwcdnsu (02120406f27f5895dfce4c640e6ee237) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011/09/18 22:38:09.0187 3176 nmwcdnsuc (9c5de8b7cf5680307bbdf512c9258ecc) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011/09/18 22:38:09.0218 3176 npf (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
2011/09/18 22:38:09.0250 3176 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/18 22:38:09.0265 3176 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
2011/09/18 22:38:09.0296 3176 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/18 22:38:09.0437 3176 NTIDrvr (5535174933a08bb8f1cee26dffb930e4) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
2011/09/18 22:38:09.0468 3176 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/18 22:38:09.0484 3176 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/18 22:38:09.0500 3176 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/18 22:38:09.0546 3176 O2MDRDR (f1072a203fb1e246be62d736a5b88dfd) C:\WINDOWS\system32\DRIVERS\o2media.sys
2011/09/18 22:38:09.0578 3176 O2SCBUS (439ad52d13600ea69f4a4409b2968a51) C:\WINDOWS\system32\DRIVERS\ozscr.sys
2011/09/18 22:38:09.0625 3176 O2SDRDR (5472c48f44b49f07b16b421899e550f8) C:\WINDOWS\system32\DRIVERS\o2sd.sys
2011/09/18 22:38:09.0640 3176 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/18 22:38:09.0671 3176 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/18 22:38:09.0687 3176 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/18 22:38:09.0718 3176 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/18 22:38:09.0750 3176 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/09/18 22:38:09.0765 3176 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/18 22:38:09.0796 3176 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/18 22:38:09.0812 3176 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/09/18 22:38:09.0890 3176 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/09/18 22:38:09.0906 3176 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/09/18 22:38:09.0953 3176 PersonalSecureDrive (f21b077b1fba7aa331fa1087078d92e8) C:\WINDOWS\System32\drivers\psd.sys
2011/09/18 22:38:10.0015 3176 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/18 22:38:10.0125 3176 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/18 22:38:10.0140 3176 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/18 22:38:10.0187 3176 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/09/18 22:38:10.0203 3176 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/09/18 22:38:10.0218 3176 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/09/18 22:38:10.0234 3176 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/09/18 22:38:10.0250 3176 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/09/18 22:38:10.0265 3176 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/18 22:38:10.0296 3176 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/09/18 22:38:10.0312 3176 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/18 22:38:10.0328 3176 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/18 22:38:10.0343 3176 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/18 22:38:10.0375 3176 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/18 22:38:10.0390 3176 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/18 22:38:10.0421 3176 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/18 22:38:10.0468 3176 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/18 22:38:10.0484 3176 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/18 22:38:10.0515 3176 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/09/18 22:38:10.0578 3176 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/09/18 22:38:10.0593 3176 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/18 22:38:10.0640 3176 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/18 22:38:10.0687 3176 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/18 22:38:10.0843 3176 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/18 22:38:10.0890 3176 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/09/18 22:38:10.0921 3176 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/18 22:38:11.0000 3176 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
2011/09/18 22:38:11.0046 3176 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/09/18 22:38:11.0078 3176 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/18 22:38:11.0250 3176 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/18 22:38:11.0281 3176 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/18 22:38:11.0328 3176 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
2011/09/18 22:38:11.0359 3176 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/18 22:38:11.0359 3176 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/18 22:38:11.0406 3176 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/18 22:38:11.0421 3176 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/09/18 22:38:11.0437 3176 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/09/18 22:38:11.0453 3176 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/09/18 22:38:11.0468 3176 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/09/18 22:38:11.0484 3176 SynTP (0389b6b5ba4bd0ddf9e1744b6adc8c97) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/09/18 22:38:11.0515 3176 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/18 22:38:11.0546 3176 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/18 22:38:11.0703 3176 TcUsb (72b9e77565da5fa564581976e000d29b) C:\WINDOWS\system32\Drivers\tcusb.sys
2011/09/18 22:38:11.0734 3176 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/18 22:38:11.0765 3176 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/18 22:38:11.0796 3176 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/18 22:38:11.0859 3176 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/09/18 22:38:11.0875 3176 UBHelper (5e3966a0d9b57531264fc0c835021fa1) C:\WINDOWS\system32\drivers\UBHelper.sys
2011/09/18 22:38:11.0906 3176 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/18 22:38:11.0937 3176 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/09/18 22:38:12.0000 3176 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/18 22:38:12.0125 3176 upperdev (15629e4d65f97ab5432d6d9597cf6a33) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/09/18 22:38:12.0171 3176 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/18 22:38:12.0203 3176 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/18 22:38:12.0218 3176 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/18 22:38:12.0265 3176 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/18 22:38:12.0296 3176 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/18 22:38:12.0312 3176 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/09/18 22:38:12.0343 3176 UsbserFilt (5c17e6a11aa8be53f79fd364ba19f0ce) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/09/18 22:38:12.0375 3176 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/18 22:38:12.0406 3176 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/18 22:38:12.0531 3176 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/09/18 22:38:12.0578 3176 VBus (20a35000a934f68a300eba57d1b60554) C:\WINDOWS\system32\DRIVERS\NkVBus.sys
2011/09/18 22:38:12.0593 3176 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/18 22:38:12.0625 3176 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/09/18 22:38:12.0640 3176 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/09/18 22:38:12.0656 3176 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/18 22:38:12.0687 3176 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/18 22:38:12.0734 3176 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/09/18 22:38:12.0781 3176 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/18 22:38:12.0875 3176 winachsf (307d248f97835b6879bdd361086924fe) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/09/18 22:38:13.0046 3176 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/09/18 22:38:13.0109 3176 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/18 22:38:13.0171 3176 MBR (0x1B8) (6fc6f9186c07bca94e140f63bfe6e9b4) \Device\Harddisk0\DR0
2011/09/18 22:38:13.0796 3176 Boot (0x1200) (1001af7645975d1b668f5da2d70e089a) \Device\Harddisk0\DR0\Partition0
2011/09/18 22:38:13.0812 3176 Boot (0x1200) (4ae2a82c5aec5eb7f4d68a8aba1e2629) \Device\Harddisk0\DR0\Partition1
2011/09/18 22:38:13.0812 3176 ================================================================================
2011/09/18 22:38:13.0812 3176 Scan finished
2011/09/18 22:38:13.0812 3176 ================================================================================
2011/09/18 22:38:13.0828 5180 Detected object count: 0
2011/09/18 22:38:13.0828 5180 Actual detected object count: 0

5. aswMBR.exe

Run aswMBR . During the run . The FIX button was not enabled. In other words is was grayed and not usable.

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-18 22:41:15
-----------------------------
22:41:15.937 OS Version: Windows 5.1.2600 Service Pack 3
22:41:15.937 Number of processors: 2 586 0x1706
22:41:15.937 ComputerName: LUNGI-2010 UserName: Lungi
22:41:18.468 Initialize success
22:49:15.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:49:15.437 Disk 0 Vendor: Hitachi_ FCDO Size: 238475MB BusType: 3
22:49:15.468 Disk 0 MBR read successfully
22:49:15.468 Disk 0 MBR scan
22:49:15.468 Disk 0 unknown MBR code
22:49:15.484 Disk 0 scanning sectors +488394752
22:49:15.562 Disk 0 scanning C:\WINDOWS\system32\drivers
22:49:21.703 Service scanning
22:49:22.437 Service kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 5
22:49:22.453 Service kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys **LOCKED** 5
22:49:22.453 Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5
22:49:22.468 Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5
22:49:23.093 Modules scanning
22:49:40.890 Scan finished successfully
22:51:45.828 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lungi\Desktop\Checking Malware - 09SEPT2011\MBR.dat"
22:51:45.843 The log file has been saved successfully to "C:\Documents and Settings\Lungi\Desktop\Checking Malware - 09SEPT2011\log aswMBR.txt"

Thank you again.

Bhele.
.

#6
RKinner

Posted 18 September 2011 - 06:15 PM

Malware Expert

Expert
24,625 posts

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.

Start, Run, sfc /scannow, OK

SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.

Start, Run, sigverif, OK

Press Start. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Ron

PS. I will be on a trip this week starting Monday. Get back Thursday or Friday. Not sure when I will have Internet Access so replies may be delayed.

#7
Bhele

Posted 20 September 2011 - 02:57 AM

Member

Topic Starter
Member
23 posts

Dear Ron !
Firstly let me thank you for your much appreciated assistance.
Secondly wishing you well in your travels. Here are my logs:-
1. Run OTL . Here is the 2 log :=
OTL logfile created on: 2011/09/19 06:06:33 AM - Run 2
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Lungi\Desktop\Checking Malware 20SEPT2011
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001C09 | Country: South Africa | Language: ENS | Date Format: yyyy/MM/dd

1.91 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 55.89% Memory free
3.76 Gb Paging File | 2.64 Gb Available in Paging File | 70.26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.57 Gb Total Space | 41.52 Gb Free Space | 37.22% Space Free | Partition Type: NTFS
Drive D: | 111.55 Gb Total Space | 110.65 Gb Free Space | 99.19% Space Free | Partition Type: NTFS
Drive E: | 702.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.45 Gb Total Space | 6.50 Gb Free Space | 87.21% Space Free | Partition Type: FAT32
Drive G: | 35.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LUNGI-2010 | User Name: Lungi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/19 05:46:23 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\KTS\Local Settings\temp\RtkBtMnt.exe
PRC - [2011/09/18 17:50:49 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Lungi\Local Settings\Temp\RtkBtMnt.exe
PRC - [2011/09/16 09:18:52 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lungi\Desktop\Checking Malware 20SEPT2011\OTL.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2011/01/10 16:24:44 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010/04/08 00:05:26 | 003,724,800 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
PRC - [2010/03/06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2009/11/11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/10/27 09:13:44 | 000,090,112 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
PRC - [2009/07/03 11:40:40 | 002,328,576 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2009/07/03 11:40:30 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009/05/26 13:21:52 | 000,651,264 | ---- | M] (Nokia) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/08/07 15:29:58 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
PRC - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\WINDOWS\PLFSetI.exe
PRC - [2008/07/08 18:18:40 | 000,466,944 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008/06/10 00:36:16 | 000,870,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/06/03 03:38:36 | 002,058,776 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2008/06/03 03:38:34 | 000,367,128 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
PRC - [2008/06/03 03:38:30 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\LMS.exe
PRC - [2008/05/08 11:41:00 | 000,140,568 | ---- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\IfxPsdSv.exe
PRC - [2008/05/08 11:40:00 | 000,660,760 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\SpTNA.exe
PRC - [2008/05/08 11:40:00 | 000,185,624 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/18 18:02:08 | 000,069,632 | ---- | M] (Nikon Corporation) -- C:\Program Files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe
PRC - [2007/04/01 09:02:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
PRC - [2007/02/13 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

========== Modules (No Company Name) ==========

MOD - [2011/08/10 09:10:26 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
MOD - [2011/08/10 09:10:09 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/08/10 09:09:52 | 000,679,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
MOD - [2011/08/10 09:09:49 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/08/10 09:07:24 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/10 09:07:19 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011/08/10 09:07:08 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011/08/10 09:04:49 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/06/19 04:42:40 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2010/10/06 14:36:04 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_f93b1dc1\mscorlib.dll
MOD - [2010/10/06 10:06:28 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_705de7a0\system.drawing.dll
MOD - [2010/10/06 10:06:24 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_19126cb3\system.xml.dll
MOD - [2010/10/06 10:06:21 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_233740a0\system.windows.forms.dll
MOD - [2010/10/06 10:06:17 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_669d4af5\system.dll
MOD - [2010/10/06 10:06:12 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010/07/01 21:35:34 | 000,023,224 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avspm.ppl
MOD - [2010/07/01 21:34:54 | 002,086,584 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avzkrnl.dll
MOD - [2010/06/15 14:40:18 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/04/16 17:49:04 | 000,756,040 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2009/04/16 16:31:16 | 004,210,688 | ---- | M] () -- C:\Program Files\Nokia\PC Internet Access\GraphicsResources.ngr
MOD - [2008/11/12 10:18:00 | 000,011,776 | ---- | M] () -- C:\Program Files\Nokia\PC Internet Access\TextResources_eng-us.nlr
MOD - [2008/08/30 01:21:48 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2008/08/30 01:21:48 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2008/08/30 01:21:48 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2008/08/30 01:21:48 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2008/08/12 10:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\WINDOWS\PLFSetI.exe
MOD - [2008/07/29 13:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2008/07/29 13:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2008/07/29 13:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2008/07/29 13:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2008/07/29 12:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2008/07/08 18:18:40 | 000,466,944 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
MOD - [2008/04/28 18:49:18 | 000,002,560 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
MOD - [2008/04/14 06:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/09/28 14:12:36 | 000,003,072 | ---- | M] () -- C:\Program Files\CyberLink\PowerDVD\Language\CLMUI\en-US\PDVDEnvRes.dll
MOD - [2007/06/25 04:09:00 | 001,024,000 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
MOD - [2007/06/25 04:09:00 | 000,098,304 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
MOD - [2007/06/25 04:09:00 | 000,061,440 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
MOD - [2007/04/01 09:00:28 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007/04/01 08:57:16 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2005/10/20 17:20:24 | 000,208,896 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\DialogDLL.dll
MOD - [2005/10/11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2003/06/07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011/01/10 16:24:44 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/04/08 00:05:33 | 003,566,080 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/07/03 11:40:30 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/06/03 03:38:36 | 002,058,776 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) Intel®
SRV - [2008/06/03 03:38:30 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel®
SRV - [2008/05/08 11:41:00 | 000,140,568 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\WINDOWS\system32\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2008/01/18 18:02:08 | 000,069,632 | ---- | M] (Nikon Corporation) [Auto | Running] -- C:\Program Files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe -- (NkPtpEnumWT3)
SRV - [2007/02/13 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/01/10 16:24:44 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (kl1)
DRV - [2010/05/07 12:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010/04/08 00:05:29 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/11/04 17:59:38 | 000,113,280 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/11/04 17:59:38 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/11/02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/10/06 11:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/10/06 11:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/10/06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/06/29 18:00:50 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/06/21 01:58:08 | 004,741,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/12 18:30:12 | 000,043,608 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008/06/12 18:23:12 | 000,101,848 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (O2SCBUS)
DRV - [2008/05/13 21:49:12 | 000,051,288 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/05/08 11:42:00 | 000,041,216 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2008/05/08 11:41:00 | 000,038,816 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2008/04/28 15:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2008/03/27 05:42:00 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel®
DRV - [2008/03/26 23:12:56 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2008/01/18 18:02:14 | 000,017,824 | ---- | M] (Nikon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NkVBus.sys -- (VBus)
DRV - [2007/10/01 14:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/03/31 22:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/03/31 22:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007/03/23 19:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/03/23 19:50:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/03/23 19:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/03/23 19:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007/01/26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (Int15)
DRV - [2006/12/22 20:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/12/22 20:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/12/22 20:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.za/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-za
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E B1 22 9D D1 CC CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b3d95960-fb6d-4603-b3e7-1d2b7281b0b3}: C:\Program Files\ImageConverter Plus\Firefox Extension

O1 HOSTS File: ([2011/09/18 17:49:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll File not found
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEButton Class) - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Boot] C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [NokiaPCInternetAccess] C:\Program Files\Nokia\PC Internet Access\NPCIA.exe (Nokia)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk = C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Convert with ImageConverter Plus... - res://C:\Program Files\ImageConverter Plus\icpwebintegration.exe/200 File not found
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www1.gotomee...ets/g2mdlax.cab (GoToMeeting Web Starter)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) -C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/03 12:05:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/08/03 15:43:46 | 000,000,119 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/19 05:40:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Checking Malware 20SEPT2011
[2011/09/18 23:31:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/09/18 17:50:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Local Settings\Application Data\ApplicationHistory
[2011/09/18 17:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Start Menu\Programs\CyberLink PowerDVD
[2011/09/18 17:37:01 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/09/18 17:27:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/09/18 17:27:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/09/18 17:27:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/09/18 17:27:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/09/18 17:27:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/18 17:27:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/18 17:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/18 17:05:42 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/18 17:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/18 13:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\docs to Vusi and Mndeni
[2011/09/18 07:49:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\DCIM
[2011/09/17 23:11:38 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/09/17 22:58:28 | 000,360,448 | ---- | C] (funkytoad.com) -- C:\Documents and Settings\Lungi\Desktop\HostsXpert.exe
[2011/09/17 21:47:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/16 14:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Vetting
[2011/09/16 09:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Checking Malware - 09SEPT2011
[2011/09/14 10:26:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\DOLLY
[2011/09/14 10:24:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Phiri and Family
[2011/09/14 10:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\SIBANDA Baptismal
[2011/09/14 10:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Medingoane
[2011/09/14 10:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Khosi Car
[2011/09/14 09:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\New Folder
[2011/09/14 09:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011/09/14 09:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Local Settings\Application Data\OpenCandy
[2011/09/14 09:22:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Application Data\OpenCandy
[2011/09/13 08:40:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\2011 - PHOTO & FILM Expo
[2011/09/12 22:01:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Application Data\Nitro PDF
[2011/09/12 22:00:14 | 000,017,728 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalui.dll
[2011/09/12 22:00:13 | 000,026,432 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalmon.dll
[2011/09/12 21:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2011/09/12 10:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Fixing Fallen Wall
[2011/09/12 10:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Wall working
[2011/09/12 09:57:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Photos 12SEPT2011
[2011/09/11 19:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\KTS Docs with Lungi Mods at 11SEPT2011
[2011/09/09 18:15:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ant.com
[2011/09/09 18:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ant.com
[2011/09/09 18:12:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Local Settings\Application Data\ant.com
[2011/09/05 11:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Watermarked
[2011/08/31 13:44:27 | 000,000,000 | ---D | C] -- C:\Watermark-Image
[2011/08/29 06:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Gov Circulars
[2011/08/26 10:05:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Gov Tenders
[2011/08/24 09:11:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lungi\Desktop\Tifs
[2010/04/08 00:08:40 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2010/04/08 00:07:26 | 000,024,576 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2010/04/08 00:05:05 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010/04/08 00:05:05 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/04/07 23:49:56 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/09/19 06:04:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/19 05:47:51 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Connect.lnk
[2011/09/19 05:46:01 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/19 02:00:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-LUNGI-2010-Lungi.job
[2011/09/18 23:36:30 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D0556035-AE1F-4B71-8D60-B92C258E4901}.job
[2011/09/18 17:49:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/09/18 17:49:07 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/18 17:48:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/18 17:48:49 | 2056,007,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/18 17:47:38 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2011/09/18 17:37:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/09/18 17:05:46 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/16 08:20:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/14 15:54:19 | 000,002,511 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone SMS.lnk
[2011/09/14 08:31:30 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Free Download Manager.lnk
[2011/09/12 23:06:04 | 000,001,024 | RH-- | M] () -- C:\WINDOWS\System32\NTIMP3.dll
[2011/09/12 22:34:00 | 000,147,483 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Defence Intelligence Proposal_004.png
[2011/09/12 21:32:00 | 002,049,486 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Defence Intelligence Proposal.pdf
[2011/09/12 21:08:10 | 000,115,369 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/09/12 21:08:10 | 000,097,961 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/09/12 16:20:57 | 001,962,686 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\KTS logo.bmp
[2011/09/09 11:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/08 13:38:34 | 001,431,991 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Here is the Love Camp Form 2011.pdf
[2011/09/06 11:55:37 | 000,006,609 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU.rtf
[2011/09/06 11:48:38 | 005,291,524 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU Converted.rtf
[2011/09/06 11:42:33 | 000,352,348 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU.pdf
[2011/09/06 09:54:39 | 000,217,535 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8366.JPG
[2011/09/06 00:30:14 | 000,047,753 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Mail Welcome to Horde.mht
[2011/09/05 11:38:15 | 005,967,914 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr) - b and clnd.jpg
[2011/09/05 11:33:07 | 002,772,933 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr) - brightened.jpg
[2011/09/05 11:31:32 | 003,209,282 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr).JPG
[2011/09/01 13:46:03 | 002,219,573 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\PI_ZA_PROSPECTUS_2011.pdf
[2011/09/01 12:02:41 | 000,881,524 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8178.jpg
[2011/09/01 11:55:49 | 000,593,742 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8173.jpg
[2011/09/01 11:17:43 | 000,698,414 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Gautrain-fares.pdf
[2011/08/31 17:57:38 | 002,718,220 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8165.jpg
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/30 20:23:55 | 003,160,368 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\_DSC7660-testing.JPG
[2011/08/30 12:29:07 | 001,434,041 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\FROM Lungi Siqebengu - Affidavit plus brochure.pdf
[2011/08/29 13:36:01 | 000,075,040 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Lungis photo.jpg
[2011/08/29 06:26:51 | 000,114,580 | ---- | M] () -- C:\Documents and Settings\Lungi\Desktop\Contact RapidStudio 01JUL2011.pdf

========== Files Created - No Company Name ==========

[2011/09/18 17:37:05 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/09/18 17:37:02 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/09/18 17:27:17 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/18 17:27:17 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/18 17:27:17 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/18 17:27:17 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/18 17:27:17 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/18 17:05:46 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/17 23:41:49 | 2056,007,680 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/14 08:31:30 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Free Download Manager.lnk
[2011/09/12 22:34:00 | 000,147,483 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Defence Intelligence Proposal_004.png
[2011/09/12 21:32:00 | 002,049,486 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Defence Intelligence Proposal.pdf
[2011/09/12 16:20:57 | 001,962,686 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\KTS logo.bmp
[2011/09/08 13:38:34 | 001,431,991 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Here is the Love Camp Form 2011.pdf
[2011/09/06 11:48:37 | 005,291,524 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU Converted.rtf
[2011/09/06 11:47:28 | 000,006,609 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU.rtf
[2011/09/06 11:42:33 | 000,352,348 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\SITA Contract - LM SIQEBENGU.pdf
[2011/09/06 09:54:37 | 000,217,535 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8366.JPG
[2011/09/06 00:30:12 | 000,047,753 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Mail Welcome to Horde.mht
[2011/09/05 11:38:14 | 005,967,914 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr) - b and clnd.jpg
[2011/09/05 11:33:02 | 002,772,933 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr) - brightened.jpg
[2011/09/05 11:31:32 | 003,209,282 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Mrs Nkosi (Jnr).JPG
[2011/09/01 13:46:03 | 002,219,573 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\PI_ZA_PROSPECTUS_2011.pdf
[2011/09/01 12:01:54 | 000,881,524 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8178.jpg
[2011/09/01 11:55:48 | 000,593,742 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8173.jpg
[2011/08/31 17:57:29 | 002,718,220 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC8165.jpg
[2011/08/30 20:23:54 | 003,160,368 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\_DSC7660-testing.JPG
[2011/08/30 12:29:07 | 001,434,041 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\FROM Lungi Siqebengu - Affidavit plus brochure.pdf
[2011/08/29 13:35:58 | 000,075,040 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Lungis photo.jpg
[2011/08/29 06:26:50 | 000,114,580 | ---- | C] () -- C:\Documents and Settings\Lungi\Desktop\Contact RapidStudio 01JUL2011.pdf
[2011/08/10 01:21:13 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/07/21 21:36:24 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Lungi\Application Data\Adobe BMP Format CS5 Prefs
[2011/04/24 17:09:51 | 000,000,277 | ---- | C] () -- C:\WINDOWS\ImageInc.ini
[2011/04/01 00:22:52 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Lungi\Application Data\mdbu.bin
[2011/03/13 18:22:52 | 000,000,236 | ---- | C] () -- C:\WINDOWS\BIOLOGIN.EXE
[2011/01/18 12:01:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JCMKR32.INI
[2011/01/17 14:57:35 | 000,507,936 | ---- | C] () -- C:\WINDOWS\System32\RS_Updater_uninstall.exe
[2011/01/09 07:34:38 | 000,115,369 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/01/09 07:34:38 | 000,097,961 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/12/09 08:28:31 | 000,010,709 | ---- | C] () -- C:\WINDOWS\hpwscr19.dat
[2010/10/06 15:51:15 | 016,072,286 | ---- | C] () -- C:\WINDOWS\System32\RapidStudio_RapidStudio_uninstaller.exe
[2010/09/27 17:59:15 | 003,066,992 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/20 02:05:31 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/09/16 22:46:55 | 015,339,517 | ---- | C] () -- C:\WINDOWS\System32\Studio22_Studio22 Album Maker_uninstaller.exe
[2010/08/21 23:27:56 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010/08/21 23:14:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Guides
[2010/08/21 23:14:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Lungi\Application Data\Generic
[2010/08/21 23:14:37 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT
[2010/08/21 23:14:37 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Pop Kit
[2010/08/21 23:14:29 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Guitar
[2010/08/21 23:14:29 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Printer Icons
[2010/08/20 18:35:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/08/20 18:26:42 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Lungi\Application Data\Classical
[2010/08/20 18:26:42 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLeq.DAT
[2010/08/20 18:26:42 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Contents
[2010/08/20 18:25:43 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Lungi\Application Data\Grand Piano
[2010/08/20 18:23:25 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2010/08/19 20:14:56 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/08/19 20:14:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Lungi\Application Data\Channel
[2010/08/19 20:08:33 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/08/19 20:08:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Lungi\Application Data\Calibrators
[2010/04/13 11:31:16 | 000,005,736 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2010/04/13 11:27:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2010/04/13 11:26:50 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2010/04/13 11:26:50 | 000,000,133 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2010/04/09 10:49:56 | 000,088,576 | ---- | C] () -- C:\Documents and Settings\Lungi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 00:51:57 | 000,000,510 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/04/08 00:11:09 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Lungi\Local Settings\Application Data\fusioncache.dat
[2010/04/08 00:09:32 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2010/04/08 00:06:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/04/08 00:06:11 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2010/04/08 00:06:11 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2010/04/08 00:06:11 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/04/08 00:05:49 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\VMC3KAPI.dll
[2010/04/08 00:05:05 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\snp2uvc.sys
[2010/04/08 00:05:05 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/04/08 00:05:05 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\sncduvc.sys
[2010/04/08 00:05:05 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/04/08 00:05:05 | 000,000,169 | ---- | C] () -- C:\WINDOWS\System32\PidList.ini
[2010/04/08 00:04:56 | 000,626,688 | ---- | C] () -- C:\WINDOWS\Image.dll
[2010/04/08 00:04:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\PLFSetI.exe
[2010/04/08 00:04:56 | 000,009,216 | ---- | C] () -- C:\WINDOWS\usbvideo_reg.exe
[2010/04/08 00:04:56 | 000,000,169 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010/04/07 23:48:55 | 000,000,039 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini
[2010/01/27 04:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/16 13:25:02 | 000,121,512 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2008/08/30 02:04:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/08/30 02:03:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/30 01:55:36 | 000,514,150 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/08/30 01:55:36 | 000,098,014 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/08/30 01:50:50 | 003,697,696 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/08/30 01:32:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIOFM4.dll
[2008/08/30 01:32:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN5.dll
[2008/08/30 01:31:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2008/08/30 01:31:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2008/07/03 12:05:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/03 12:03:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/06/27 18:08:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4964.dll
[2008/06/27 17:48:32 | 001,991,464 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2008/06/27 17:48:32 | 000,432,400 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/14 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/01 09:00:28 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/04/01 08:41:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007/01/26 08:32:18 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2007/01/23 14:11:20 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\QFClient2.dll
[2006/03/10 23:18:16 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/14 22:04:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\XMLaunch.exe
[2003/11/25 00:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll
[2003/11/25 00:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll
[2002/11/20 18:51:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2002/09/12 23:41:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/12 23:41:26 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/12/27 01:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/09/04 08:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/31 01:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/24 07:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

< End of report >

The EXTRAS log.
OTL Extras logfile created on: 2011/09/19 06:06:33 AM - Run 2
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Lungi\Desktop\Checking Malware 20SEPT2011
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001C09 | Country: South Africa | Language: ENS | Date Format: yyyy/MM/dd

1.91 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 55.89% Memory free
3.76 Gb Paging File | 2.64 Gb Available in Paging File | 70.26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.57 Gb Total Space | 41.52 Gb Free Space | 37.22% Space Free | Partition Type: NTFS
Drive D: | 111.55 Gb Total Space | 110.65 Gb Free Space | 99.19% Space Free | Partition Type: NTFS
Drive E: | 702.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.45 Gb Total Space | 6.50 Gb Free Space | 87.21% Space Free | Partition Type: FAT32
Drive G: | 35.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LUNGI-2010 | User Name: Lungi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with XnView] -- "C:\Program Files\XnView\xnview.exe" "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"24779:TCP" = 24779:TCP:*:Enabled:BitComet 24779 TCP
"24779:UDP" = 24779:UDP:*:Enabled:BitComet 24779 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14E82399-E221-43EE-B819-055A00E499C3}" = Infineon TPM Professional Package
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2642BE09-1F9F-4E18-AAD4-0258B9BCE611}" = hp officejet g series
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 26
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{61B9BC1E-F0E6-4A4F-98CB-A0D2EB2D7731}" = O2Micro Flash Memory Card Reader Driver (x86)
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{653A52D8-127C-476D-BAD9-27117A3A4959}" = Nokia PC Internet Access
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6C89746F-CB7A-4BCA-88B9-03BBD2BA5600}" = WT-4 Setup Utility
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ONENOTE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ONENOTE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ONENOTE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ONENOTE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0000-0000-0000000FF1CE}" = Microsoft Office OneNote 2007
"{90120000-00A1-0000-0000-0000000FF1CE}_ONENOTE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0000-0000-0000000FF1CE}_ONENOTE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ONENOTE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ONENOTE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8.4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Acer Acer Bio Protection 6.0.00.19" = Acer Bio Protection

ATU 6.0.00.19
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Applian FLV Player2.0.24" = Applian FLV Player
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Flash Saving Plugin" = Flash Saving Plugin
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HDMI" = Intel® Graphics Media Accelerator Driver
"HECI" = Intel® Management Engine Interface
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MESOL" = Intel® Active Management Technology
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Internet Access" = Nokia PC Internet Access
"Nokia PC Suite" = Nokia PC Suite
"ONENOTE" = Microsoft Office OneNote 2007
"PhotoScape" = PhotoScape
"PRJPRO" = Microsoft Office Project Professional 2007
"PROPLUS" = Microsoft Office Professional Plus 2007
"QUICKfind" = QUICKfind server v1.1
"RapidStudio_RapidStudio" = RapidStudio
"RapidStudio_Support" = RapidStudio QuickSupport
"RapidStudio_Updater" = RapidStudio Software Updater
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VISPRO" = Microsoft Office Visio Professional 2007
"Watermark Image_is1" = Watermark Image software version 1.9.9.7
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011/09/18 11:51:06 AM | Computer Name = LUNGI-2010 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\LUNGI\START MENU\PROGRAMS\CYBERLINK
POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 2011/09/18 11:51:06 AM | Computer Name = LUNGI-2010 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\LUNGI\START MENU\PROGRAMS\CYBERLINK
POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 2011/09/18 11:51:27 AM | Computer Name = LUNGI-2010 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\LUNGI\START MENU\PROGRAMS\CYBERLINK
POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 2011/09/18 11:51:27 AM | Computer Name = LUNGI-2010 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\LUNGI\START MENU\PROGRAMS\CYBERLINK
POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 2011/09/18 12:16:22 PM | Computer Name = LUNGI-2010 | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver

Error - 2011/09/18 11:35:42 PM | Computer Name = LUNGI-2010 | Source = MSSQL$MSSMLBIZ | ID = 17207
Description = FCB::Open: Operating system error 5(Access is denied.) occurred while
creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 2011/09/18 11:35:42 PM | Computer Name = LUNGI-2010 | Source = MSSQL$MSSMLBIZ | ID = 17204
Description = FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL
Server\MSSQL.1\MSSQL\DATA\master.mdf for file number 1. OS error: 5(Access is
denied.).

Error - 2011/09/18 11:35:42 PM | Computer Name = LUNGI-2010 | Source = MSSQL$MSSMLBIZ | ID = 17207
Description = FCB::Open: Operating system error 5(Access is denied.) occurred while
creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\mastlog.ldf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 2011/09/18 11:35:42 PM | Computer Name = LUNGI-2010 | Source = MSSQL$MSSMLBIZ | ID = 17204
Description = FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL
Server\MSSQL.1\MSSQL\DATA\mastlog.ldf for file number 2. OS error: 5(Access is
denied.).

Error - 2011/09/18 11:35:42 PM | Computer Name = LUNGI-2010 | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft SQL Server 2005 Express Edition -- Error 29503.
The SQL Server service failed to start. For more information, see the SQL Server
Books Online topics, "How to: View SQL Server 2005 Setup Log Files" and "Starting
SQL Server Manually." The error is (3417) .

[ OSession Events ]
Error - 2010/09/30 10:25:20 AM | Computer Name = LUNGI-2010 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 260
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2010/10/21 02:47:57 AM | Computer Name = LUNGI-2010 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 26
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2010/10/24 02:34:30 AM | Computer Name = LUNGI-2010 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4447
seconds with 180 seconds of active time. This session ended with a crash.

Error - 2010/10/28 10:16:52 AM | Computer Name = LUNGI-2010 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2350
seconds with 180 seconds of active time. This session ended with a crash.

Error - 2010/11/03 10:03:00 AM | Computer Name = LUNGI-2010 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4420
seconds with 180 seconds of active time. This session ended with a crash.

Error - 2010/11/06 02:35:08 AM | Computer Name = LUNGI-2010 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6529
seconds with 1620 seconds of active time. This session ended with a crash.

Error - 2010/12/06 05:57:11 PM | Computer Name = LUNGI-2010 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 235
seconds with 120 seconds of active time. This session ended with a crash.

Error - 2010/12/21 08:50:24 AM | Computer Name = LUNGI-2010 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19727
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2011/09/17 03:47:26 PM | Computer Name = LUNGI-2010 | Source = Service Control Manager | ID = 7034
Description = The NTI Backup Now 5 Backup Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011/09/17 03:47:26 PM | Computer Name = LUNGI-2010 | Source = Service Control Manager | ID = 7034
Description = The NTI Backup Now 5 Scheduler Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011/09/17 03:47:26 PM | Computer Name = LUNGI-2010 | Source = Service Control Manager | ID = 7034
Description = The O2Micro Flash Memory Card Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011/09/17 03:47:27 PM | Computer Name = LUNGI-2010 | Source = Service Control Manager | ID = 7034
Description = The Personal Secure Drive Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011/09/18 05:17:31 PM | Computer Name = LUNGI-2010 | Source = Dhcp | ID = 1002
Description = The IP address lease 41.27.249.25 for the Network Card with network
address 001E101F7DCD has been denied by the DHCP server 41.27.21.22 (The DHCP Server
sent a DHCPNACK message).

Error - 2011/09/18 05:58:31 PM | Computer Name = LUNGI-2010 | Source = Dhcp | ID = 1002
Description = The IP address lease 41.27.21.21 for the Network Card with network
address 001E101F48C2 has been denied by the DHCP server 41.26.118.225 (The DHCP
Server sent a DHCPNACK message).

Error - 2011/09/18 07:32:55 PM | Computer Name = LUNGI-2010 | Source = Dhcp | ID = 1002
Description = The IP address lease 41.26.118.239 for the Network Card with network
address 001E101F85DA has been denied by the DHCP server 41.28.36.57 (The DHCP Server
sent a DHCPNACK message).

Error - 2011/09/18 11:35:42 PM | Computer Name = LUNGI-2010 | Source = Service Control Manager | ID = 7024
Description = The SQL Server (MSSMLBIZ) service terminated with service-specific
error 3417 (0xD59).

Error - 2011/09/18 11:36:30 PM | Computer Name = LUNGI-2010 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft SQL Server 2005 Express Edition Service Pack 4
(KB2463332).

Error - 2011/09/18 11:48:13 PM | Computer Name = LUNGI-2010 | Source = Dhcp | ID = 1002
Description = The IP address lease 41.29.58.41 for the Network Card with network
address 001E101FBAFC has been denied by the DHCP server 41.29.37.125 (The DHCP Server
sent a DHCPNACK message).

< End of report >

2. After running sigverif, got the following three files :
Nkvbus.sys
Cutepdfw.ppd
Pscript5.dll

3. Run, sigverif, got two logs
OUTPUT VEW log
Vino's Event Viewer v01c run on Windows XP in English
Report run at 19/09/2011 10:59:27 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The APPLICATION VEW log
Vino's Event Viewer v01c run on Windows XP in English
Report run at 19/09/2011 11:01:09 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/09/2011 10:19:29 PM
Type: error Category: 0
Event: 0 Source: VMCService
conflictManagerTypeValue

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/09/2011 10:18:00 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
4. Run SPEECY here is the operating System log :-
Summary
Operating System
MS Windows XP Professional 32-bit SP3
CPU
Intel Mobile Core 2 Duo P8400 @ 2.26GHz 40 °C
Penryn 45nm Technology
RAM
2.00 GB Single-Channel DDR3 @ 532MHz (7-7-7-20)
Motherboard
Acer FourPeaks (U2E1) 46 °C
Graphics
Plug and Play Monitor (1280x800@60Hz)
Mobile Intel® 4 Series Express Chipset Family
Mobile Intel® 4 Series Express Chipset Family
Hard Drives
244GB Hitachi Hitachi HTS723225L9A360 (SATA) 47 °C
7.82GB O2Micro SD (SCSI)
Optical Drives
Optiarc DVD RW AD-7560S
Audio
Realtek High Definition Audio
Operating System
MS Windows XP Professional 32-bit SP3
Installation Date: 07 April 2010, 23:57
Serial Number: (number deleted)
Windows Security Center
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Firewall
Firewall Enabled
Company Name Kaspersky Lab
Display Name ?ù??????????U?0
Product Version 11.0.1.400
Antivirus
Antivirus Enabled
Company Name Kaspersky Lab
Display Name ?ù??????????U?0
Product Version 11.0.1.400
Environment Variables
USERPROFILE C:\Documents and Settings\Lungi
SystemRoot C:\WINDOWS
User Variables
TEMP C:\Documents and Settings\Lungi\Local Settings\Temp
TMP C:\Documents and Settings\Lungi\Local Settings\Temp
Machine Variables
ComSpec C:\WINDOWS\system32\cmd.exe
Path
C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\system32\wbem
C:\Program Files\PC Connectivity Solution
C:\Program Files\Microsoft SQL Server\90\Tools\binn
C:\Program Files\QuickTime\QTSystem
C:\Program Files\ImageConverter Plus
C:\Program Files\ImageConverter Plus\Microsoft.VC90.CRT
C:\Program Files\ImageConverter Plus\Microsoft.VC90.MFC
windir C:\WINDOWS
FP_NO_HOST_CHECK NO
OS Windows_NT
PROCESSOR_ARCHITECTURE x86
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER x86 Family 6 Model 23 Stepping 6, GenuineIntel
PROCESSOR_REVISION 1706
NUMBER_OF_PROCESSORS 2
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
Pathtem
C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\System32\Wbem
NTIPath
C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\System32\Wbem
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\
CLASSPATH
.
C:\Program Files\QuickTime\QTSystem\QTJava.zip
QTJAVA C:\Program Files\QuickTime\QTSystem\QTJava.zip
Process List
agentsvc.exe
Process ID 1340
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
Memory Usage 3.87 MB
Peak Memory Usage 3.92 MB
alg.exe
Process ID 4688
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\System32\alg.exe
Memory Usage 3.75 MB
Peak Memory Usage 3.80 MB
avp.exe
Process ID 1268
avp.exe
Process ID 3412
backupsvc.exe
Process ID 348
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
Memory Usage 6.84 MB
Peak Memory Usage 6.87 MB
basvc.exe
Process ID 256
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
Memory Usage 6.11 MB
Peak Memory Usage 6.16 MB
bcmsqlstartupsvc.exe
Process ID 1288
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
Memory Usage 2.44 MB
Peak Memory Usage 2.50 MB
bkuptray.exe
Process ID 2388
User Lungi
Domain LUNGI-2010
Path C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
Memory Usage 2.54 MB
Peak Memory Usage 2.54 MB
bttray.exe
Process ID 3028
User Lungi
Domain LUNGI-2010
Path C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Memory Usage 5.37 MB
Peak Memory Usage 5.47 MB
btwdins.exe
Process ID 1968
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
Memory Usage 3.43 MB
Peak Memory Usage 3.57 MB
csrss.exe
Process ID 1548
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\csrss.exe
Memory Usage 5.77 MB
Peak Memory Usage 6.77 MB
ctfmon.exe
Process ID 300
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\system32\ctfmon.exe
Memory Usage 3.62 MB
Peak Memory Usage 3.67 MB
epower_dmc.exe
Process ID 3296
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
explorer.exe
Process ID 3780
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\Explorer.EXE
Memory Usage 27 MB
Peak Memory Usage 32 MB
framework.launcher.exe
Process ID 2872
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
Memory Usage 26 MB
Peak Memory Usage 26 MB
googledesktop.exe
Process ID 2864
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
Memory Usage 18 MB
Peak Memory Usage 23 MB
googletoolbarnotifier.exe
Process ID 4092
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Memory Usage 1.66 MB
Peak Memory Usage 6.69 MB
hkcmd.exe
Process ID 444
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\system32\hkcmd.exe
Memory Usage 3.67 MB
Peak Memory Usage 3.68 MB
ifxpsdsv.exe
Process ID 1136
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\IfxPsdSv.exe
Memory Usage 2.80 MB
Peak Memory Usage 2.85 MB
ifxspmgt.exe
Process ID 1532
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\ifxspmgt.exe
Memory Usage 9.59 MB
Peak Memory Usage 9.60 MB
ifxtcs.exe
Process ID 1828
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\IFXTCS.exe
Memory Usage 7.17 MB
Peak Memory Usage 7.18 MB
igfxext.exe
Process ID 276
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\system32\igfxext.exe
Memory Usage 3.04 MB
Peak Memory Usage 3.07 MB
igfxpers.exe
Process ID 1072
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\system32\igfxpers.exe
Memory Usage 3.11 MB
Peak Memory Usage 3.12 MB
igfxsrvc.exe
Process ID 1200
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\system32\igfxsrvc.exe
Memory Usage 3.62 MB
Peak Memory Usage 3.64 MB
isuspm.exe
Process ID 4028
User Lungi
Domain LUNGI-2010
Path C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
Memory Usage 4.39 MB
Peak Memory Usage 4.41 MB
jqs.exe
Process ID 344
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Java\jre6\bin\jqs.exe
Memory Usage 1.39 MB
Peak Memory Usage 17 MB
jusched.exe
Process ID 3932
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Common Files\Java\Java Update\jusched.exe
Memory Usage 2.99 MB
Peak Memory Usage 2.99 MB
lmanager.exe
Process ID 3372
User Lungi
Domain LUNGI-2010
Path C:\PROGRA~1\LAUNCH~1\LManager.exe
Memory Usage 6.91 MB
Peak Memory Usage 6.91 MB
lms.exe
Process ID 532
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Intel\AMT\LMS.exe
Memory Usage 5.12 MB
Peak Memory Usage 5.19 MB
lsass.exe
Process ID 1632
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\lsass.exe
Memory Usage 2.01 MB
Peak Memory Usage 7.04 MB
lssrvc.exe
Process ID 472
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Memory Usage 2.72 MB
Peak Memory Usage 2.75 MB
mbamgui.exe
Process ID 3964
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Memory Usage 5.67 MB
Peak Memory Usage 5.75 MB
mbamservice.exe
Process ID 580
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
Memory Usage 99 MB
Peak Memory Usage 151 MB
mdm.exe
Process ID 628
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Memory Usage 3.17 MB
Peak Memory Usage 3.18 MB
mobileconnect.exe
Process ID 3944
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
Memory Usage 37 MB
Peak Memory Usage 37 MB
nclirsrv.exe
Process ID 5784
User Lungi
Domain LUNGI-2010
Path C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
Memory Usage 2.59 MB
Peak Memory Usage 2.65 MB
nclrssrv.exe
Process ID 4336
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
Memory Usage 2.26 MB
Peak Memory Usage 2.32 MB
nclusbsrv.exe
Process ID 4732
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
Memory Usage 2.84 MB
Peak Memory Usage 2.90 MB
nkptpenum.exe
Process ID 744
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe
Memory Usage 1.06 MB
Peak Memory Usage 3.02 MB
nlssrv32.exe
Process ID 764
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\NLSSRV32.EXE
Memory Usage 1.80 MB
Peak Memory Usage 1.87 MB
npcia.exe
Process ID 4064
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
o2flash.exe
Process ID 1112
User SYSTEM
Domain NT AUTHORITY
Path c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
Memory Usage 1.67 MB
Peak Memory Usage 1.73 MB
onenotem.exe
Process ID 2748
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Memory Usage 872 KB
Peak Memory Usage 2.88 MB
pcsuite.exe
Process ID 4040
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
Memory Usage 26 MB
Peak Memory Usage 26 MB
pdtwzd.exe
Process ID 336
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
pdvdserv.exe
Process ID 1800
User Lungi
Domain LUNGI-2010
Path C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
Memory Usage 3.51 MB
Peak Memory Usage 3.52 MB
plfseti.exe
Process ID 2976
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\PLFSetI.exe
Memory Usage 4.13 MB
Peak Memory Usage 4.74 MB
privacyiconclient.exe
Process ID 2888
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
Memory Usage 24 MB
Peak Memory Usage 24 MB
psdrt.exe
Process ID 3676
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
rthdcpl.exe
Process ID 3120
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\RTHDCPL.EXE
Memory Usage 22 MB
Peak Memory Usage 22 MB
rtkbtmnt.exe
Process ID 1660
User Lungi
Domain LUNGI-2010
Path C:\DOCUME~1\Lungi\LOCALS~1\Temp\RtkBtMnt.exe
Memory Usage 3.43 MB
Peak Memory Usage 3.47 MB
rundll32.exe
Process ID 2972
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\system32\rundll32.exe
Memory Usage 3.68 MB
Peak Memory Usage 3.68 MB
scardsvr.exe
Process ID 1028
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\System32\SCardSvr.exe
Memory Usage 2.84 MB
Peak Memory Usage 2.91 MB
schedulersvc.exe
Process ID 1096
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
Memory Usage 4.72 MB
Peak Memory Usage 4.78 MB
searchfilterhost.exe
Process ID 3112
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchFilterHost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
searchindexer.exe
Process ID 2164
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchIndexer.exe
Memory Usage 14 MB
Peak Memory Usage 17 MB
searchprotocolhost.exe
Process ID 5008
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchProtocolHost.exe
Memory Usage 7.22 MB
Peak Memory Usage 7.37 MB
servicelayer.exe
Process ID 176
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Memory Usage 4.88 MB
Peak Memory Usage 4.93 MB
services.exe
Process ID 1620
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\services.exe
Memory Usage 3.77 MB
Peak Memory Usage 4.10 MB
smss.exe
Process ID 1476
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 444 KB
Peak Memory Usage 1.24 MB
speccy.exe
Process ID 2104
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 13 MB
Peak Memory Usage 41 MB
spoolsv.exe
Process ID 644
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\spoolsv.exe
Memory Usage 7.96 MB
Peak Memory Usage 8.09 MB
sptna.exe
Process ID 3704
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Infineon\Security Platform Software\SpTna.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
sqlwriter.exe
Process ID 1456
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Memory Usage 3.67 MB
Peak Memory Usage 3.69 MB
svchost.exe
Process ID 1896
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.95 MB
Peak Memory Usage 4.97 MB
svchost.exe
Process ID 2064
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.93 MB
Peak Memory Usage 5.04 MB
svchost.exe
Process ID 1176
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 3.06 MB
Peak Memory Usage 3.11 MB
svchost.exe
Process ID 700
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 3.11 MB
Peak Memory Usage 3.16 MB
svchost.exe
Process ID 1312
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.46 MB
Peak Memory Usage 3.48 MB
svchost.exe
Process ID 1228
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.00 MB
Peak Memory Usage 4.06 MB
svchost.exe
Process ID 328
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.99 MB
Peak Memory Usage 3.99 MB
svchost.exe
Process ID 168
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.17 MB
Peak Memory Usage 3.21 MB
svchost.exe
Process ID 1940
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 26 MB
Peak Memory Usage 28 MB
svchost.exe
Process ID 1792
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.38 MB
Peak Memory Usage 5.56 MB
syntpenh.exe
Process ID 2080
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 5.66 MB
Peak Memory Usage 5.66 MB
system
Process ID 4
Memory Usage 324 KB
Peak Memory Usage 5.96 MB
system idle process
Process ID 0
uns.exe
Process ID 2108
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
Memory Usage 7.08 MB
Peak Memory Usage 7.11 MB
unsecapp.exe
Process ID 2548
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\system32\wbem\unsecapp.exe
Memory Usage 4.24 MB
Peak Memory Usage 4.29 MB
vmcservice.exe
Process ID 2268
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
windowssearch.exe
Process ID 3212
User Lungi
Domain LUNGI-2010
Path C:\Program Files\Windows Desktop Search\WindowsSearch.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
winlogon.exe
Process ID 1572
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\winlogon.exe
Memory Usage 48 MB
Peak Memory Usage 64 MB
wmiprvse.exe
Process ID 2844
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 5.71 MB
Peak Memory Usage 6.05 MB
wmiprvse.exe
Process ID 2652
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 7.55 MB
Peak Memory Usage 8.32 MB
wscntfy.exe
Process ID 3980
User Lungi
Domain LUNGI-2010
Path C:\WINDOWS\system32\wscntfy.exe
Memory Usage 2.59 MB
Peak Memory Usage 2.65 MB
TimeZone
TimeZone GMT +2 Hours
Language English
Country South Africa
Currency R
Date Format M/d/yyyy
Time Format hh:mm:ss tt
Power Profile
Active power scheme Maximum Performance
Hibernation Enabled
Scheduler
9/20/2011 12:04 AM;Every 1 hour(s) from 02:04 PM for 24 hour(s) every day, starting 8/4/2011 GoogleUpdateTaskMachineUA
9/20/2011 02:00 AM;At 02:00 AM every day, starting 4/13/2011 AdobeAAMUpdater-1.0-LUNGI-2010-Lungi
9/20/2011 02:04 PM;Run at user logon GoogleUpdateTaskMachineCore
Hotfixes
9/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/17/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/16/2011 Security Update for Microsoft Office 2007 System (KB2553090)
9/16/2011 Update for Windows XP (KB2616676)
9/16/2011 Security Update for Microsoft Office Excel 2007 (KB2553073)
9/16/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2553110)
9/16/2011 Windows Malicious Software Removal Tool - September 2011 (KB890830)
9/16/2011 Security Update for Microsoft Office 2007 System (KB2553089)
9/16/2011 Update for Office File Validation 2010 (KB2553065), 32-bit Edition
9/16/2011 Security Update for Windows XP (KB2570947)
9/16/2011 Security Update for the 2007 Microsoft Office System (KB2553074)
9/16/2011 Update for Microsoft Office Outlook 2007 (KB2583910)
9/16/2011 Security Update for Microsoft Office 2007 System (KB2584063)
9/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/13/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/11/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/8/2011 Microsoft Office File Validation Add-in
9/8/2011 Update for Windows XP (KB2607712)
9/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
9/1/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/31/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/31/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/30/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/29/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/27/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/24/2011 Update for Windows XP (KB2570791)
8/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/23/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/23/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/23/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/22/2011 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
8/22/2011 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
8/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/22/2011 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
8/22/2011 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
8/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/22/2011 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
8/22/2011 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
8/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/17/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/16/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/16/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/9/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2539631)
8/9/2011 Security Update for Windows XP (KB2567680)
8/9/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2586924)
8/9/2011 Security Update for Windows XP (KB2536276)
8/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/9/2011 Security Update for Microsoft Office Visio 2007 (KB2553010)
8/9/2011 Security Update for Windows XP (KB2570222)
8/9/2011 Windows Malicious Software Removal Tool - August 2011 (KB890830)
8/9/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2559049)
8/9/2011 Security Update for Windows XP (KB2566454)
8/9/2011 Update Rollup for ActiveX Killbits for Windows XP (KB2562937)
8/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
8/1/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/31/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/29/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/29/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/27/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/20/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/16/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/14/2011 Security Update for Windows XP (KB2507938)
7/14/2011 Windows Malicious Software Removal Tool - July 2011 (KB890830)
7/14/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2553975)
7/14/2011 Security Update for Windows XP (KB2555917)
7/12/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/10/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
7/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/29/2011 Update for Windows XP (KB2541763)
6/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/20/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/19/2011 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
6/19/2011 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2478658)
6/18/2011 Security Update for Microsoft Office InfoPath 2007 (KB2510061)
6/18/2011 Security Update for Microsoft Office Excel 2007 (KB2541007)
6/18/2011 Update for Microsoft Office 2007 System (KB2539530)
6/18/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
6/18/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
6/17/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
6/17/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
6/17/2011 Security Update for Microsoft Office InfoPath 2007 (KB2510061)
6/17/2011 Security Update for Microsoft Office Excel 2007 (KB2541007)
6/17/2011 Windows Malicious Software Removal Tool - June 2011 (KB890830)
6/17/2011 Update for Microsoft Office 2007 System (KB2539530)
6/17/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
6/17/2011 Security Update for Windows XP (KB2476490)
6/17/2011 Security Update for Windows XP (KB2503665)
6/17/2011 Security Update for Windows XP (KB2535512)
6/17/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
6/17/2011 Security Update for Windows XP (KB2536276)
6/17/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2530548)
6/17/2011 Security Update for Windows XP (KB2544893)
6/17/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
6/17/2011 Security Update for Internet Explorer 8 for Windows XP (KB2544521)
6/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/12/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/11/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/10/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/10/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/1/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
6/1/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/31/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/31/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/31/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/30/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/29/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/20/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/20/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/16/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/16/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/13/2011 Update for Microsoft Office Outlook 2007 (KB2509470)
5/11/2011 Windows Malicious Software Removal Tool - May 2011 (KB890830)
5/11/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
5/11/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2536413)
5/11/2011 Security Update for Microsoft Office 2007 System (KB2540162)
5/10/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
5/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
4/29/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
4/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/23/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/21/2011 Update for Microsoft Silverlight (KB2526954)
4/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/20/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/14/2011 Security Update for Windows XP (KB2491683)
4/14/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2522999)
4/14/2011 Security Update for Microsoft Office Excel 2007 (KB2464583)
4/14/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2467175)
4/14/2011 Security Update for Windows XP (KB2485663)
4/14/2011 Security Update for Windows XP (KB2506223)
4/14/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2464594)
4/14/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2497640)
4/14/2011 Security Update for Windows XP (KB2412687)
4/14/2011 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2446704)
4/14/2011 Cumulative Security Update for ActiveX Killbits for Windows XP (KB2508272)
4/14/2011 Security Update for Microsoft Office 2007 System (KB2464635)
4/14/2011 Security Update for Windows XP (KB2503658)
4/14/2011 Security Update for Microsoft Office 2007 System (KB2509488)
4/14/2011 Security Update for Windows XP (KB2507618)
4/14/2011 Security Update for Windows XP (KB2508429)
4/14/2011 Security Update for Windows XP (KB2511455)
4/14/2011 Security Update for the 2007 Microsoft Office System (KB2466156)
4/14/2011 Security Update for Windows XP (KB2506212)
4/14/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
4/14/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
4/14/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2467174)
4/14/2011 Security Update for Windows XP (KB2509553)
4/14/2011 Security Update for Windows XP (KB2510531)
4/14/2011 Update for Microsoft Office Outlook 2007 (KB2509470)
4/12/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/12/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/11/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/11/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/9/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/5/2011 Update for Windows XP (KB976662)
4/5/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2482017)
4/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/5/2011 Security Update for Windows XP (KB981332)
4/5/2011 Security Update for Jscript 5.8 for Windows XP (KB971961)
4/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/1/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/30/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/29/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/29/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/27/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/27/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/27/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/24/2011 Update for Windows XP (KB2524375)
3/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/24/2011 Update for Windows XP (KB2524375)
3/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/20/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/17/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/15/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/15/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/13/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/11/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/10/2011 Security Update for Windows XP (KB2479943)
3/10/2011 Windows Malicious Software Removal Tool - March 2011 (KB890830)
3/10/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2508979)
3/10/2011 Security Update for Windows XP (KB2481109)
3/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
3/1/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/28/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/27/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/25/2011 Update for Windows XP (KB971029)
2/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/23/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/23/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/17/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/16/2011 Update for Microsoft Silverlight (KB2495644)
2/16/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/16/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/16/2011 Update for Windows XP (KB976662)
2/16/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2482017)
2/16/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/16/2011 Security Update for Windows XP (KB981332)
2/16/2011 Security Update for Jscript 5.8 for Windows XP (KB971961)
2/15/2011 Update for Windows XP (KB976662)
2/15/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2482017)
2/15/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/15/2011 Security Update for Windows XP (KB981332)
2/15/2011 Security Update for Jscript 5.8 for Windows XP (KB971961)
2/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/13/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/13/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/10/2011 Security Update for Windows XP (KB2478971)
2/10/2011 Security Update for Windows XP (KB2485376)
2/10/2011 Security Update for Windows XP (KB2479628)
2/10/2011 Security Update for Microsoft Office Visio 2007 (KB2434737)
2/10/2011 Security Update for Windows XP (KB2483185)
2/10/2011 Windows Malicious Software Removal Tool - February 2011 (KB890830)
2/10/2011 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2482017)
2/10/2011 Security Update for Windows XP (KB2476687)
2/10/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2492475)
2/10/2011 Security Update for Windows XP (KB2478960)
2/10/2011 Security Update for Windows XP (KB2393802)
2/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/4/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/2/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
2/1/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/31/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/30/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/29/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/27/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/26/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/25/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/24/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/23/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/22/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/21/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/20/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/19/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/18/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/17/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/14/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/14/2011 Windows Malicious Software Removal Tool - January 2011 (KB890830)
1/14/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2483110)
1/14/2011 Update for Microsoft Office Outlook 2007 (KB2412171)
1/14/2011 Security Update for Windows XP (KB2419632)
1/12/2011 Security Update for Windows XP (KB2419632)
1/12/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/11/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/10/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/8/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/7/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/5/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/5/2011 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2416400)
1/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/3/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
1/1/2011 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2360131)
1/1/2011 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/28/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/22/2010 Update for Microsoft Silverlight (KB2477244)
12/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/20/2010 Update for Microsoft Silverlight (KB2477244)
12/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/20/2010 Update for Microsoft Silverlight (KB2477244)
12/16/2010 Security Update for Windows XP (KB2296199)
12/16/2010 Security Update for Microsoft Office Publisher 2007 (KB2284697)
12/16/2010 Security Update for Windows XP (KB2443105)
12/16/2010 Security Update for Windows XP (KB2440591)
12/16/2010 Update for Windows XP (KB2443685)
12/16/2010 Security Update for Windows XP (KB2436673)
12/16/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2466076)
12/16/2010 Update for Internet Explorer for Windows XP (KB2467659)
12/16/2010 Security Update for Microsoft Office 2007 System (KB2288931)
12/16/2010 Update for Microsoft Office Outlook 2007 (KB2412171)
12/16/2010 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2416400)
12/16/2010 Windows Malicious Software Removal Tool - December 2010 (KB890830)
12/16/2010 Security Update for Windows XP (KB2423089)
12/14/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/12/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/11/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/10/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/8/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/8/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/2/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/2/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
12/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/28/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/28/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/26/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/25/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/19/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/16/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/16/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/15/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/12/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/11/2010 Security Update for Microsoft Office 2007 System (KB2289158)
11/11/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2443839)
11/11/2010 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2413381)
11/11/2010 Windows Malicious Software Removal Tool - November 2010 (KB890830)
11/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/8/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
11/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/28/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/26/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/25/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/25/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/23/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/23/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/19/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/13/2010 Security Update for Windows XP (KB2387149)
10/13/2010 Security Update for Windows XP (KB2279986)
10/13/2010 Update for Windows XP (KB2345886)
10/13/2010 Security Update for Windows XP (KB2296011)
10/13/2010 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2360131)
10/13/2010 Security Update for Windows XP (KB2378111)
10/13/2010 Security Update for Microsoft Office Excel 2007 (KB2345035)
10/13/2010 Security Update for Windows XP (KB982132)
10/13/2010 Security Update for the 2007 Microsoft Office System (KB2344875)
10/13/2010 Security Update for the 2007 Microsoft Office System (KB2345043)
10/13/2010 Security Update for Windows XP (KB979687)
10/13/2010 Security Update for Microsoft Office Word 2007 (KB2344993)
10/13/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2410711)
10/13/2010 Security Update for Windows XP (KB981957)
10/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/13/2010 Windows Malicious Software Removal Tool - October 2010 (KB890830)
10/13/2010 Security Update for Windows XP (KB2360937)
10/11/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/10/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/8/2010 Security Update for Microsoft .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2418241)
10/8/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/6/2010 Security Update for Microsoft .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2418241)
10/6/2010 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447)
10/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/5/2010 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
10/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/2/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/2/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/1/2010 Update for Microsoft Office OneNote 2007 (KB980729)
10/1/2010 Security Update for Microsoft Office Visio 2007 (KB982127)
10/1/2010 Security Update for Microsoft Office Excel 2007 (KB982308)
10/1/2010 Security Update for the 2007 Microsoft Office System (KB2288621)
10/1/2010 Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
10/1/2010 Security Update for Microsoft Office InfoPath 2007 (KB979441)
10/1/2010 Security Update for the 2007 Microsoft Office System (KB972581)
10/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
10/1/2010 Security Update for Microsoft Office Access 2007 (KB979440)
10/1/2010 Security Update for the 2007 Microsoft Office System (KB976321)
10/1/2010 Security Update for the 2007 Microsoft Office System (KB969559)
10/1/2010 Security Update for Microsoft Office Publisher 2007 (KB982124)
10/1/2010 Security Update for the 2007 Microsoft Office System (KB974234)
10/1/2010 Security Update for Microsoft Office Outlook 2007 (KB2288953)
10/1/2010 Security Update for Microsoft Office Word 2007 (KB2251419)
9/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/30/2010 Security Update for the 2007 Microsoft Office System (KB982312)
9/30/2010 Security Update for Microsoft Office PowerPoint 2007 (KB982158)
9/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/30/2010 Security Update for the 2007 Microsoft Office System (KB982331)
9/30/2010 Security Update for the 2007 Microsoft Office System (KB2277947)
9/30/2010 The 2007 Microsoft Office Suite Service Pack 2 (SP2)
9/30/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2291599)
9/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/30/2010 Security Update for Microsoft Office 2007 (KB951550)
9/30/2010 Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195)
9/30/2010 Security Update for Microsoft Office Project 2007 (KB949046)
9/30/2010 Security Update for the 2007 Microsoft Office System (KB951944)
9/30/2010 Update for the 2007 Microsoft Office System (KB967642)
9/30/2010 Update for Microsoft Silverlight (KB2416427)
9/30/2010 Update for Windows XP (KB2158563)
9/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/28/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/23/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/23/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/16/2010 Security Update for Microsoft Office Outlook 2003 (KB2293428)
9/16/2010 Security Update for Windows XP (KB2259922)
9/16/2010 Security Update for Windows XP (KB975558)
9/16/2010 Security Update for Windows XP (KB2347290)
9/16/2010 Security Update for Windows XP (KB2121546)
9/16/2010 Security Update for Windows XP (KB982802)
9/16/2010 Update for Microsoft Office Outlook 2003 Junk Email Filter (KB2291595)
9/16/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/16/2010 Security Update for Windows XP (KB981322)
9/16/2010 Windows Malicious Software Removal Tool - September 2010 (KB890830)
9/16/2010 Update for the 2007 Microsoft Office System (KB2284654)
9/16/2010 Security Update for Microsoft Office 2003 (KB2288613)
9/16/2010 Update for Windows XP (KB2141007)
9/15/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/14/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/14/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/11/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/10/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/6/2010 Update for Microsoft Silverlight (KB2164913)
9/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/2/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/2/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
9/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/31/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/31/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/28/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/26/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/22/2010 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB973923)
8/19/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/19/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/17/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/16/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/16/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/15/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/14/2010 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB954430)
8/14/2010 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB973688)
8/12/2010 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2183461)
8/12/2010 Security Update for Microsoft Office Word 2003 (KB2251399)
8/12/2010 Security Update for Windows XP (KB982214)
8/12/2010 Security Update for Windows XP (KB2115168)
8/12/2010 Security Update for Microsoft Office Excel 2003 (KB2264403)
8/12/2010 Security Update for Windows XP (KB981852)
8/12/2010 Security Update for Windows XP (KB2079403)
8/12/2010 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB983583)
8/12/2010 Security Update for Windows XP (KB2160329)
8/12/2010 Security Update for Windows XP (KB980436)
8/12/2010 Windows Malicious Software Removal Tool - August 2010 (KB890830)
8/12/2010 Security Update for Windows XP (KB981997)
8/12/2010 Update for Microsoft Office Outlook 2003 Junk Email Filter (KB2279246)
8/12/2010 Security Update for the 2007 Microsoft Office System (KB2277947)
8/12/2010 Security Update for Windows XP (KB982665)
8/10/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
8/3/2010 Security Update for Windows XP (KB2286198)
8/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/31/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/26/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/21/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/19/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/17/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/14/2010 Security Update for Microsoft Office Outlook 2003 (KB980373)
7/14/2010 Security Update for Windows XP (KB2229593)
7/14/2010 Security Update for Microsoft Office Access 2003 (KB981716)
7/14/2010 Windows Malicious Software Removal Tool - July 2010 (KB890830)
7/14/2010 Update for Microsoft Office Outlook 2003 Junk Email Filter (KB2202122)
7/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/12/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/12/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/12/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/11/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/10/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/9/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/8/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/3/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/2/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
7/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/26/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/24/2010 Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Update for Windows Server 2003 and Windows XP x86 (KB982524)
6/23/2010 Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Update for Windows Server 2003 and Windows XP x86 (KB982524)
6/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/21/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/17/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/17/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/11/2010 Security Update for Windows XP (KB980218)
6/11/2010 Security Update for Microsoft Office 2003 (KB982311)
6/11/2010 Security Update for Microsoft Office Excel 2003 (KB982133)
6/11/2010 Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195)
6/11/2010 Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906)
6/11/2010 Security Update for the 2007 Microsoft Office System (KB982312)
6/11/2010 Security Update for Microsoft Office Publisher 2003 (KB982122)
6/11/2010 Security Update for Microsoft Office Word 2003 (KB982134)
6/11/2010 Update for Microsoft Office Outlook 2003 Junk Email Filter (KB983503)
6/11/2010 Security Update for Microsoft Office PowerPoint 2007 (KB982158)
6/11/2010 Security Update for Windows XP (KB979559)
6/11/2010 Windows Malicious Software Removal Tool - June 2010 (KB890830)
6/11/2010 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP3 (KB978695)
6/11/2010 Security Update for Windows XP (KB979482)
6/11/2010 Security Update for Windows XP (KB975562)
6/11/2010 Microsoft .NET Framework 3.5 SP1 Update for Windows Server 2003 and Windows XP x86 (KB982168)
6/11/2010 Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Security Update for Windows 2000, Windows Server 2003, and Windows XP x86 (KB979909)
6/11/2010 Security Update for the 2007 Microsoft Office System (KB982331)
6/11/2010 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB982381)
6/11/2010 Security Update for Microsoft Office PowerPoint 2003 (KB982157)
6/8/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/8/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
6/1/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/31/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/27/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/26/2010 Update for Windows XP (KB981793)
5/26/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/25/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/25/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/21/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/19/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/18/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/17/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/17/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/15/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/14/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/14/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/12/2010 Security Update for Microsoft Office 2003 (KB976382)
5/12/2010 Windows Malicious Software Removal Tool - May 2010 (KB890830)
5/12/2010 Update for Microsoft Office Outlook 2003 Junk Email Filter (KB981725)
5/12/2010 Security Update for Windows XP (KB978542)
5/11/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/11/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/8/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/7/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/6/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/5/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/4/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
5/2/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/30/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/29/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/24/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/23/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/23/2010 Update for Windows XP (KB961118)
4/23/2010 Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707)
4/23/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/23/2010 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
4/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/22/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/21/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/21/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/20/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/19/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/15/2010 Update for the 2007 Microsoft Office System (KB981715)
4/15/2010 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB974417)
4/15/2010 Security Update for Windows XP (KB979683)
4/15/2010 Security Update for Microsoft Office Outlook 2003 (KB973705)
4/15/2010 Security Update for Windows XP (KB980232)
4/15/2010 Security Update for Windows Media Player 9 for Windows XP SP3 (KB979402)
4/15/2010 Windows Malicious Software Removal Tool - April 2010 (KB890830)
4/15/2010 Security Update for Windows XP (KB981349)
4/15/2010 Security Update for Microsoft Office 2003 (KB975051)
4/15/2010 Security Update for Microsoft Office 2003 (KB974554)
4/15/2010 Security Update for Microsoft Office Web Components (KB947319)
4/15/2010 Security Update for Windows XP (KB978338)
4/15/2010 Security Update for Microsoft Office Word 2003 (KB973443)
4/15/2010 Security Update for Microsoft Office Excel 2003 (KB978474)
4/15/2010 Security Update for Windows XP (KB977816)
4/15/2010 Update for Microsoft Office Outlook 2003 Junk Email Filter (KB981432)
4/15/2010 Security Update for Windows XP (KB978601)
4/15/2010 Security Update for Microsoft Office 2003 (KB951535)
4/15/2010 Security Update for Microsoft Office 2003 (KB972580)
4/15/2010 Security Update for Windows XP (KB979309)
4/15/2010 Security Update for Microsoft Office PowerPoint 2003 (KB976881)
4/15/2010 Security Update for Microsoft Office Publisher 2003 (KB980469)
4/14/2010 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
4/14/2010 Update for Microsoft Office Outlook 2003 (KB953432)
4/14/2010 Update for Office 2003 (KB907417)
4/14/2010 Update for Microsoft Office Outlook 2003 Junk Email Filter (KB979771)
4/14/2010 Security Update for Microsoft Office Excel 2003 (KB955466)
4/14/2010 Security Update for Office 2003 (KB954478)
4/14/2010 Security Update for Microsoft Office Word 2003 (KB954464)
4/14/2010 Security Update for Microsoft Office Publisher 2003 (KB950213)
4/14/2010 Security Update for Microsoft Office 2003 (KB953404)
4/14/2010 Security Update for Microsoft Office Outlook 2003 (KB945432)
4/14/2010 Security Update for Microsoft Works Suite 2005 (KB943973)
4/14/2010 Security Update for Windows XP (KB963093)
4/14/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/14/2010 Update for Microsoft Office 2003 (KB978551)
4/14/2010 Security Update for Office 2003 (KB945185)
4/14/2010 Security Update for the 2007 Microsoft Office System (KB978380)
4/14/2010 Security Update for Microsoft Office PowerPoint 2003 (KB948988)
4/14/2010 Office 2003 Service Pack 3 (SP3)
4/14/2010 Security Update for Microsoft Office 2003 (KB921598)
4/14/2010 Security Update for Access Snapshot Viewer 2003 (KB955439)
4/14/2010 Update for Outlook 2003 (KB943649)
4/13/2010 Office 2003 Service Pack 2
4/13/2010 Internet Explorer 8 for Windows XP
4/13/2010 Office Genuine Advantage Notifications (KB949810)
4/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/13/2010 Windows Malicious Software Removal Tool - March 2010 (KB890830)
4/13/2010 Update for Windows XP (KB970430)
4/13/2010 Windows Genuine Advantage Notification (KB905474)
4/13/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/13/2010 Update for Windows XP (KB971737)
4/11/2010 Cumulative Security Update for ActiveX Killbits for Windows XP (KB978262)
4/11/2010 Security Update for Windows XP (KB952954)
4/11/2010 Security Update for Windows XP (KB959426)
4/11/2010 Security Update for Windows XP (KB946648)
4/11/2010 Security Update for Windows XP (KB956803)
4/11/2010 Security Update for Windows XP (KB960859)
4/11/2010 Security Update for Windows XP (KB971468)
4/11/2010 Security Update for Windows XP (KB958869)
4/11/2010 Security Update for Microsoft Office 2007 (KB951550)
4/11/2010 Update for Windows XP (KB955759)
4/11/2010 Security Update for Windows XP (KB974318)
4/11/2010 Security Update for Windows XP (KB969059)
4/11/2010 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB968816)
4/11/2010 Security Update for Microsoft Office Web Components (KB947319)
4/11/2010 Security Update for Windows XP (KB950974)
4/11/2010 Security Update for Windows XP (KB978037)
4/11/2010 Security Update for Windows XP (KB975713)
4/11/2010 Security Update for Internet Explorer 7 for Windows XP (KB938127)
4/11/2010 Security Update for Windows XP (KB971657)
4/11/2010 Security Update for Windows XP (KB977165)
4/11/2010 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB954155)
4/11/2010 Security Update for Windows XP (KB960225)
4/11/2010 Security Update for the 2007 Microsoft Office System (KB951944)
4/11/2010 Security Update for Windows XP (KB972270)
4/11/2010 Security Update for Windows XP (KB956744)
4/11/2010 Security Update for Windows XP (KB974112)
4/11/2010 Security Update for Windows XP (KB956572)
4/11/2010 Security Update for Windows XP (KB956844)
4/11/2010 Security Update for Windows XP (KB961501)
4/11/2010 Security Update for Windows XP (KB975561)
4/11/2010 Security Update for Windows XP (KB978251)
4/11/2010 Security Update for Windows XP (KB973869)
4/11/2010 Security Update for Windows XP (KB975025)
4/11/2010 Security Update for Windows XP (KB952004)
4/11/2010 Security Update for Windows XP (KB974571)
4/11/2010 Security Update for Windows XP (KB975560)
4/11/2010 Security Update for Windows XP (KB973507)
4/11/2010 Update for the 2007 Microsoft Office System (KB967642)
4/11/2010 Security Update for Microsoft PowerPoint 2007 (KB957789)
4/11/2010 Update for Windows XP (KB973687)
4/11/2010 Business Contact Manager for Outlook 2007 Service Pack 2 (KB957324)
4/11/2010 Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)
4/11/2010 Update for Windows XP (KB952287)
4/11/2010 Security Update for Windows XP (KB973354)
4/11/2010 Security Update for Windows XP (KB973904)
4/11/2010 Update for Windows XP (KB967715)
4/11/2010 Security Update for Windows XP Service Pack 3 (KB973540)
4/11/2010 Security Update for Outlook Express for Windows XP (KB951066)
4/11/2010 Security Update for Windows XP (KB974392)
4/11/2010 Office 2003 Service Pack 3 (SP3)
4/11/2010 Security Update for Windows XP (KB954459)
4/11/2010 Security Update for Windows XP Service Pack 3 (KB952069)
4/11/2010 Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows 2000, Windows XP, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB953297)
4/11/2010 Security Update for Windows XP (KB977914)
4/11/2010 Security Update for Windows XP (KB970238)
4/11/2010 Security Update for Windows XP (KB978706)
4/11/2010 Security Update for Windows XP (KB960803)
4/11/2010 Security Update for Windows XP (KB973815)
4/11/2010 Security Update for Windows XP (KB958644)
4/11/2010 Security Update for Windows XP (KB955069)
4/11/2010 Security Update for Windows XP (KB956802)
4/11/2010 Update for Windows XP (KB979306)
4/11/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB979895)
4/11/2010 Security Update for Windows XP (KB923561)
4/11/2010 Security Update for Jscript 5.7 for Windows XP (KB971961)
4/11/2010 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB980182)
4/11/2010 Update for Windows XP (KB968389)
4/11/2010 Security Update for Windows XP (KB969947)
4/10/2010 Windows Genuine Advantage Notification (KB905474)
4/10/2010 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
4/10/2010 Update for Windows XP (KB898461)
4/8/2010 Security Update for Windows XP (KB973507)
4/8/2010 Update for Windows XP (KB979306)
Battery
AC line Online
Battery full time Unknown
Battery Charge % 100 %
Battery State High
Amount of time remaining (sec) Unknown
Services
Running Application Layer Gateway Service
Running Automatic Updates
Running Background Intelligent Transfer Service
Running Bluetooth Service
Running Bluetooth Support Service
Running Business Contact Manager SQL Server Startup Service
Running COM+ Event System
Running Computer Browser
Running CryptSvc
Running DCOM Server Process Launcher
Running DHCP Client
Running Distributed Link Tracking Client
Running DNS Client
Running Error Reporting Service
Running Event Log
Running Fast User Switching Compatibility
Running Help and Support
Running HID Input Service
Running iGroupTec Service
Running Infrared Monitor
Running Intel® Active Management Technology Local Management Service
Running Intel® Active Management Technology User Notification Service
Running IPSEC Services
Running Java Quick Starter
Running Kaspersky Anti-Virus Service
Running LightScribeService Direct Disc Labeling Service
Running Logical Disk Manager
Running Machine Debug Manager
Running MBAMService
Running Net Driver HPZ12
Running Network Connections
Running Network Location Awareness (NLA)
Running NkPtpEnumWT3
Running NLS Service
Running NTI Backup Now 5 Agent Service
Running NTI Backup Now 5 Backup Service
Running NTI Backup Now 5 Scheduler Service
Running O2Micro Flash Memory Card Service
Running Personal Secure Drive Service
Running Plug and Play
Running Pml Driver HPZ12
Running Print Spooler
Running Protected Storage
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Remote Registry
Running Secondary Logon
Running Security Accounts Manager
Running Security Center
Running Security Platform Management Service
Running Server
Running ServiceLayer
Running Shell Hardware Detection
Running Smart Card
Running SQL Server VSS Writer
Running SSDP Discovery Service
Running System Event Notification
Running System Restore Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Themes
Running Trusted Platform Core Service
Running Vodafone Mobile Connect Service
Running WebClient
Running Windows Audio
Running Windows Firewall/Internet Connection Sharing (ICS)
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Search
Running Windows Time
Running Wireless Zero Configuration
Running Workstation
Stopped .NET Runtime Optimization Service v2.0.50727_X86
Stopped Alerter
Stopped Application Management
Stopped ASP.NET State Service
Stopped ClipBook
Stopped COM+ System Application
Stopped Distributed Transaction Coordinator
Stopped Extensible Authentication Protocol Service
Stopped Fax
Stopped Google Desktop Manager 5.9.1005.12335
Stopped Google Software Updater
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management Service
Stopped HTTP SSL
Stopped IMAPI CD-Burning COM Service
Stopped Indexing Service
Stopped InstallDriver Table Manager
Stopped Logical Disk Manager Administrative Service
Stopped Messenger
Stopped Microsoft Office Diagnostics Service
Stopped MS Software Shadow Copy Provider
Stopped Net Logon
Stopped Net.Tcp Port Sharing Service
Stopped NetMeeting Remote Desktop Sharing
Stopped Network Access Protection Agent
Stopped Network DDE
Stopped Network DDE DSDM
Stopped Network Provisioning Service
Stopped NT LM Security Support Provider
Stopped Office Source Engine
Stopped Performance Logs and Alerts
Stopped Portable Media Serial Number Service
Stopped QoS RSVP
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Help Session Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Removable Storage
Stopped Routing and Remote Access
Stopped SQL Server (MSSMLBIZ)
Stopped SQL Server Active Directory Helper
Stopped SQL Server Browser
Stopped SwitchBoard
Stopped Telnet
Stopped Uninterruptible Power Supply
Stopped Universal Plug and Play Device Host
Stopped Volume Shadow Copy
Stopped Windows CardSpace
Stopped Windows Installer
Stopped Windows Management Instrumentation Driver Extensions
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Device Tree
ACPI Multiprocessor PC
Microsoft ACPI-Compliant System
Microsoft Windows Management Interface for ACPI
Infineon Trusted Platform Module
Microsoft Windows Management Interface for ACPI
Microsoft Windows Management Interface for ACPI
ACPI Lid
ACPI Sleep Button
Intel® Core™2 Duo CPU P8400 @ 2.26GHz
Intel® Core™2 Duo CPU P8400 @ 2.26GHz
ACPI Thermal Zone
ACPI Thermal Zone
ACPI Fixed Feature Button
PCI bus
Mobile Intel® 45 Express Chipset Series Processor to DRAM Controller - 2A40
Intel® Management Engine Interface
Intel® Active Management Technology - SOL (COM4)
Intel® 82567LM Gigabit Network Connection
Intel® ICH9 Family PCI Express Root Port 1 - 2940
Intel® ICH9 Family PCI Express Root Port 3 - 2944
Intel® ICH9 Family PCI Express Root Port 4 - 2946
Intel® ICH9 Family PCI Express Root Port 5 - 2948
Intel® ICH9 Family SMBus Controller - 2930
Motherboard resources
Mobile Intel® 4 Series Express Chipset Family
Plug and Play Monitor
Plug and Play Monitor
Mobile Intel® 4 Series Express Chipset Family
Plug and Play Monitor
Standard Dual Channel PCI IDE Controller
Primary IDE Channel
Secondary IDE Channel
Intel® ICH9 Family USB Universal Host Controller - 2937
USB Root Hub
TouchStrip Fingerprint Sensor
Intel® ICH9 Family USB Universal Host Controller - 2938
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2939
USB Root Hub
Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
USB Root Hub
USB Composite Device
Acer Crystal Eye Webcam
Microsoft UAA Bus Driver for High Definition Audio
Realtek High Definition Audio
HDAUDIO Soft Data Fax Modem with SmartCP
Intel® ICH9 Family PCI Express Root Port 2 - 2942
Intel® Wireless WiFi Link 5300
Intel® ICH9 Family USB Universal Host Controller - 2934
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2935
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2936
USB Root Hub
Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
USB Root Hub
Intel® 82801 PCI Bridge - 2448
O2Micro OZ711EZ1 MemoryCardBus Controller
O2Micro Integrated MS/MSPRO/xD Controller
O2Micro OZ711EZ1 MemoryCardBus Controller
O2Micro SmartCardBus Reader
O2Micro Integrated MMC/SD controller
O2Micro SD
Generic volume
Texas Instruments OHCI Compliant IEEE 1394 Host Controller
1394 Net Adapter
Intel® ICH9M-E LPC Interface Controller - 2917
ISAPNP Read Data Port
Launch Manager
Synaptics PS/2 Port TouchPad
Direct memory access controller
Intel® 82802 Firmware Hub Device
High precision event timer
Programmable interrupt controller
Numeric data processor
Motherboard resources
System CMOS/real time clock
System timer
Microsoft ACPI-Compliant Embedded Controller
Microsoft ACPI-Compliant Control Method Battery
Microsoft ACPI-Compliant Control Method Battery
Microsoft AC Adapter
Generic Bus
Communications Port (COM1)
IrDA Fast Infrared Port
Printer Port (LPT1)
Printer Port Logical Interface
Intel® ICH9M-E/M SATA AHCI Controller
Hitachi HTS723225L9A360
Optiarc DVD RW AD-7560S
CPU
Intel Mobile Core 2 Duo P8400
Cores 2
Threads 2
Name Intel Mobile Core 2 Duo P8400
Code Name Penryn
Package Socket P (478)
Technology 45nm
Specification Intel® Core™2 Duo CPU P8400 @ 2.26GHz
Family 6
Extended Family 6
Model 7
Extended Model 17
Stepping 6
Revision M0
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, Intel 64
Virtualization Supported, Enabled
Hyperthreading Not supported
Bus Speed 265.9 MHz
Rated Bus Speed 1063.7 MHz
Stock Core Speed 2266 MHz
Stock Bus Speed 266 MHz
Average Temperature 40 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 3072 KBytes
Core 0
Core Speed 2261.3 MHz
Multiplier x 8.5
Bus Speed 265.9 MHz
Rated Bus Speed 1063.7 MHz
Temperature 40 °C
Thread 1
APIC ID 0
Core 1
Core Speed 2261.3 MHz
Multiplier x 8.5
Bus Speed 265.9 MHz
Rated Bus Speed 1063.7 MHz
Temperature 40 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 1
Free memory slots 1
Memory
Type DDR3
Size 2048 MBytes
Channels # Single
DRAM Frequency 531.9 MHz
CAS# Latency (CL) 7 clocks
RAS# to CAS# Delay (tRCD) 7 clocks
RAS# Precharge (tRP) 7 clocks
Cycle Time (tRAS) 20 clocks
Physical Memory
Memory Usage 48 %
Total Physical 1.91 GB
Available Physical MB
Total Virtual 2.00 GB
Available Virtual 1.89 GB
SPD
Number Of SPD Modules 1
Slot #1
Type DDR3
Size 2048 MBytes
Manufacturer Elpida
Max Bandwidth PC3-8500F (533 MHz)
Part Number EBJ21UE8BAU0-AE-E
Serial Number E1DC948C
Week/year 42 / 08
SPD Ext. EPP
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 23
tRC 31
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.500 V
Motherboard
Manufacturer Acer
Model FourPeaks
Version 0100
Chipset Vendor Intel
Chipset Model GM45/GM47
Chipset Revision 07
Southbridge Vendor Intel
Southbridge Model 82801IM (ICH9-M)
Southbridge Revision 03
System Temperature 46 °C
BIOS
Brand Phoenix Technologies LTD
Version V1.09
Date 10/06/2008
PCI Data
Slot Unknown
Slot Type Unknown
Slot Usage Available
Data But Width 32 bit
Slot Designation PEG Slot J6B2
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Data But Width 32 bit
Slot Designation PCI Express Slot J6B1
Slot Number 1
Slot PCI
Slot Type PCI
Slot Usage In Use
Data But Width 32 bit
Slot Designation PCI Express Slot J6D1
Slot Number 2
Slot PCI
Slot Type PCI
Slot Usage Available
Data But Width 32 bit
Slot Designation PCI Express Slot J8B3
Slot Number 3
Slot PCI
Slot Type PCI
Slot Usage Available
Data But Width 32 bit
Slot Designation PCI Express Slot J8D1
Slot Number 4
Slot PCI
Slot Type PCI
Slot Usage Available
Data But Width 32 bit
Slot Designation PCI Express Slot J7B1
Slot Number 5
Slot PCI
Slot Type PCI
Slot Usage Available
Data But Width 32 bit
Slot Designation PCI Express Slot 6
Slot Number 6
Graphics
Monitor
Name Plug and Play Monitor on Mobile Intel 4 Series Express Chipset Family
Current Resolution 1280x800 pixels
Work Resolution 1280x770 pixels
State enabled, primary, output devices support
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Mobile Intel® 4 Series Express Chipset Family
Memory 256 MB
Memory type 2
Driver version 6.14.10.4964
Mobile Intel® 4 Series Express Chipset Family
Memory 256 MB
Memory type 2
Driver version 6.14.10.4964
Hard Drives
Hitachi HTS723225L9A360
Manufacturer Hitachi
Product Family Travelstar
Series Prefix Standard
Speed, Expressed in Revolutions Per Minute (rpm) 7200
Model Capacity For This Specific Drive 320GB
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
48-bit LBA Supported
Serial Number 080808FC1K00NEG1RNMC
Interface SATA
Capacity 244GB
Real size 250,059,350,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 100 (100 worst) Data 0000000000
02 Throughput Performance 100 (100) Data 0000000000
03 Spin-Up Time 245 (245) Data 0000000001
04 Start/Stop Count 099 (099) Data 0000000AE7
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 100 (100) Data 0000000000
08 Seek Time Performance 100 (100) Data 0000000000
09 Power-On Hours (POH) 092 (092) Data 0000000F58
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 099 (099) Data 0000000904
BF G-sense error rate 100 (100) Data 0000000000
C0 Power-off Retract Count 100 (100) Data 000000002C
C1 Load/Unload Cycle Count 094 (094) Data 0000010891
C2 Temperature 117 (117) Data 00000A002F
C4 Reallocation Event Count 100 (100) Data 0000000010
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
DF Load/Unload Retry Count 100 (100) Data 0000000000
Temperature 47 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 9.76 GB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 8C9EA348
Size 112GB
Used Space 71GB (64%)
Free Space 41GB (36%)
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter D:
File System NTFS
Volume Serial Number BE6C5EE9
Size 112GB
Used Space 926MB (1%)
Free Space 111GB (99%)
O2Micro SD
Manufacturer Unknown manufacturer
Capacity 7.82GB
Real size 8,010,072,064 bytes
RAID Type None
S.M.A.R.T
S.M.A.R.T not supported
Partition 0
Partition ID Disk #1, Partition #0
Disk Letter F:
File System FAT32
Volume Serial Number FC303DA9
Size 7.45GB
Used Space 976MB (13%)
Free Space 6.50GB (87%)
Optical Drives
Optiarc DVD RW AD-7560S
Media Type CD-ROM
Name Optiarc DVD RW AD-7560S
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
DriveIntegrity TRUE
Media Loaded TRUE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 1
Size 702 MB
Status OK
Transfer Rate 384 KB/S
Volume Name N360 Backup - #1
Volume Serial Number F089E3B7
Audio
Sound Cards
Realtek High Definition Audio
Bluetooth Hands-free Audio
Bluetooth Stereo Audio
Playback Devices
Realtek HD Audio Input
Bluetooth Hands-free Audio
Recording Devices
Realtek HD Audio output
Bluetooth Hands-free Audio
Speaker Configuration
Speaker type Stereo
Peripherals
Launch Manager
Device Kind Keyboard
Device Name Launch Manager
Location plugged into keyboard port
Driver
Date 1-20-2006
Version 1.2.1.420
File C:\WINDOWS\System32\Drivers\DKbFltr.SYS
File C:\WINDOWS\system32\FILTRCOI.DLL
Synaptics PS/2 Port TouchPad
Device Kind Mouse
Device Name Synaptics PS/2 Port TouchPad
Location plugged into PS/2 mouse port
Driver
Date 2-22-2008
Version 11.0.2.0
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
File C:\WINDOWS\system32\DRIVERS\SynTP.sys
File C:\WINDOWS\system32\SynTPAPI.dll
File C:\WINDOWS\system32\SynCOM.dll
File C:\WINDOWS\system32\SynCtrl.dll
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\fx04.wav
File C:\Program Files\Synaptics\SynTP\SynAcer.exe
File C:\Program Files\Synaptics\SynTP\SynAcerCpl.cpl
File C:\WINDOWS\system32\SynTPCo4.dll
Acer Crystal Eye Webcam
Device Kind Camera/scanner
Device Name Acer Crystal Eye Webcam
Vendor Unknown
Comment Acer Crystal Eye Webcam
Location Location 0
Driver
Date 2-18-2008
Version 5.8.33.501
File C:\WINDOWS\system32\ksuser.dll
File C:\WINDOWS\system32\ksproxy.ax
File C:\WINDOWS\system32\drivers\ks.sys
File C:\WINDOWS\system32\kstvtune.ax
File C:\WINDOWS\system32\ksxbar.ax
File C:\WINDOWS\system32\kswdmcap.ax
File C:\WINDOWS\system32\vidcap.ax
File C:\WINDOWS\system32\vfwwdm32.dll
File C:\WINDOWS\system32\iyuv_32.dll
File C:\WINDOWS\system32\msh263.drv
File C:\WINDOWS\system32\msyuv.dll
File C:\WINDOWS\system32\tsbyuv.dll
File C:\WINDOWS\system32\drivers\snp2uvc.sys
File C:\WINDOWS\system32\drivers\sncduvc.sys
File C:\WINDOWS\system32\vsnp2uvc.dll
File C:\WINDOWS\system32\rsnp2uvc.dll
File C:\WINDOWS\PLFSetL.exe
File C:\WINDOWS\PidList.ini
File C:\WINDOWS\system32\csnp2uvc.dll
Network
You are not connected to the internet
Computer Name
NetBIOS Name LUNGI-2010
DNS Name Lungi-2010
Domain Name LUNGI-2010
Remote Desktop
Console
State Active
Domain LUNGI-2010
WinInet Info
An internal error occurred.
Wi-Fi Info
Using native Wi-Fi API version 1
Available access points count 1
Wi-Fi (PSP_AULJS00049_L_Lobby-adhoc)
SSID PSP_AULJS00049_L_Lobby-adhoc
Name No name
Signal Strength/Quality 0
Security Disabled
State The interface is not connected to any network
Dot11 Type Independent BSS (IBSS) network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network No Cipher algorithm is enabled/supported
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect Yes
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Adapters List
Intel® Wireless WiFi Link 5300 - Packet Scheduler Miniport
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Intel® 82567LM Gigabit Network Connection - Packet Scheduler Miniport
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Network Shares
No network shares

Regards
Bhele

#8
RKinner

Posted 20 September 2011 - 09:01 AM

Malware Expert

Expert
24,625 posts

Uninstall Intel® Active Management Technology

it's having problems and you don't need it unless you are part of a large corporation.

http://software.inte...ead.php?t=67870
http://en.wikipedia....ment_Technology

Turn Off windows Search.

Right click on Computer and select Manage then Services and Applications then Services. Find Windows Search and right click and select Properties then change the Startup Type: to Disabled. Apply. Stop the service.

Is there some reason you are running SQL? You might try stopping the service as above and see if something else complains if you are not using it yourself. You can always change it back to Automatic or delayed Automatic whatever it is set to now.

Error - 2011/09/18 11:35:42 PM | Computer Name = LUNGI-2010 | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft SQL Server 2005 Express Edition -- Error 29503.
The SQL Server service failed to start. For more information, see the SQL Server
Books Online topics, "How to: View SQL Server 2005 Setup Log Files" and "Starting
SQL Server Manually." The error is (3417) .

After you do that, Clear the event logs as you just did and reboot then rerun Vino's Event Viewer and post the logs. Any improvement in speed?

Ron

#9
Bhele

Posted 21 September 2011 - 12:56 AM

Member

Topic Starter
Member
23 posts

Dear Ron,

1. Uninstall Intel Active Management Technology – done ?

2. Not too sure what the following mean:-

it's having problems and you don't need it unless you are part of a large corporation.

http://software.inte...ead.php?t=67870
http://en.wikipedia....ment_Technology

3. Turn Off windows Search. – Done

4. Why run SQL? - not too sure why it was activated to run. Maybe this was one of the defaults during setting up (loading of the programs)

5. Stopping SQL – here got into shaky grounds. Looking into Computer Management ( same place where In saw Service and Applications, there were three items under SQL Server Configuration Manger. These are 1) SQL Server 2005 Services ; 2) SQL Server 2005 Network Configuration and 3) SQL Native Client Configuration. I was uncertain as to which one must I STOP running.

6. You got me puzzled with the following code. Excuse my limited knowledge – is there anything that I need to do with it ?

Error - 2011/09/18 11:35:42 PM | Computer Name = LUNGI-2010 | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft SQL Server 2005 Express Edition -- Error 29503.
The SQL Server service failed to start. For more information, see the SQL Server
Books Online topics, "How to: View SQL Server 2005 Setup Log Files" and "Starting
SQL Server Manually." The error is (3417).

7. I did not CLEAR the event logs and re-run the Vino’s Event Viewer until I completed the above.

The speed on the computer is incredibly improved . Thank you ever so much for your assistance.
Regards
Bhele

#10
RKinner

Posted 21 September 2011 - 08:34 AM

Malware Expert

Expert
24,625 posts

The two links were just in case you wanted to read more about the program we were uninstalling.

The thing you called code was just the error I was seeing with SQL. It also gave some advice on how to read the SQL logs in case you were running SQL for a reason and wanted to try and fix it. I think you can turn all three SQL services off. If something complains or stops working then you can turn them back on again.

It appears that the Intel program was the major problem but go ahead and turn off the three SQL services then clear the logs, reboot and run Vino's again and post the log.

Ron

#11
Bhele

Posted 24 September 2011 - 12:20 AM

Member

Topic Starter
Member
23 posts

Dear Ron,

Stopping SQL , I did the following :-
+ Action – SQL Server (MSSMLBIZ) state = it had “stopped”
+Action – SQL Server Browser , state = it had “stopped”

For SQL Server 2005 Network Configuration - there is a Protocols for MSSMLBIZ . with Force Encryption = No , and Hide Instance = No.

SQL Native Client Configuration - there is a Client Protocols = Disabled Protocols are VIA, enabled protocols are TCIP/IP and Named Pipes. Enabled Shared Memory Protocol.

Hope I have them properly closed.

Logs after running VINO on Applications

Vino's Event Viewer v01c run on Windows XP in English
Report run at 24/09/2011 08:07:45 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 24/09/2011 05:36:08 AM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
Product: Microsoft SQL Server 2005 Express Edition -- Error 29503. The SQL Server service failed to start. For more information, see the SQL Server Books Online topics, "How to: View SQL Server 2005 Setup Log Files" and "Starting SQL Server Manually."
The error is (3417) .

Log: 'Application' Date/Time: 24/09/2011 05:36:07 AM
Type: error Category: 2
Event: 17204 Source: MSSQL$MSSMLBIZ
FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\mastlog.ldf for file number 2. OS error: 5(Access is denied.).

Log: 'Application' Date/Time: 24/09/2011 05:36:07 AM
Type: error Category: 2
Event: 17207 Source: MSSQL$MSSMLBIZ
FCB::Open: Operating system error 5(Access is denied.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\mastlog.ldf'. Diagnose and correct the operating system error, and retry the operation.

Log: 'Application' Date/Time: 24/09/2011 05:36:07 AM
Type: error Category: 2
Event: 17204 Source: MSSQL$MSSMLBIZ
FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf for file number 1. OS error: 5(Access is denied.).

Log: 'Application' Date/Time: 24/09/2011 05:36:07 AM
Type: error Category: 2
Event: 17207 Source: MSSQL$MSSMLBIZ
FCB::Open: Operating system error 5(Access is denied.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf'. Diagnose and correct the operating system error, and retry the operation.

Log: 'Application' Date/Time: 24/09/2011 05:29:18 AM
Type: error Category: 0
Event: 0 Source: VMCService
conflictManagerTypeValue

Log: 'Application' Date/Time: 23/09/2011 06:15:27 PM
Type: error Category: 0
Event: 2 Source: LMS
LMS Service cannot connect to HECI driver

Log: 'Application' Date/Time: 23/09/2011 06:09:33 PM
Type: error Category: 0
Event: 0 Source: VMCService
conflictManagerTypeValue

Log: 'Application' Date/Time: 23/09/2011 05:48:52 PM
Type: error Category: 0
Event: 2 Source: LMS
LMS Service cannot connect to HECI driver

Log: 'Application' Date/Time: 23/09/2011 05:33:11 PM
Type: error Category: 0
Event: 0 Source: VMCService
conflictManagerTypeValue

Log: 'Application' Date/Time: 23/09/2011 04:05:01 PM
Type: error Category: 0
Event: 2 Source: LMS
LMS Service cannot connect to HECI driver

Log: 'Application' Date/Time: 23/09/2011 03:34:08 PM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 23/09/2011 03:33:58 PM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 23/09/2011 03:33:56 PM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 23/09/2011 03:33:45 PM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 23/09/2011 03:33:31 PM
Type: error Category: 0
Event: 0 Source: VMCService
conflictManagerTypeValue

Log: 'Application' Date/Time: 23/09/2011 11:22:45 AM
Type: error Category: 0
Event: 2 Source: LMS
LMS Service cannot connect to HECI driver

Log: 'Application' Date/Time: 23/09/2011 09:32:50 AM
Type: error Category: 0
Event: 0 Source: VMCService
conflictManagerTypeValue

Log: 'Application' Date/Time: 23/09/2011 08:59:56 AM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 23/09/2011 08:59:44 AM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 23/09/2011 04:05:01 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 23/09/2011 01:14:19 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 23/09/2011 01:13:07 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\KTS registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 23/09/2011 07:42:04 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\KTS registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 23/09/2011 07:41:44 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 22/09/2011 12:42:41 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\KTS registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 22/09/2011 12:37:24 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 22/09/2011 09:44:34 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 22/09/2011 09:43:54 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\KTS registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 21/09/2011 11:32:53 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 21/09/2011 10:57:48 PM
Type: warning Category: 1
Event: 32066 Source: Microsoft Fax
At least one of the devices in the outgoing routing group is not valid. Group name: '<All devices>'

Log: 'Application' Date/Time: 21/09/2011 10:56:52 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 21/09/2011 08:18:39 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 21/09/2011 06:21:58 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\KTS registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 21/09/2011 06:16:45 AM
Type: warning Category: 0
Event: 36 Source: Outlook
Outlook Search has encountered an error and is temporarily disabling indexing for store C:\Documents and Settings\Lungi\Local Settings\Application Data\Microsoft\Outlook\archive1.pst (error=0x80070422).

Log: 'Application' Date/Time: 21/09/2011 06:16:45 AM
Type: warning Category: 0
Event: 36 Source: Outlook
Outlook Search has encountered an error and is temporarily disabling indexing for store C:\Documents and Settings\Lungi\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst (error=0x80070422).

Log: 'Application' Date/Time: 20/09/2011 11:31:41 PM
Type: warning Category: 3
Event: 3036 Source: Windows Search Service
The content source <iehistory://{s-1-5-21-3399821252-3749218566-4148857419-1008}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
The filtering was stopped because of a user action, such as stopping the crawl. (0x80040d54)

Log: 'Application' Date/Time: 20/09/2011 11:35:29 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\KTS registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 20/09/2011 11:35:12 AM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 19/09/2011 11:46:12 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Logs after running VINO on Applications
Vino's Event Viewer v01c run on Windows XP in English
Report run at 24/09/2011 08:10:40 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/09/2011 08:00:09 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 08:00:08 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 07:37:26 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 41.29.107.116 for the Network Card with network address 001E101F5031 has been denied by the DHCP server 41.26.131.129 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 24/09/2011 07:34:13 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 07:31:06 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 41.28.219.21 for the Network Card with network address 001E101F5031 has been denied by the DHCP server 41.29.107.113 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 24/09/2011 06:58:57 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 06:58:57 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 06:44:59 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 06:44:58 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 06:42:19 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 05:38:25 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 05:36:50 AM
Type: error Category: 8
Event: 20 Source: Windows Update Agent
Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332).

Log: 'System' Date/Time: 24/09/2011 05:36:07 AM
Type: error Category: 0
Event: 7024 Source: Service Control Manager
The SQL Server (MSSMLBIZ) service terminated with service-specific error 3417 (0xD59).

Log: 'System' Date/Time: 24/09/2011 05:33:25 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 05:33:24 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 05:27:10 AM
Type: error Category: 0
Event: 10010 Source: DCOM
The server {8D9BB053-FEE5-4411-B6F5-F1E37DDC3106} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 23/09/2011 06:15:32 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 23/09/2011 06:11:02 PM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The Kaspersky Anti-Virus Service service hung on starting.

Log: 'System' Date/Time: 23/09/2011 06:10:31 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 23/09/2011 06:10:23 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/09/2011 12:58:43 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00216A0A300E. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 23/09/2011 12:58:31 PM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 23/09/2011 11:40:13 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 23/09/2011 07:24:02 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe"

Log: 'System' Date/Time: 23/09/2011 07:23:18 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 23/09/2011 06:54:56 AM
Type: warning Category: 0
Event: 240 Source: Win32k
A request to suspend power was denied by setup.exe.

Log: 'System' Date/Time: 23/09/2011 06:41:20 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 22/09/2011 10:30:44 PM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 22/09/2011 12:38:16 PM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "SAS window"

Log: 'System' Date/Time: 22/09/2011 12:38:16 PM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "SAS window"

Log: 'System' Date/Time: 22/09/2011 12:38:12 PM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "SAS window"

Log: 'System' Date/Time: 21/09/2011 11:33:00 PM
Type: warning Category: 0
Event: 240 Source: Win32k
A request to suspend power was denied by winlogon.exe.

Log: 'System' Date/Time: 21/09/2011 10:58:45 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "SAS window"

Log: 'System' Date/Time: 21/09/2011 10:58:44 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "SAS window"

Log: 'System' Date/Time: 21/09/2011 10:58:43 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "SAS window"

Log: 'System' Date/Time: 21/09/2011 09:38:42 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 21/09/2011 09:38:42 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 21/09/2011 05:31:09 AM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 20/09/2011 11:59:57 PM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Log: 'System' Date/Time: 20/09/2011 10:51:14 PM
Type: warning Category: 0
Event: 256 Source: PlugPlayManager
Timed out sending notification of device interface change to window of "\??\C:\WINDOWS\system32\winlogon.exe"

Thank you and regards,
Bhele.

#12
RKinner

Posted 24 September 2011 - 09:12 AM

Malware Expert

Expert
24,625 posts

Can you clear the events:

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

They build up in the event log and I can't see if your changes make a difference.

After you clear the event log, please run Vino's again and post the log.

Also:

Start, (All) Programs, Accessories, then right click on Command Prompt and Run As Administrator then type:

sc  query  >  \junk.txt

notepad  \junk.txt

Copy and paste the text from notepad into a reply.

Ron

#13
Bhele

Posted 24 September 2011 - 10:44 AM

Member

Topic Starter
Member
23 posts

Dear Ron,
Find following :-

1. Cleared logs System and Appplications

2. Vino Applications
Vino's Event Viewer v01c run on Windows XP in English
Report run at 24/09/2011 06:25:15 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 24/09/2011 06:20:17 PM
Type: error Category: 0
Event: 0 Source: VMCService
conflictManagerTypeValue

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 24/09/2011 06:18:37 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user LUNGI-2010\Lungi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
3. Vino on System
Vino's Event Viewer v01c run on Windows XP in English
Report run at 24/09/2011 06:26:52 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/09/2011 06:22:57 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 24/09/2011 06:22:52 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Running as Administator
SERVICE_NAME: ALG
DISPLAY_NAME: Application Layer Gateway Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: AudioSrv
DISPLAY_NAME: Windows Audio
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: AVP
DISPLAY_NAME: Kaspersky Anti-Virus Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: BcmSqlStartupSvc
DISPLAY_NAME: Business Contact Manager SQL Server Startup Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: BITS
DISPLAY_NAME: Background Intelligent Transfer Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Browser
DISPLAY_NAME: Computer Browser
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: BthServ
DISPLAY_NAME: Bluetooth Support Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: btwdins
DISPLAY_NAME: Bluetooth Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: BUNAgentSvc
DISPLAY_NAME: NTI Backup Now 5 Agent Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: CryptSvc
DISPLAY_NAME: CryptSvc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: DcomLaunch
DISPLAY_NAME: DCOM Server Process Launcher
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Dhcp
DISPLAY_NAME: DHCP Client
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: dmserver
DISPLAY_NAME: Logical Disk Manager
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Dnscache
DISPLAY_NAME: DNS Client
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: ERSvc
DISPLAY_NAME: Error Reporting Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Eventlog
DISPLAY_NAME: Event Log
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: EventSystem
DISPLAY_NAME: COM+ Event System
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: FastUserSwitchingCompatibility
DISPLAY_NAME: Fast User Switching Compatibility
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: helpsvc
DISPLAY_NAME: Help and Support
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: HidServ
DISPLAY_NAME: HID Input Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: IFXSpMgtSrv
DISPLAY_NAME: Security Platform Management Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: IFXTCS
DISPLAY_NAME: Trusted Platform Core Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: IGBASVC
DISPLAY_NAME: iGroupTec Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Irmon
DISPLAY_NAME: Infrared Monitor
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: JavaQuickStarterService
DISPLAY_NAME: Java Quick Starter
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: LanmanServer
DISPLAY_NAME: Server
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: lanmanworkstation
DISPLAY_NAME: Workstation
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: LightScribeService
DISPLAY_NAME: LightScribeService Direct Disc Labeling Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: LmHosts
DISPLAY_NAME: TCP/IP NetBIOS Helper
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: LMS
DISPLAY_NAME: Intel® Active Management Technology Local Management Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: MBAMService
DISPLAY_NAME: MBAMService
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: MDM
DISPLAY_NAME: Machine Debug Manager
TYPE : 110 WIN32_OWN_PROCESS (interactive)
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Net Driver HPZ12
DISPLAY_NAME: Net Driver HPZ12
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Netman
DISPLAY_NAME: Network Connections
TYPE : 120 WIN32_SHARE_PROCESS (interactive)
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: NkPtpEnumWT3
DISPLAY_NAME: NkPtpEnumWT3
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Nla
DISPLAY_NAME: Network Location Awareness (NLA)
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: nlsX86cc
DISPLAY_NAME: NLS Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: NTIBackupSvc
DISPLAY_NAME: NTI Backup Now 5 Backup Service
TYPE : 110 WIN32_OWN_PROCESS (interactive)
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: NTISchedulerSvc
DISPLAY_NAME: NTI Backup Now 5 Scheduler Service
TYPE : 110 WIN32_OWN_PROCESS (interactive)
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: o2flash
DISPLAY_NAME: O2Micro Flash Memory Card Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: PersonalSecureDriveService
DISPLAY_NAME: Personal Secure Drive Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: PlugPlay
DISPLAY_NAME: Plug and Play
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Pml Driver HPZ12
DISPLAY_NAME: Pml Driver HPZ12
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: PolicyAgent
DISPLAY_NAME: IPSEC Services
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: ProtectedStorage
DISPLAY_NAME: Protected Storage
TYPE : 120 WIN32_SHARE_PROCESS (interactive)
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: RasMan
DISPLAY_NAME: Remote Access Connection Manager
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: RemoteRegistry
DISPLAY_NAME: Remote Registry
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: RpcSs
DISPLAY_NAME: Remote Procedure Call (RPC)
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SamSs
DISPLAY_NAME: Security Accounts Manager
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SCardSvr
DISPLAY_NAME: Smart Card
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Schedule
DISPLAY_NAME: Task Scheduler
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: seclogon
DISPLAY_NAME: Secondary Logon
TYPE : 120 WIN32_SHARE_PROCESS (interactive)
STATE : 4 RUNNING
(NOT_STOPPABLE,PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SENS
DISPLAY_NAME: System Event Notification
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: ServiceLayer
DISPLAY_NAME: ServiceLayer
TYPE : 110 WIN32_OWN_PROCESS (interactive)
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SharedAccess
DISPLAY_NAME: Windows Firewall/Internet Connection Sharing (ICS)
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: ShellHWDetection
DISPLAY_NAME: Shell Hardware Detection
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Spooler
DISPLAY_NAME: Print Spooler
TYPE : 110 WIN32_OWN_PROCESS (interactive)
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SQLWriter
DISPLAY_NAME: SQL Server VSS Writer
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: srservice
DISPLAY_NAME: System Restore Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SSDPSRV
DISPLAY_NAME: SSDP Discovery Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: stisvc
DISPLAY_NAME: Windows Image Acquisition (WIA)
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: TapiSrv
DISPLAY_NAME: Telephony
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: TermService
DISPLAY_NAME: Terminal Services
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Themes
DISPLAY_NAME: Themes
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: TrkWks
DISPLAY_NAME: Distributed Link Tracking Client
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: UNS
DISPLAY_NAME: Intel® Active Management Technology User Notification Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: VMCService
DISPLAY_NAME: Vodafone Mobile Connect Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: W32Time
DISPLAY_NAME: Windows Time
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WebClient
DISPLAY_NAME: WebClient
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: winmgmt
DISPLAY_NAME: Windows Management Instrumentation
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: wscsvc
DISPLAY_NAME: Security Center
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: wuauserv
DISPLAY_NAME: Automatic Updates
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WZCSVC
DISPLAY_NAME: Wireless Zero Configuration
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

Thanks
Bhele.

#14
RKinner

Posted 24 September 2011 - 11:17 AM

Malware Expert

Expert
24,625 posts

See if you can find Windows Desktop Search service: Start, Run, services.msc , OK

IF you find it right click on it and select Properties then change the Startup Type: to Disabled then Apply.

Install UPHClean per the instructions in the middle of this page:
http://support.microsoft.com/kb/837115

Other than that the only error is the VMC which is something to do with Vodafone Mobile Connect Service. Not sure what that is.

Ron

#15
Bhele

Posted 25 September 2011 - 12:46 AM

Member

Topic Starter
Member
23 posts

Dear Ron,

Trying to find Windows Desktop Search so as to run Run, services.msc.

Result ; Starting Services(local) I got Windows Search ( and not Windows Desktop Search). Looking at its Status it was Disabled.

I have now installed UPHClean.

Lastly the VMC is a Data card that makes my computer to connect to the Web to either go on the Internet or emails, using a SIM CARD like the cellphone. It is a product of VODAFONE. What software it loads or how it works, I really do not know. I think I am going to leave it as is – as I am currently able to archieve what it was intended for.

Thank you again for your assistance.

Bhele