Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unable to resolve "Limited or no connectivity" on XP - malware


  • Please log in to reply

#1
LBToronto

LBToronto

    Member

  • Member
  • PipPip
  • 23 posts
One of the desktop PCs on my home network has suddenly gone into a "limited or no connectivity" network error.
The PC is connected by an ethernet cable to my Bell router. I have tested the cable by swapping with other PCs and it is fine. Connectivity with the other PCs and game consoles in the house are fine, both wired and wireless.
For the PC with the problem MS Help and Support Center scan shows that the PC can't reach the DHCPServer.
I have tried the usual power-down/cycling of the router, "Repair" from the network tray icon, command line ipconfig release-renew, checked that DHCP services are running, etc. I have also tried "netsh interface ipv6 uninstall" in case IPV6 got installed somehow on XP, as well as trying the WinSock XP Fix. None of these have fixed the networking problem so at this point I'm assuming malware of some type.

My OTL quick scan log is below. Please take a look and let me know if you can help. Thanks!

=======

OTL logfile created on: 2011.10.02 6:05:10 PM - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Lenn\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy.MM.dd

1.94 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 81.32% Memory free
2.92 Gb Paging File | 2.67 Gb Available in Paging File | 91.64% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 69.28 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 6.78 Gb Free Space | 90.68% Space Free | Partition Type: FAT32

Computer Name: BONDMAN | User Name: Lenn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.02 17:23:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
PRC - [2008.04.13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.03.30 21:07:12 | 000,132,656 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\TabUserW.exe
PRC - [2007.03.30 21:06:26 | 001,189,424 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe
PRC - [2006.04.05 22:31:52 | 000,057,344 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\main\atidtct.exe
PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005.05.12 01:40:38 | 000,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2005.05.12 00:23:26 | 000,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2005.05.12 00:16:22 | 000,077,824 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
PRC - [2005.03.08 03:33:00 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2002.07.02 18:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE


========== Modules (No Company Name) ==========

MOD - [2011.08.14 22:57:33 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011.08.14 22:54:37 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011.08.14 22:51:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011.08.14 22:51:36 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011.08.14 22:51:09 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011.08.14 22:48:42 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011.08.14 22:47:38 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2011.08.14 22:47:35 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.07.01 13:13:50 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010.02.05 14:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009.03.23 21:14:48 | 000,051,716 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2008.04.13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008.01.11 19:08:22 | 000,094,720 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2007.03.30 21:06:26 | 001,189,424 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Tablet.exe -- (TabletService)
SRV - [2006.12.22 08:31:50 | 000,108,712 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
SRV - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2009.02.13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.07.17 17:45:56 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2008.04.13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.02.16 15:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.16 14:30:12 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2006.10.09 13:58:48 | 000,203,648 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2006.05.03 12:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.23 11:38:00 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.04.12 19:21:32 | 000,022,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2005.04.12 19:21:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2005.04.12 19:21:28 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2005.04.12 19:21:26 | 000,045,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2004.10.07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004.08.03 21:08:40 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC)
DRV - [2004.08.03 21:08:36 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2004.08.03 21:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004.08.03 21:08:08 | 000,064,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2004.08.03 21:07:52 | 000,053,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2004.08.03 21:06:38 | 000,078,336 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2002.07.24 14:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002.07.19 11:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002.07.19 11:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002.07.19 11:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002.07.19 11:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002.07.19 11:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002.07.19 11:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001.08.23 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.08.23 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001.08.17 13:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001.08.17 13:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001.08.17 13:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001.08.17 13:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001.08.17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001.08.17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 09:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [1999.12.17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.c...lt&ltmplcache=2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "https://mail.google....eck.com/#inbox"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.26 21:41:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.01 14:41:28 | 000,000,000 | ---D | M]

[2009.06.20 09:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Extensions
[2011.10.02 14:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions
[2010.05.29 21:57:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.26 21:09:38 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.11.03 17:51:51 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011.10.02 14:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.01 14:41:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2008.12.13 16:09:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011.10.02 18:01:35 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\atidtct.exe (ATI Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1168487938514 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F712F6DE-DFDF-4D19-A0C8-79AEFF31F5D5}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.10 11:39:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell - "" = AutoRun
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell\AutoRun\command - "" = G:\DTSP_Launcher.exe
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{f7e133e5-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = J:\Windows\bin\eblSetup.exe
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.10.02 17:38:57 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Lenn\Desktop\WinsockxpFix.exe
[2011.10.02 17:24:13 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
[2007.01.11 21:27:43 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.10.02 18:08:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2011.10.02 18:04:33 | 000,013,002 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.02 18:04:19 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.02 18:03:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.02 18:01:35 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.10.02 17:38:58 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Lenn\Desktop\WinsockxpFix.exe
[2011.10.02 17:37:15 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.02 17:23:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
[2011.09.29 17:27:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.09.11 22:09:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\HP DArC Task #Hewlett-Packard#140#CN3611207K6P.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.06.26 22:09:09 | 000,032,812 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009.03.23 21:15:55 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2009.03.23 21:14:49 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2009.03.23 21:14:48 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2009.02.18 20:35:26 | 000,003,207 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.02.18 20:35:22 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.03.16 17:32:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.12.25 19:37:08 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007.12.16 23:12:54 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Lenn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.24 13:33:33 | 000,000,459 | ---- | C] () -- C:\WINDOWS\iScreensaver.ini
[2007.04.21 10:39:38 | 000,000,105 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007.03.18 14:03:35 | 000,000,978 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007.02.14 17:12:58 | 000,000,164 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007.01.31 11:26:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007.01.31 11:23:20 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.01.11 23:10:12 | 000,112,949 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2007.01.11 23:10:11 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2007.01.11 23:05:13 | 000,006,371 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2007.01.11 23:04:43 | 000,018,283 | ---- | C] () -- C:\WINDOWS\HPHins01.dat
[2007.01.11 23:04:43 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat
[2007.01.11 22:23:24 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000002-80611102}.dat
[2007.01.11 22:23:24 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000A-00001102-00000002-80611102}.dat
[2007.01.11 21:28:08 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2007.01.11 21:28:08 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2007.01.11 21:28:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007.01.11 21:27:45 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2007.01.11 21:27:45 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007.01.11 21:27:43 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2007.01.11 21:27:43 | 000,179,669 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2007.01.11 21:27:43 | 000,164,044 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2007.01.11 21:27:43 | 000,113,373 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat
[2007.01.11 21:27:43 | 000,113,273 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2007.01.11 21:27:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2007.01.11 21:27:43 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2007.01.11 21:27:43 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2007.01.11 21:27:43 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007.01.11 21:14:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.01.11 07:28:03 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.01.11 07:26:53 | 000,169,896 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.01.11 01:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007.01.11 00:42:34 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2007.01.10 11:42:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.01.10 11:37:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.04.28 16:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2004.01.28 12:42:06 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2004.01.28 12:42:06 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2004.01.28 12:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003.01.07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.08.23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.23 08:00:00 | 000,435,688 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.23 08:00:00 | 000,068,584 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.23 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.23 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001.08.23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.07.06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000.04.25 14:58:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wrkgadm.exe

========== LOP Check ==========

[2011.01.07 00:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011.09.04 13:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011.06.26 21:29:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008.01.19 18:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2009.07.25 15:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2007.08.26 11:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2011.09.04 13:08:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011.05.13 07:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2008.01.19 14:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007.04.21 10:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2011.06.26 21:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.06.26 21:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenn\Application Data\AVG10
[2009.08.01 17:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenn\Application Data\FileZilla
[2009.07.25 15:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenn\Application Data\GARMIN
[2008.11.14 14:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenn\Application Data\Image Zone Express
[2007.08.24 13:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenn\Application Data\iScreensaver
[2008.06.14 11:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenn\Application Data\Opera
[2009.03.23 21:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenn\Application Data\pdf995

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
  • 0

Advertisements


#2
Amlak

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Welcome to GTG. Let's help you out with your computer issue(s).

Before we start, make sure you carefully read what I have to say. Don't skip anything. You may even want to have this all printed out in case you're forced to exit this window.

You may also notice some delay with my responses later on. This is due to me still in training and, so, my posts first need to be approved before submitted.

Note that this may not necessarily be a software/driver issue. It could be a faulty network card (hope not).

Step 1

aswMBR

  • Download aswMBR.exe to your desktop.
  • Double click the aswMBR.exe to run it
  • Click the [Scan] button to start scan
  • On completion of the scan click [Save log], save it to your desktop and post in your next reply

  • 0

#3
LBToronto

LBToronto

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Thanks Amlak! aswMBR log is below. Of course, with no network connectivity on that PC I was unable to download the avast virus definitions when it prompted.

=========

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-02 19:30:19
-----------------------------
19:30:19.500 OS Version: Windows 5.1.2600 Service Pack 3
19:30:19.500 Number of processors: 1 586 0x801
19:30:19.500 ComputerName: BONDMAN UserName: Lenn
19:30:19.984 Initialize success
19:30:37.593 AVAST engine download error: 0
19:30:43.515 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:30:43.515 Disk 0 Vendor: WDC_WD1200JB-00FUA0 15.05R15 Size: 114473MB BusType: 3
19:30:45.531 Disk 0 MBR read successfully
19:30:45.531 Disk 0 MBR scan
19:30:45.531 Disk 0 Windows XP default MBR code
19:30:45.531 Disk 0 scanning sectors +234420480
19:30:45.593 Disk 0 scanning C:\WINDOWS\system32\drivers
19:30:52.781 Service scanning
19:30:54.062 Modules scanning
19:30:58.218 Disk 0 trace - called modules:
19:30:58.234 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
19:30:58.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a725ab8]
19:30:58.250 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000066[0x8a6cca68]
19:30:58.765 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a729940]
19:30:58.781 Scan finished successfully
19:31:13.343 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lenn\Desktop\MBR.dat"
19:31:13.359 The log file has been saved successfully to "C:\Documents and Settings\Lenn\Desktop\aswMBR.txt"
  • 0

#4
Amlak

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Questions: Do you know what's your motherboard make and model? And do you have an extra network card installed or is it onboard? If so, let me know.

Step 1

Device Manager

Click on the Start button and then click on Run. Type in the following:

devmgmt.msc

Do you see any yellow exclamation marks there? If so, next to which entries?


Step 2

OTL

Run OTL.

  • Check All under Extra Registry checkbox section.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    msconfig
    safebootminimal
    safebootnetwork
    activex
    netsvcs
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\*.*
    %systemroot%\Tasks\*.job
    G:\Recycled
    
  • Click the Run Scan button at the top.
  • Make sure you paste the contents for both logs it produces in your next reply.

  • 0

#5
LBToronto

LBToronto

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Questions:
Mobo is an ASRock K7VM3. Network card is onboard, no others installed.

Step 1:
Under the device manager there are no yellow exclamation marks. Under network adapters there is only one showing: "VIA Compatible Fast Ethernet Adapter", and under properties it reports that "This device is working properly" and shows the driver as Microsoft/2001.07.01/2.66.0.290.

Step 2:
OTL logs are below (OTL.txt then Extras.txt):

OTL logfile created on: 2011.10.02 9:52:31 PM - Run 4
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Lenn\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy.MM.dd

1.94 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 80.17% Memory free
2.92 Gb Paging File | 2.67 Gb Available in Paging File | 91.48% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 69.28 Gb Free Space | 61.97% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 6.78 Gb Free Space | 90.66% Space Free | Partition Type: FAT32

Computer Name: BONDMAN | User Name: Lenn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.02 17:23:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
PRC - [2008.04.13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.03.30 21:07:12 | 000,132,656 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\TabUserW.exe
PRC - [2007.03.30 21:06:26 | 001,189,424 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe
PRC - [2006.04.05 22:31:52 | 000,057,344 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\main\atidtct.exe
PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005.05.12 01:40:38 | 000,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2005.05.12 00:23:26 | 000,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2005.05.12 00:16:22 | 000,077,824 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
PRC - [2005.03.08 03:33:00 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2002.07.02 18:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE


========== Modules (No Company Name) ==========

MOD - [2011.08.14 22:57:33 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011.08.14 22:54:37 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011.08.14 22:51:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011.08.14 22:51:36 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011.08.14 22:51:09 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011.08.14 22:48:42 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011.08.14 22:47:38 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2011.08.14 22:47:35 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.07.01 13:13:50 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010.02.05 14:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009.03.23 21:14:48 | 000,051,716 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2008.04.13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008.01.11 19:08:22 | 000,094,720 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2005.10.19 10:17:58 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2007.03.30 21:06:26 | 001,189,424 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Tablet.exe -- (TabletService)
SRV - [2006.12.22 08:31:50 | 000,108,712 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
SRV - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2009.02.13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.07.17 17:45:56 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2008.04.13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.02.16 15:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.16 14:30:12 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2006.10.09 13:58:48 | 000,203,648 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2006.05.03 12:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.23 11:38:00 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.04.12 19:21:32 | 000,022,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2005.04.12 19:21:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2005.04.12 19:21:28 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2005.04.12 19:21:26 | 000,045,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2004.10.07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004.08.03 21:08:40 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC)
DRV - [2004.08.03 21:08:36 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2004.08.03 21:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004.08.03 21:08:08 | 000,064,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2004.08.03 21:07:52 | 000,053,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2004.08.03 21:06:38 | 000,078,336 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2002.07.24 14:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002.07.19 11:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002.07.19 11:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002.07.19 11:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002.07.19 11:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002.07.19 11:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002.07.19 11:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001.08.23 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.08.23 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001.08.17 13:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001.08.17 13:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001.08.17 13:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001.08.17 13:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001.08.17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001.08.17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 09:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [1999.12.17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.c...lt&ltmplcache=2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "https://mail.google....eck.com/#inbox"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.26 21:41:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.01 14:41:28 | 000,000,000 | ---D | M]

[2009.06.20 09:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Extensions
[2011.10.02 14:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions
[2010.05.29 21:57:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.26 21:09:38 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.11.03 17:51:51 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011.10.02 14:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.01 14:41:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2008.12.13 16:09:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011.10.02 18:01:35 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\atidtct.exe (ATI Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1168487938514 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F712F6DE-DFDF-4D19-A0C8-79AEFF31F5D5}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.10 11:39:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell - "" = AutoRun
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell\AutoRun\command - "" = G:\DTSP_Launcher.exe
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{f7e133e5-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = J:\Windows\bin\eblSetup.exe
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - Services: "AVG Anti-Spyware Guard"
MsConfig - Services: "WZCSVC"
MsConfig - Services: "ose"
MsConfig - Services: "AdobeActiveFileMonitor5.0"
MsConfig - StartUpReg: Adobe Photo Downloader - hkey= - key= - C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ATI Launchpad - hkey= - key= - File not found
MsConfig - StartUpReg: ATI Scheduler - hkey= - key= - C:\Program Files\ATI Multimedia\main\AtiSched.exe (ATI Technologies Inc.)
MsConfig - StartUpReg: HP Component Manager - hkey= - key= - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: HPDJ Taskbar Utility - hkey= - key= - File not found
MsConfig - StartUpReg: HPHmon05 - hkey= - key= - File not found
MsConfig - StartUpReg: HPHUPD05 - hkey= - key= - C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
MsConfig - StartUpReg: Jet Detection - hkey= - key= - C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011.10.02 19:30:12 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Lenn\Desktop\aswMBR.exe
[2011.10.02 17:38:57 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Lenn\Desktop\WinsockxpFix.exe
[2011.10.02 17:24:13 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
[2007.01.11 21:27:43 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.10.02 21:37:14 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.02 19:31:13 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lenn\Desktop\MBR.dat
[2011.10.02 19:23:54 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Lenn\Desktop\aswMBR.exe
[2011.10.02 18:08:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2011.10.02 18:04:33 | 000,013,002 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.02 18:04:19 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.02 18:03:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.02 18:01:35 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.10.02 17:38:58 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Lenn\Desktop\WinsockxpFix.exe
[2011.10.02 17:23:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
[2011.09.29 17:27:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.09.11 22:09:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\HP DArC Task #Hewlett-Packard#140#CN3611207K6P.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.02 19:31:13 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lenn\Desktop\MBR.dat
[2011.06.26 22:09:09 | 000,032,812 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009.03.23 21:15:55 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2009.03.23 21:14:49 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2009.03.23 21:14:48 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2009.02.18 20:35:26 | 000,003,207 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.02.18 20:35:22 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.03.16 17:32:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.12.25 19:37:08 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007.12.16 23:12:54 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Lenn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.24 13:33:33 | 000,000,459 | ---- | C] () -- C:\WINDOWS\iScreensaver.ini
[2007.04.21 10:39:38 | 000,000,105 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007.03.18 14:03:35 | 000,000,978 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007.02.14 17:12:58 | 000,000,164 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007.01.31 11:26:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007.01.31 11:23:20 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.01.11 23:10:12 | 000,112,949 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2007.01.11 23:10:11 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2007.01.11 23:05:13 | 000,006,371 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2007.01.11 23:04:43 | 000,018,283 | ---- | C] () -- C:\WINDOWS\HPHins01.dat
[2007.01.11 23:04:43 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat
[2007.01.11 22:23:24 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000002-80611102}.dat
[2007.01.11 22:23:24 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000A-00001102-00000002-80611102}.dat
[2007.01.11 21:28:08 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2007.01.11 21:28:08 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2007.01.11 21:28:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007.01.11 21:27:45 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2007.01.11 21:27:45 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007.01.11 21:27:43 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2007.01.11 21:27:43 | 000,179,669 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2007.01.11 21:27:43 | 000,164,044 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2007.01.11 21:27:43 | 000,113,373 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat
[2007.01.11 21:27:43 | 000,113,273 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2007.01.11 21:27:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2007.01.11 21:27:43 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2007.01.11 21:27:43 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2007.01.11 21:27:43 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007.01.11 21:14:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.01.11 07:28:03 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.01.11 07:26:53 | 000,169,896 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.01.11 01:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007.01.11 00:42:34 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2007.01.10 11:42:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.01.10 11:37:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.04.28 16:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2004.01.28 12:42:06 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2004.01.28 12:42:06 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2004.01.28 12:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003.01.07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.08.23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.23 08:00:00 | 000,435,688 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.23 08:00:00 | 000,068,584 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.23 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.23 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001.08.23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.07.06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000.04.25 14:58:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wrkgadm.exe

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008.10.15 19:55:02 | 000,000,216 | ---- | M] () -- C:\1.txt
[2008.01.19 18:17:08 | 000,000,000 | ---- | M] () -- C:\AdobeDebug.txt
[2007.07.30 07:48:30 | 002,078,720 | ---- | M] () -- C:\AppleSoftwareUpdate.msi
[2007.01.10 11:39:51 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010.02.07 15:16:55 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2007.01.10 11:39:51 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007.03.12 18:02:02 | 000,001,685 | ---- | M] () -- C:\hpcmerr.log
[2007.01.10 11:39:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007.11.19 15:09:01 | 000,004,473 | ---- | M] () -- C:\LGSInst.Log
[2007.01.11 21:02:22 | 000,000,160 | ---- | M] () -- C:\mmcInst.log
[2007.01.10 11:39:51 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007.01.11 01:06:32 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008.09.03 18:10:19 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011.10.02 18:02:57 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys
[2010.08.02 18:54:18 | 000,004,601 | ---- | M] () -- C:\reset.log

< %PROGRAMFILES%\*.* >

< %APPDATA%\*.* >
[2007.01.11 07:27:41 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Lenn\Application Data\desktop.ini

< %systemroot%\Tasks\*.job >
[2011.09.29 17:27:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2011.10.02 18:04:19 | 000,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.10.02 21:37:14 | 000,000,886 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.09.11 22:09:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#140#CN3611207K6P.job
[2011.10.02 18:08:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\HP Usg Daily.job

< G:\Recycled >

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

OTL Extras logfile created on: 2011.10.02 9:52:31 PM - Run 4
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Lenn\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy.MM.dd

1.94 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 80.17% Memory free
2.92 Gb Paging File | 2.67 Gb Available in Paging File | 91.48% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 69.28 Gb Free Space | 61.97% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 6.78 Gb Free Space | 90.66% Space Free | Partition Type: FAT32

Computer Name: BONDMAN | User Name: Lenn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\EA Games\Command and Conquer Generals\generals.exe" = C:\Program Files\EA Games\Command and Conquer Generals\generals.exe:*:Enabled:Command & Conquer Generals -- ()
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\generals.exe" = C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\generals.exe:*:Enabled:Command and ConquerTM Generals Zero Hour -- ()
"C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphver05.exe" = C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphver05.exe:*:Enabled:About -- (Hewlett-Packard)
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat" = C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game -- ()
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\CAVEDOG\TOTALA\totala.exe" = C:\CAVEDOG\TOTALA\totala.exe:*:Enabled:Total Annihilation -- (Cavedog Entertainment)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
"C:\Program Files\EA Games\Command and Conquer Generals\game.dat" = C:\Program Files\EA Games\Command and Conquer Generals\game.dat:*:Enabled:game -- ()
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{0673654C-5296-453B-9798-B61CD7E03FEB}" = SES Driver
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{09961A16-DA99-4F15-BBE1-E7755A3BA8E3}" = BIONICLE Heroes
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2466E904-7E48-4597-9321-722CF02930EB}" = 5600
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 26
"{2B43252C-A1E3-4C47-927C-9F2C276D3515}" = S3GSetup
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{301CC8D1-FE75-41ED-9B11-41F006110950}" = Garmin City Navigator North America NT 2010.10 Update
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CBA0E30-6F54-47EF-910E-1D4D450AFE45}" = ATI Multimedia Center
"{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}" = Sound Blaster Live! Web 2K/XP
"{44125F6A-F6AF-476D-A365-18D84A87CDB6}" = PS140
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{578FA426-47C0-4A3F-98A4-01ACD26B7556}" = LEGO Star Wars II
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{60758250-C8CF-47EB-8CB6-E0C3B84D8207}" = PSShortcuts
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3DD7BA6-37A6-4245-A167-B3AA137B2157}" = TitanTV Client components for ATI
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A7DEBAA4-B211-4D1A-A6B3-E52BFAAA1D0C}" = Garmin Communicator Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.0
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}" = 5600Trb
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"{C897FCB3-2F8B-4185-8035-79E2AF3A92A4}" = iTunes
"{CC7984C5-020D-4944-85A0-58D09D4A8BFB}" = 5600_Help
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DE4997B5-55AD-4878-97A7-C9FA84FE23C7}" = PSUsage
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{EF128055-9B10-4FF9-8500-5648CF8F899C}" = ATI Decoder
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Barbie™ Horse Adventures™" = Barbie™ Horse Adventures™
"ERUNT_is1" = ERUNT 1.1j
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"ie8" = Windows Internet Explorer 8
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{09961A16-DA99-4F15-BBE1-E7755A3BA8E3}" = BIONICLE Heroes
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{3CBA0E30-6F54-47EF-910E-1D4D450AFE45}" = ATI Multimedia Center 9.14
"InstallShield_{578FA426-47C0-4A3F-98A4-01ACD26B7556}" = LEGO Star Wars II
"InstallShield_{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"InstallShield_{EF128055-9B10-4FF9-8500-5648CF8F899C}" = ATI Decoder
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Pdf995" = Pdf995
"PhotoFiltre" = PhotoFiltre
"S3" = KM400/KN400 Display Driver and Utilities
"SereneScreen Marine Aquarium 2.6_is1" = SereneScreen Marine Aquarium 2.6
"SnagIt6" = SnagIt 6
"Tablet Driver" = Tablet
"Total Annihilation" = Total Annihilation
"Tweak UI 2.10" = Tweak UI
"TweakNow RegCleaner Standard_is1" = TweakNow RegCleaner Standard
"U.B. Funkeys" = U.B. Funkeys
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.0.5.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011.01.06 10:09:46 PM | Computer Name = BONDMAN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3743, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2011.01.06 10:12:35 PM | Computer Name = BONDMAN | Source = Application Hang | ID = 1002
Description = Hanging application AvastUI.exe, version 5.0.677.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2011.01.10 8:50:34 AM | Computer Name = BONDMAN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3743, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2011.01.10 8:50:41 AM | Computer Name = BONDMAN | Source = Application Hang | ID = 1001
Description = Fault bucket 1788811432.

Error - 2011.04.05 5:10:45 PM | Computer Name = BONDMAN | Source = Application Error | ID = 1000
Description = Faulting application hpqscnvw.exe, version 3.2.0.941, faulting module
hpqscnvw.exe, version 3.2.0.941, fault address 0x00011cd4.

Error - 2011.05.05 4:03:32 PM | Computer Name = BONDMAN | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 11.0.5604.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2011.06.30 10:58:11 AM | Computer Name = BONDMAN | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.

Error - 2011.08.07 5:28:07 PM | Computer Name = BONDMAN | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2011.09.04 1:03:03 PM | Computer Name = BONDMAN | Source = EventSystem | ID = 4614
Description = The COM+ Event System detected an inconsistency in its internal state.
The assertion "GetLastError() == 122L" failed at line 162 of d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 2011.10.02 5:25:16 PM | Computer Name = BONDMAN | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.29.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 2011.10.02 6:04:10 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 2011.10.02 6:04:54 PM | Computer Name = BONDMAN | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.

Error - 2011.10.02 6:19:10 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 2011.10.02 6:19:10 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 30 minutes. NtpClient has no source of accurate
time.

Error - 2011.10.02 6:49:11 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 60 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 2011.10.02 6:49:11 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 60 minutes. NtpClient has no source of accurate
time.

Error - 2011.10.02 7:49:11 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 120 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 2011.10.02 7:49:11 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 120 minutes. NtpClient has no source of accurate
time.

Error - 2011.10.02 9:49:11 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 240 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 2011.10.02 9:49:11 PM | Computer Name = BONDMAN | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 240 minutes. NtpClient has no source of accurate
time.


< End of report >
  • 0

#6
Amlak

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
No malware so far.

Ok, have you tried reinstalling the concerned driver for your connection?

If not, go here and download the file. Run it to install it and let me know the outcome.

Also, what security programs have you had installed from before. And when did you start having this connection problem?
  • 0

#7
LBToronto

LBToronto

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Good news on the "no malware so far" I guess.

The network connection problem occurred about 4 wks ago, but I didn't have time to look at it until now (my kids use it mostly for Word docs for school). I assumed either a Windows Update had messed up the connection or the kids had done something that I could quickly fix when I had a moment, but after sitting down and working on it for awhile yesterday and not being able to resolve it I started to think malware.

In the past this PC has had AVG then Avast installed. It also has MBAM which I run once in awhile (virus defs are 97 days old). Back in June/July I remember I was having trouble getting an auto-update to work so I uninstalled Avast to see if it was thwarting the update (it was JRE 6.1 or Adobe Reader...I'm sorry I don't recall which one). The update worked and I never re-installed Avast so my bad as it has gone without anti-virus for a few months.

I downloaded and ran the Ethernet Adapter driver you linked to. It installed successfully and the network tray icon changed to "A network cable is unplugged". I rebooted and the tray icon remained on "A network cable is unplugged". I unplugged the cable then plugged it back in, and the tray icon animated for awhile then returned to the "Limited or no connectivity" state we started with.

Thank you for your help so far, but I fear you are about to tell me about hardware failures.... :)

Edited by LBToronto, 03 October 2011 - 08:00 PM.

  • 0

#8
Amlak

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Thank you for answering. I fear it may be a hardware failure but still not certain. I may have to refer you to the hardware techs later on, but for now, stick with me.

Ok, try this:

Go to the Command Prompt.

Type in the following:

ipconfig /all > c:\dump.txt

Then go to the root of the drive (C:) and you should find a file called dump.txt there. Please post the contents of that text file here.

Also:

Open OTL again.

Paste the following into the OTL box:

:OTL
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell - "" = AutoRun
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\Shell\AutoRun\command - "" = G:\DTSP_Launcher.exe
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{f7e133e5-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = J:\Windows\bin\eblSetup.exe
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe -- [2006.06.27 21:06:12 | 000,020,480 | RHS- | M] ()

Then click Run Fix.

Post the contents of the log it produces.
  • 0

#9
LBToronto

LBToronto

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi Amlak,

I know there is a policy to lock a thread if there's no response after 4 days, so I just wanted to let you know I won't have access to that PC for the next few days so my next response will be delayed.
  • 0

#10
Amlak

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, LBToronto.

Not a problem. I'll let one of the staff know about this.
  • 0

Advertisements


#11
LBToronto

LBToronto

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi Amlak,

I'm back...thank you for your patience.

Here is the dump.txt contents:

====
Windows IP Configuration



Host Name . . . . . . . . . . . . : bondman

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

Physical Address. . . . . . . . . : 00-13-8F-ED-5F-57

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.11

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : October 11, 2011 10:39:23 PM

Lease Expires . . . . . . . . . . : October 14, 2011 10:39:23 PM

====


Here is the OTL log after the run fix:

========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c59362f-5da2-11de-b3f9-00138fed5f57}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c59362f-5da2-11de-b3f9-00138fed5f57}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c59362f-5da2-11de-b3f9-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c59362f-5da2-11de-b3f9-00138fed5f57}\ not found.
G:\Recycled\ctfmon.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a660e43a-f5ff-11dd-b25d-00138fed5f57}\ not found.
File G:\Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc19a2b6-be90-11de-b408-00138fed5f57}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc19a2b6-be90-11de-b408-00138fed5f57}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc19a2b6-be90-11de-b408-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc19a2b6-be90-11de-b408-00138fed5f57}\ not found.
File G:\Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9e464fa-1a94-11e0-b466-00138fed5f57}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9e464fa-1a94-11e0-b466-00138fed5f57}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9e464fa-1a94-11e0-b466-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9e464fa-1a94-11e0-b466-00138fed5f57}\ not found.
File G:\DTSP_Launcher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7e133e2-6b93-11df-b43a-00138fed5f57}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7e133e2-6b93-11df-b43a-00138fed5f57}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7e133e2-6b93-11df-b43a-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7e133e2-6b93-11df-b43a-00138fed5f57}\ not found.
File G:\Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7e133e5-6b93-11df-b43a-00138fed5f57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7e133e5-6b93-11df-b43a-00138fed5f57}\ not found.
File J:\Windows\bin\eblSetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7e133e9-6b93-11df-b43a-00138fed5f57}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7e133e9-6b93-11df-b43a-00138fed5f57}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7e133e9-6b93-11df-b43a-00138fed5f57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7e133e9-6b93-11df-b43a-00138fed5f57}\ not found.
File G:\Recycled\ctfmon.exe not found.

OTL by OldTimer - Version 3.2.29.1 log created on 10132011_195121

====
  • 0

#12
Amlak

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
OTL

Run OTL.

  • Check All under Services checkbox section.
  • Check All under Drivers checkbox section.
  • Click the Run Scan button at the top.
  • Make sure you paste the contents for the log it produces in your next reply.

  • 0

#13
LBToronto

LBToronto

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Here you go:

====
OTL logfile created on: 2011.10.14 11:29:14 AM - Run 5
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Lenn\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy.MM.dd

1.94 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 81.04% Memory free
2.92 Gb Paging File | 2.68 Gb Available in Paging File | 91.85% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 69.41 Gb Free Space | 62.09% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 6.77 Gb Free Space | 90.57% Space Free | Partition Type: FAT32

Computer Name: BONDMAN | User Name: Lenn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.02 17:23:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
PRC - [2008.04.13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.03.30 21:07:12 | 000,132,656 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\TabUserW.exe
PRC - [2007.03.30 21:06:26 | 001,189,424 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe
PRC - [2006.04.05 22:31:52 | 000,057,344 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\main\atidtct.exe
PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005.05.12 01:40:38 | 000,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2005.05.12 00:23:26 | 000,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2005.05.12 00:16:22 | 000,077,824 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
PRC - [2005.03.08 03:33:00 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2002.07.02 18:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE


========== Modules (No Company Name) ==========

MOD - [2011.08.14 22:57:33 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011.08.14 22:54:37 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011.08.14 22:51:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011.08.14 22:51:36 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011.08.14 22:51:09 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011.08.14 22:48:42 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011.08.14 22:47:38 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2011.08.14 22:47:35 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.07.01 13:13:50 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010.02.05 14:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009.03.23 21:14:48 | 000,051,716 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2008.04.13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008.01.11 19:08:22 | 000,094,720 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll


========== Win32 Services (All) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.06.07 17:51:02 | 000,820,520 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2011.05.25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.05.04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.04.06 16:20:16 | 000,349,472 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2010.08.27 01:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010.08.17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010.02.09 17:59:56 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Google Update Service (gupdatem)
SRV - [2010.02.09 17:59:56 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009.07.27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009.07.27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009.07.27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009.06.10 02:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009.05.16 11:48:17 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009.04.20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009.02.09 08:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2009.02.09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC)
SRV - [2009.02.09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2009.02.06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009.02.06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008.07.29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008.07.29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.07.25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008.07.07 16:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008.06.20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Network Location Awareness (NLA)
SRV - [2008.04.13 20:12:40 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008.04.13 20:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008.04.13 20:12:38 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008.04.13 20:12:38 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008.04.13 20:12:35 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008.04.13 20:12:34 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008.04.13 20:12:33 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008.04.13 20:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008.04.13 20:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008.04.13 20:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008.04.13 20:12:27 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008.04.13 20:12:25 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008.04.13 20:12:24 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Remote Procedure Call (RPC)
SRV - [2008.04.13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008.04.13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008.04.13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008.04.13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008.04.13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008.04.13 20:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008.04.13 20:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008.04.13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008.04.13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008.04.13 20:12:14 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008.04.13 20:12:14 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (cisvc)
SRV - [2008.04.13 20:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008.04.13 20:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008.04.13 20:12:11 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008.04.13 20:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008.04.13 20:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008.04.13 20:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008.04.13 20:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA)
SRV - [2008.04.13 20:12:08 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008.04.13 20:12:08 | 000,175,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008.04.13 20:12:08 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008.04.13 20:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008.04.13 20:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008.04.13 20:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008.04.13 20:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008.04.13 20:12:07 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008.04.13 20:12:07 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008.04.13 20:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008.04.13 20:12:05 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008.04.13 20:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008.04.13 20:12:04 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008.04.13 20:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008.04.13 20:12:03 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2008.04.13 20:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008.04.13 20:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008.04.13 20:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008.04.13 20:12:02 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2008.04.13 20:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008.04.13 20:11:59 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008.04.13 20:11:57 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008.04.13 20:11:56 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008.04.13 20:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008.04.13 20:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS)
SRV - [2008.04.13 20:11:55 | 000,028,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2008.04.13 20:11:53 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008.04.13 20:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008.04.13 20:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008.04.13 20:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008.04.13 20:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008.04.13 20:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008.04.13 20:11:50 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008.04.13 20:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008.04.13 20:11:49 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008.04.13 20:11:49 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007.03.30 21:06:26 | 001,189,424 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Tablet.exe -- (TabletService)
SRV - [2006.12.22 08:31:50 | 000,108,712 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
SRV - [2006.10.18 22:47:16 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2006.10.18 21:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006.09.28 19:56:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc)
SRV - [2006.05.03 12:57:00 | 000,520,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2006.05.03 12:43:46 | 000,413,696 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2001.08.23 08:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpt3xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2011.07.15 09:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011.07.08 10:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011.06.24 10:10:36 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011.04.21 09:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011.02.17 09:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2011.02.16 09:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2010.11.02 11:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009.10.20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009.06.24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009.05.18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.02.13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.07.17 17:45:56 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2008.06.20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008.04.13 20:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008.04.13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008.04.13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008.04.13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008.04.13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008.04.13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008.04.13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008.04.13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008.04.13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008.04.13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008.04.13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008.04.13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008.04.13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008.04.13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008.04.13 15:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008.04.13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008.04.13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008.04.13 15:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008.04.13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008.04.13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008.04.13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008.04.13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008.04.13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008.04.13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008.04.13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008.04.13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008.04.13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008.04.13 14:54:36 | 000,088,192 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\irda.sys -- (irda)
DRV - [2008.04.13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008.04.13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (ip6fw)
DRV - [2008.04.13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008.04.13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008.04.13 14:46:25 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nabtsfec.sys -- (NABTSFEC)
DRV - [2008.04.13 14:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wstcodec.sys -- (WSTCODEC)
DRV - [2008.04.13 14:46:23 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdecode.sys -- (CCDECODE)
DRV - [2008.04.13 14:46:23 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slip.sys -- (SLIP)
DRV - [2008.04.13 14:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisip.sys -- (NdisIP)
DRV - [2008.04.13 14:46:21 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\streamip.sys -- (streamip)
DRV - [2008.04.13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008.04.13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008.04.13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008.04.13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008.04.13 14:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008.04.13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008.04.13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008.04.13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008.04.13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008.04.13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008.04.13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008.04.13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008.04.13 14:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008.04.13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
DRV - [2008.04.13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008.04.13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008.04.13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008.04.13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008.04.13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008.04.13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\disk.sys -- (Disk)
DRV - [2008.04.13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008.04.13 14:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaide.sys -- (ViaIde)
DRV - [2008.04.13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008.04.13 14:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008.04.13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008.04.13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008.04.13 14:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008.04.13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008.04.13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008.04.13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008.04.13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008.04.13 14:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mstee.sys -- (MSTEE)
DRV - [2008.04.13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008.04.13 14:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008.04.13 14:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008.04.13 14:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008.04.13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008.04.13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008.04.13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sr.sys -- (sr)
DRV - [2008.04.13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008.04.13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pci.sys -- (PCI)
DRV - [2008.04.13 14:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008.04.13 14:36:42 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008.04.13 14:36:40 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\uagp35.sys -- (uagp35)
DRV - [2008.04.13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2008.04.13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008.04.13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008.04.13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008.04.13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008.04.13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008.04.13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008.04.13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008.04.13 14:31:33 | 000,037,760 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008.04.13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008.04.13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008.01.19 18:05:46 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007.11.13 06:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.02.16 15:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.16 14:30:12 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2006.10.09 13:58:48 | 000,203,648 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2006.09.28 20:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006.09.28 19:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2006.05.03 12:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.23 11:38:00 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.04.12 19:21:32 | 000,022,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2005.04.12 19:21:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2005.04.12 19:21:28 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2005.04.12 19:21:26 | 000,045,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2005.03.08 10:50:00 | 000,172,544 | ---- | M] (Copyright © VIA/S3 Graphics Co, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx)
DRV - [2005.03.08 00:43:27 | 000,021,744 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005.03.08 00:43:26 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005.03.08 00:43:25 | 000,051,120 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2004.10.07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004.08.03 21:08:40 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC)
DRV - [2004.08.03 21:08:36 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2004.08.03 21:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004.08.03 21:08:08 | 000,064,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2004.08.03 21:07:52 | 000,053,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2004.08.03 21:06:38 | 000,078,336 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2003.11.11 18:41:08 | 000,041,984 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5b.sys -- (FETNDISB)
DRV - [2003.07.17 16:10:06 | 000,007,040 | ---- | M] (VIA Networking Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ntsim.sys -- (NTSIM)
DRV - [2002.07.24 14:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002.07.19 11:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002.07.19 11:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002.07.19 11:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002.07.19 11:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002.07.19 11:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002.07.19 11:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001.08.23 08:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001.08.23 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.08.23 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001.08.23 08:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2001.08.23 08:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2001.08.23 08:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2001.08.23 08:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001.08.23 08:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2001.08.23 08:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001.08.23 08:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2001.08.23 08:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001.08.23 08:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2001.08.23 08:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001.08.23 08:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2001.08.23 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2001.08.23 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2001.08.23 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2001.08.23 08:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2001.08.17 14:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001.08.17 13:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001.08.17 13:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001.08.17 13:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001.08.17 13:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001.08.17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001.08.17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 09:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001.08.17 09:51:32 | 000,019,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasirda.sys -- (Rasirda) WAN Miniport (IrDA)
DRV - [2001.08.17 09:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2001.08.17 08:13:08 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)
DRV - [1999.12.17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.c...lt&ltmplcache=2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "https://mail.google....eck.com/#inbox"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.26 21:41:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.01 14:41:28 | 000,000,000 | ---D | M]

[2009.06.20 09:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Extensions
[2011.10.02 14:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions
[2010.05.29 21:57:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.26 21:09:38 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.11.03 17:51:51 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Lenn\Application Data\Mozilla\Firefox\Profiles\ikds2650.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011.10.02 14:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.01 14:41:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2008.12.13 16:09:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011.10.02 18:01:35 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\atidtct.exe (ATI Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1168487938514 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F712F6DE-DFDF-4D19-A0C8-79AEFF31F5D5}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.10 11:39:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.10.13 19:51:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.10.03 21:40:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenn\Desktop\LAN_XP_2K_ME_98(3.5)
[2011.10.02 19:30:12 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Lenn\Desktop\aswMBR.exe
[2011.10.02 17:38:57 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Lenn\Desktop\WinsockxpFix.exe
[2011.10.02 17:24:13 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
[2007.01.11 21:27:43 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.10.14 11:24:41 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.14 11:24:40 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.14 10:37:14 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.14 10:08:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2011.10.13 20:17:44 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2011.10.13 20:09:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.13 17:27:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.10.11 22:09:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\HP DArC Task #Hewlett-Packard#140#CN3611207K6P.job
[2011.10.03 20:09:04 | 003,852,969 | ---- | M] () -- C:\Documents and Settings\Lenn\Desktop\LAN_XP_2K_ME_98(3.5).zip
[2011.10.02 19:31:13 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lenn\Desktop\MBR.dat
[2011.10.02 19:23:54 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Lenn\Desktop\aswMBR.exe
[2011.10.02 18:01:35 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.10.02 17:38:58 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Lenn\Desktop\WinsockxpFix.exe
[2011.10.02 17:23:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lenn\Desktop\OTL.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.03 21:40:10 | 003,852,969 | ---- | C] () -- C:\Documents and Settings\Lenn\Desktop\LAN_XP_2K_ME_98(3.5).zip
[2011.10.02 19:31:13 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lenn\Desktop\MBR.dat
[2011.06.26 22:09:09 | 000,032,812 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009.03.23 21:15:55 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2009.03.23 21:14:49 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2009.03.23 21:14:48 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2009.02.18 20:35:26 | 000,003,207 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.02.18 20:35:22 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.03.16 17:32:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.12.25 19:37:08 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007.12.16 23:12:54 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Lenn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.24 13:33:33 | 000,000,459 | ---- | C] () -- C:\WINDOWS\iScreensaver.ini
[2007.04.21 10:39:38 | 000,000,105 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007.03.18 14:03:35 | 000,000,978 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007.02.14 17:12:58 | 000,000,164 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007.01.31 11:26:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007.01.31 11:23:20 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.01.11 23:10:12 | 000,112,949 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2007.01.11 23:10:11 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2007.01.11 23:05:13 | 000,006,371 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2007.01.11 23:04:43 | 000,018,283 | ---- | C] () -- C:\WINDOWS\HPHins01.dat
[2007.01.11 23:04:43 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat
[2007.01.11 22:23:24 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000002-80611102}.dat
[2007.01.11 22:23:24 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000A-00001102-00000002-80611102}.dat
[2007.01.11 21:28:08 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2007.01.11 21:28:08 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2007.01.11 21:28:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007.01.11 21:27:45 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2007.01.11 21:27:45 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007.01.11 21:27:43 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2007.01.11 21:27:43 | 000,179,669 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2007.01.11 21:27:43 | 000,164,044 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2007.01.11 21:27:43 | 000,113,373 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat
[2007.01.11 21:27:43 | 000,113,273 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2007.01.11 21:27:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2007.01.11 21:27:43 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2007.01.11 21:27:43 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2007.01.11 21:27:43 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007.01.11 21:14:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.01.11 07:28:03 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.01.11 07:26:53 | 000,169,896 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.01.11 01:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007.01.11 00:42:34 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2007.01.10 11:42:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.01.10 11:37:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.04.28 16:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2004.01.28 12:42:06 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2004.01.28 12:42:06 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2004.01.28 12:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003.01.07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.08.23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.23 08:00:00 | 000,435,688 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.23 08:00:00 | 000,068,584 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.23 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.23 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001.08.23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.07.06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000.04.25 14:58:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wrkgadm.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
  • 0

#14
Amlak

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
  • Download aswclear.exe on your desktop
  • Open the program aswClear.
  • Select the Avast product you previously had.
  • Click Uninstall.
  • Restart your computer.

***

  • Download AVG Remover to your Desktop.
  • Run the Program and click Yes when prompted.
  • Restart the computer when done.
  • Post the contents of avgremoval.log located on the Desktop.

***

If there's still no Internet connection, then I would suggest you make a new thread in following section:
http://www.geekstogo.../11-networking/

Hopefully, some of the experts there can help you out with your problem.

Once your connection is working, please come back here so we may help you with having your system more secure against malware. PM me if the thread ends up being locked before you come back.
  • 0

#15
LBToronto

LBToronto

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi Amlak,

Thank you for all your help...I ran the AV removal tools successfully but it did not restore the network connection.

I went and bought a super-cheap PCI network adapter, plunked it in, and re-booted and voila I was back online. Obviously the onboard adapter failed.

I've re-installed Avast, turned the Windows firewall back-on, and updated MBAM. Hopefully I'm good to go. Time to close this thread, I guess.

Good luck on completing your training and becoming a full-fledged malware removal expert here at this wonderful website!

Cheers -
LBToronto
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP