Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Bad image error pop ups window XP

Started by Phillip Kaufmann , Nov 03 2011 05:50 PM

  • Please log in to reply

#1
Phillip Kaufmann
Posted 03 November 2011 - 05:50 PM

Phillip Kaufmann

    New Member

  • Member
  • Pip
  • 7 posts
Getting the bad images pop up on my Laptop windows xp media center version any help?

OTL logfile created on: 11/3/2011 7:17:42 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 53.67% Memory free
3.85 Gb Paging File | 2.15 Gb Available in Paging File | 55.94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.09 Gb Total Space | 65.64 Gb Free Space | 62.46% Space Free | Partition Type: NTFS
Drive D: | 1.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: D91CS6C1 | User Name: julie k | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/03 19:17:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\OTL.com
PRC - [2011/11/03 19:05:25 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\julie k\Local Settings\Temp\clclean.0001
PRC - [2011/10/24 20:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/10/18 06:14:54 | 001,229,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/01/12 22:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 19:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2009/05/13 15:40:08 | 006,345,840 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
PRC - [2009/04/21 18:26:52 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
PRC - [2008/12/25 14:51:32 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
PRC - [2008/07/14 12:49:42 | 000,623,904 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\xdcla.exe
PRC - [2008/07/14 12:24:46 | 000,024,576 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/25 18:10:50 | 000,079,136 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\OmniPage15\OpWare15.exe
PRC - [2007/06/25 18:10:20 | 000,943,392 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\OmniPage15\OpAgent.exe
PRC - [2007/05/02 18:16:54 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/12/06 16:39:56 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2006/08/28 23:57:12 | 000,395,776 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2006/05/24 20:28:28 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/05/01 11:34:00 | 000,262,217 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2006/05/01 11:28:26 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/05/01 11:28:06 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006/05/01 11:26:14 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/03/25 01:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/10/31 12:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2001/09/10 16:03:56 | 000,027,648 | R--- | M] () -- C:\Program Files\WinFax\WFXSWTCH.exe
PRC - [2001/09/10 16:03:55 | 000,549,376 | R--- | M] () -- C:\Program Files\WinFax\WFXCTL32.EXE
PRC - [2001/09/10 16:03:55 | 000,541,184 | R--- | M] (Symantec Corporation) -- C:\Program Files\WinFax\WFXMOD32.EXE
PRC - [2001/09/10 16:03:55 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WFXSNT40.EXE
PRC - [2000/09/28 23:58:42 | 000,129,536 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\WFXSVC.EXE


========== Modules (No Company Name) ==========

MOD - [2011/11/03 19:05:29 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\julie k\Local Settings\Temp\clclean.0001.dir.0002\~df394b.tmp
MOD - [2011/10/17 03:02:03 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_242da3de\mscorlib.dll
MOD - [2011/10/17 03:02:00 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_f6e43098\system.drawing.dll
MOD - [2011/10/17 03:01:56 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_761836ba\system.xml.dll
MOD - [2011/10/17 03:01:52 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c9942d2f\system.windows.forms.dll
MOD - [2011/10/17 03:01:44 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_a30c5079\system.dll
MOD - [2011/10/17 03:01:30 | 001,265,664 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2011/10/17 03:01:30 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2011/01/12 21:57:34 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2011/01/12 21:55:28 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2010/05/07 19:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 19:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 19:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 19:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 19:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 19:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/02/05 14:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/04/22 17:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 19:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 18:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 18:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 18:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 18:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 18:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 18:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 18:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 18:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 18:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/06/29 08:12:00 | 001,355,042 | ---- | M] () -- C:\WINDOWS\system32\CTMBHA.DLL
MOD - [2006/05/24 20:29:44 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006/05/01 11:38:06 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2006/05/01 11:38:06 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/05/01 11:38:06 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2006/03/10 13:49:30 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/08/16 23:02:54 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2005/08/16 23:02:54 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2005/08/16 23:02:54 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2005/08/16 23:02:52 | 000,573,440 | ---- | M] () -- c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll
MOD - [2001/09/10 16:03:56 | 000,027,648 | R--- | M] () -- C:\Program Files\WinFax\WFXSWTCH.exe
MOD - [2001/09/10 16:03:55 | 000,549,376 | R--- | M] () -- C:\Program Files\WinFax\WFXCTL32.EXE
MOD - [2001/09/10 16:03:49 | 000,160,256 | R--- | M] () -- C:\Program Files\WinFax\WFSUBKUP.DLL
MOD - [2000/09/28 23:58:40 | 000,228,864 | ---- | M] () -- C:\Program Files\WinFax\WFXVW32I.DLL
MOD - [2000/09/28 23:58:38 | 000,199,680 | ---- | M] () -- C:\Program Files\WinFax\WFXPDK32.DLL
MOD - [2000/09/28 23:58:38 | 000,012,800 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\WFXPNT40.DLL
MOD - [2000/09/28 23:58:34 | 000,288,768 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\pop3cli.dll
MOD - [2000/09/28 23:58:34 | 000,225,280 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\mime32.dll
MOD - [2000/09/28 23:58:34 | 000,177,152 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\smtpcli.dll
MOD - [2000/09/28 23:58:34 | 000,142,336 | ---- | M] () -- C:\Program Files\WinFax\SENGINE.DLL
MOD - [2000/09/28 23:58:32 | 001,574,400 | ---- | M] () -- C:\Program Files\WinFax\DCCDA32I.DLL
MOD - [2000/09/28 23:58:32 | 000,392,192 | ---- | M] () -- C:\Program Files\WinFax\DCCTBP32.DLL
MOD - [2000/09/28 23:58:32 | 000,166,912 | ---- | M] () -- C:\Program Files\WinFax\DCCDA32K.DLL


========== Win32 Services (SafeList) ==========

SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/04/21 18:26:52 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2006/12/06 16:39:56 | 000,069,632 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2006/05/01 11:34:00 | 000,262,217 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2005/10/06 19:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)
SRV - [2000/09/28 23:58:42 | 000,129,536 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\WINDOWS\system32\WFXSVC.EXE -- (wfxsvc)


========== Driver Services (SafeList) ==========

DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/05/14 18:04:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/05/14 18:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam C210(UVC)
DRV - [2010/05/14 18:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/14 18:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/21 18:27:04 | 000,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\SSIDRV.SYS -- (SSIDRV)
DRV - [2009/04/21 18:27:04 | 000,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\SSHRMD.SYS -- (SSHRMD)
DRV - [2009/04/21 18:27:02 | 000,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV - [2008/04/13 14:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/01/04 21:34:36 | 000,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/09/05 12:04:34 | 000,079,408 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2006/12/06 16:45:59 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/08/25 09:23:08 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/05/24 20:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 20:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 20:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/23 16:06:36 | 001,578,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/05/01 11:52:02 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/04/27 01:13:04 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/03/25 01:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/02/04 04:25:22 | 000,386,560 | ---- | M] (Lumanate, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AngelUsb.sys -- (AngelUsb)
DRV - [2006/01/10 13:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/01/04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/07/15 01:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/07/15 00:28:38 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/07/13 02:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/05/25 11:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005/01/10 12:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/10 12:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2004/02/13 18:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061206
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061206

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061206
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.com/myconnection
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Hotbar\bin\10.2.236.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/11/03 16:56:59 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/02/16 15:47:35 | 000,000,734 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Reg Error: Value error.) - {9C6CFB8C-9EAF-460D-BE45-766A624E0E4F} - C:\WINDOWS\system32\qoMCSmMF.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MBMon] "Rundll32" CTMBHA.DLL,MBMon File not found
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Plugin] C:\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL (MyWebSearch.com)
O4 - HKLM..\Run: [Opware15] C:\Program Files\Nuance\OmniPage15\Opware15.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDF4 Registry Controller] C:\Program Files\Nuance\PDF Converter 4\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WFXSwtch] C:\Program Files\WinFax\WFXSWTCH.exe ()
O4 - HKLM..\Run: [WinFaxAppPortStarter] C:\WINDOWS\System32\WFXSNT40.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKCU..\Run: [OpAgent] C:\Program Files\Nuance\OmniPage15\OpAgent.exe (Nuance Communications, Inc.)
O4 - HKCU..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Controller.LNK = C:\Program Files\WinFax\WFXCTL32.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Image Retriever.lnk = C:\Program Files\Nuance\PaperPort\xdcla.exe (Nuance Communications, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZUxdm265YYUS File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.1 - C:\Program Files\Nuance\PDF Converter 4\cnvres_eng.dll ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...p1.0.0.15-3.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1005.cab (MySpace Uploader Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase5036.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1173785205875 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70C05421-3375-4540-8093-64BE7E1BE1F1}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (blhnaw.dll) -C:\WINDOWS\System32\BLHNAW.DLL ()
O20 - AppInit_DLLs: (awdhfb.dll) -C:\WINDOWS\System32\AWDHFB.DLL ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\julie k\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\julie k\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {A213B520-C6C2-11d0-AF9D-008029E1027E} - C:\Program Files\WinFax\WFXSEH32.DLL (Symantec Corporation)
O28 - HKLM ShellExecuteHooks: {BB6C9487-AAD6-47EE-A3FA-5432126062F2} - No CLSID value found.
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\qoMCSmMF) - File not found
O30 - LSA: Authentication Packages - (dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 06:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\Shell - "" = AutoRun
O33 - MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\Shell\AutoRun\command - "" = E:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/03 19:17:00 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/11/03 17:03:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\julie k\Application Data\AVG
[2011/11/03 17:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC Tuneup 2011
[2011/11/03 16:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\julie k\Application Data\AVG2012
[2011/11/03 16:56:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2011/11/03 16:55:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/03 16:55:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/10/27 20:57:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\julie k\Desktop\vicky
[2011/10/23 20:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/10/23 20:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/23 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/23 20:37:35 | 004,517,664 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2011/10/23 20:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/07 20:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\julie k\My Documents\My Digital Editions
[2011/10/07 06:23:48 | 000,230,608 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/03 19:30:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A5A5AB8F-4E2A-4C44-85E6-E78526FA7F69}.job
[2011/11/03 19:17:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/11/03 19:04:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/03 19:03:27 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/03 19:03:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/03 19:02:56 | 2145,845,248 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/03 18:35:06 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/03 17:02:15 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\julie k\Desktop\AVG PC Tuneup 2011.lnk
[2011/11/03 17:00:12 | 108,564,803 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/11/03 16:56:59 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/11/03 16:13:19 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B0A519E8-0121-4975-BEC2-C6F1417EF271}.job
[2011/11/03 14:09:18 | 000,466,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/27 23:00:02 | 000,001,634 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_L7B6FB7B62AA0454D81E6B7AA0390A136.job
[2011/10/27 22:39:49 | 000,078,577 | ---- | M] () -- C:\Documents and Settings\julie k\Desktop\May 6, 2011 - Maverick[1].pdf
[2011/10/27 22:38:21 | 001,314,943 | ---- | M] () -- C:\Documents and Settings\julie k\Desktop\Maverick_-_Deposit_and_Bill_of_Sale_Contract_4-23-11[1].pdf
[2011/10/23 20:39:29 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/19 22:34:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/19 21:06:59 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/17 03:08:01 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/17 03:00:04 | 000,001,620 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_LFF9A54E41C0E47608E9B63A71E305440.job
[2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/03 17:02:15 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\julie k\Desktop\AVG PC Tuneup 2011.lnk
[2011/11/03 17:00:12 | 108,564,803 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/11/03 16:56:59 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/11/03 16:56:26 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjw.avm
[2011/10/27 22:39:49 | 000,078,577 | ---- | C] () -- C:\Documents and Settings\julie k\Desktop\May 6, 2011 - Maverick[1].pdf
[2011/10/27 22:38:21 | 001,314,943 | ---- | C] () -- C:\Documents and Settings\julie k\Desktop\Maverick_-_Deposit_and_Bill_of_Sale_Contract_4-23-11[1].pdf
[2011/10/23 20:39:29 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/19 21:04:05 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/11 20:18:34 | 000,000,633 | ---- | C] () -- C:\WINDOWS\System32\Franklin Access Manager.ini
[2011/03/14 17:11:35 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\julie k\Local Settings\Application Data\fusioncache.dat
[2011/02/20 18:38:09 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/18 10:30:19 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\BLHNAW.DLL
[2010/12/02 03:11:08 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\AWDHFB.DLL
[2010/07/05 08:28:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WTNSETUP.INI
[2010/07/05 07:33:14 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\DCCWFP32.DLL
[2010/07/05 07:33:13 | 000,000,250 | ---- | C] () -- C:\WINDOWS\WINFAX.INI
[2010/07/05 07:33:10 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2010/05/14 17:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 17:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/14 17:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 17:47:00 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/12 22:33:22 | 000,031,931 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/01/07 06:40:20 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/08/06 07:49:20 | 000,775,168 | ---- | C] () -- C:\WINDOWS\is-31ED9.exe
[2009/04/30 07:35:06 | 000,166,217 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2009/04/30 07:35:06 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2009/04/21 18:26:56 | 000,031,088 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll
[2009/04/21 18:26:48 | 000,016,240 | ---- | C] () -- C:\WINDOWS\System32\SsiEfr.exe
[2009/03/22 08:55:11 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2009/03/15 21:32:40 | 000,018,790 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2008/09/28 21:31:31 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/09/28 15:24:01 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\txtpdf2.dll
[2008/09/07 11:11:47 | 000,000,074 | ---- | C] () -- C:\WINDOWS\st_affiliate.ini
[2008/09/07 07:52:38 | 001,299,499 | -HS- | C] () -- C:\WINDOWS\System32\auntaoqw.ini
[2008/09/05 22:05:55 | 000,000,648 | ---- | C] () -- C:\WINDOWS\cookies.ini
[2008/09/04 07:36:18 | 001,300,143 | -HS- | C] () -- C:\WINDOWS\System32\mkuiigkn.ini
[2008/09/03 07:05:18 | 001,436,042 | -HS- | C] () -- C:\WINDOWS\System32\xttjlmmw.ini
[2008/08/31 14:10:20 | 000,172,032 | ---- | C] () -- C:\WINDOWS\TDUninst.exe
[2008/08/20 06:35:03 | 000,000,022 | ---- | C] () -- C:\WINDOWS\pskt.ini
[2008/08/18 07:59:59 | 000,859,547 | -HS- | C] () -- C:\WINDOWS\System32\FMmSCMoq.ini2
[2008/08/18 07:59:57 | 000,859,815 | -HS- | C] () -- C:\WINDOWS\System32\FMmSCMoq.ini
[2008/06/28 22:15:49 | 000,000,072 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/22 22:52:02 | 000,000,064 | ---- | C] () -- C:\WINDOWS\PrintWorkShop2004LE.ini
[2007/03/08 15:17:02 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/01/10 06:29:53 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/12/25 11:22:08 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2006/12/25 06:59:48 | 000,002,236 | ---- | C] () -- C:\Documents and Settings\julie k\Application Data\wklnhst.dat
[2006/12/06 17:01:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/12/06 16:52:43 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/06 16:46:19 | 000,000,411 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/06 16:45:02 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/12/06 16:40:21 | 000,010,820 | ---- | C] () -- C:\WINDOWS\System32\CTSBMB.INI
[2006/12/06 16:39:58 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\mes2046.dll
[2006/12/06 16:39:39 | 000,022,629 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
[2006/12/06 16:08:36 | 000,102,480 | ---- | C] () -- C:\WINDOWS\System32\EzRating.dll
[2006/12/06 16:08:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\EzdCoIns.dll
[2006/12/06 16:08:22 | 001,355,042 | ---- | C] () -- C:\WINDOWS\System32\CTMBHA.DLL
[2006/12/06 16:08:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/12/06 16:08:04 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/12/06 16:07:58 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/12/06 16:07:16 | 000,000,390 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/24 20:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/08/16 06:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 06:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 06:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 06:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 06:27:59 | 000,466,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 06:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 06:18:33 | 000,441,868 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 06:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 06:18:33 | 000,077,138 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 06:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 06:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 06:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 06:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 06:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 06:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 06:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 06:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/12 08:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000/02/24 01:03:04 | 000,061,502 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98F0614F
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F56691E
@Alternate Data Stream - 1310 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:brX01bASowkud5z7gh24vh
@Alternate Data Stream - 1309 bytes -> C:\Program Files\WindowsUpdate:nxsLaeFdNy4wMG4Rn5KxO74
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:45F31C4F
@Alternate Data Stream - 1248 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:joIcF6my8n5V2E0J73YVQ
@Alternate Data Stream - 1203 bytes -> C:\Program Files\Outlook Express:V7cfSJ1UIycPqh11vjIB36WF
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2AB14A6F
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FE747C7
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:399441CC
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E50C1642

< End of report >
OTL Extras logfile created on: 11/3/2011 7:17:42 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 53.67% Memory free
3.85 Gb Paging File | 2.15 Gb Available in Paging File | 55.94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.09 Gb Total Space | 65.64 Gb Free Space | 62.46% Space Free | Partition Type: NTFS
Drive D: | 1.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: D91CS6C1 | User Name: julie k | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"3776:UDP" = 3776:UDP:*:Enabled:Media Center Extender Service
"3390:TCP" = 3390:TCP:*:Enabled:Remote Media Center Experience
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell\MediaDirect\PCMService.exe" = C:\Program Files\Dell\MediaDirect\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program -- (CyberLink Corp.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01C09D67-BE24-43C6-9C4A-060394517B09}" = Newnovelist2
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{23FE964A-853B-4176-86D7-9E18B5CA1FC0}" = Media Center Extender
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{272A0EBC-7824-4850-A69F-7D9B0D73A999}" = ScanSoft PDF Professional 4
"{292E0400-E811-4A08-82D8-1B5C8EF2CEB1}" = ScanSoft PaperPort 11
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2DFE1608-BDCA-11D1-B7AE-00C04FB92F3D}" = Microsoft Project 2000
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{348054A0-6F9A-4EF9-BBB0-827C14C20D86}" = Media Center Karaoke Plug-in
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{4447D5B5-95ED-4C4D-A9C3-1D8E892D5377}" = AVG 2012
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{66563AD8-637B-407F-BCA7-0233A16891AB}" = Business Contact Manager for Outlook 2003
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7FEC54BD-4EFD-45D9-BD30-9079B4AF0C1D}" = Image Retriever 8
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8543EFA3-2C95-48EB-ABB3-25CB69DAD47F}" = ScanSoft OmniPage 15
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{98BD9EA5-2DF2-445C-8C8D-057F55B3C633}" = AVG 2012
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C1008475-75B2-4475-B98C-51FAE8B62960}" = Concord WinFax Plugin v3.0
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7}" = Movie Magic Screenwriter 6
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2012
"BN_DesktopReader" = NOOK for PC
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Audio Pack" = Creative Audio Pack
"deskPDF 2.5 Professional_is1" = deskPDF 2.5 Professional Edition
"EHome Devices" = Media Center Extender
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"GPL Ghostscript_is1" = Docudesk GPL Ghostscript 8.15
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate1.6" = LiveUpdate 1.6 (Symantec Corporation)
"Logitech Vid" = Logitech Vid HD
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MyWebSearch bar Uninstall" = My Web Search (IWON)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ProInst" = Intel® PROSet/Wireless Software
"PROPLUSR" = Microsoft Office Professional Plus 2007
"RealPlayer 6.0" = RealPlayer Basic
"SAMB_ADVMB_FILTER_DRV" = Sound Blaster ADVANCED MB Drivers
"Sound Blaster Audigy ADVANCED MB Product Registration" = Sound Blaster Audigy ADVANCED MB Product Registration
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UOThirdDawn" = Ultima Online 3D
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinFax" = Symantec WinFax PRO
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/24/2011 6:25:28 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/24/2011 6:25:28 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 994141

Error - 10/24/2011 6:25:28 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 994141

Error - 10/24/2011 6:25:44 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/24/2011 6:25:44 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1009781

Error - 10/24/2011 6:25:44 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1009781

Error - 10/24/2011 6:26:06 AM | Computer Name = D91CS6C1 | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 10/25/2011 5:29:50 AM | Computer Name = D91CS6C1 | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 11/3/2011 1:35:24 PM | Computer Name = D91CS6C1 | Source = MsiInstaller | ID = 11935
Description = Product: Microsoft Office Professional Plus 2007 -- Error 1935.An
error occurred during the installation of assembly component {626422C7-6435-4BDE-A16D-3904F02AC23D}.
HRESULT: 0x80070005. assembly interface: IAssemblyCacheItem, function: Commit,
assembly name: Microsoft.Vbe.Interop,fileVersion="12.0.6600.1000",version="12.0.0.0000000",culture="neutral",publicKeyToken="71E9BCE111E9429C"

Error - 11/3/2011 1:37:08 PM | Computer Name = D91CS6C1 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office Professional Plus 2007 - Update 'Microsoft
Office 2007 Service Pack 3 (SP3)' could not be installed. Error code 1603. Windows
Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127

[ OSession Events ]
Error - 6/27/2009 11:39:29 AM | Computer Name = D91CS6C1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/27/2009 11:40:02 AM | Computer Name = D91CS6C1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/27/2009 11:40:09 AM | Computer Name = D91CS6C1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/23/2011 3:55:35 PM | Computer Name = D91CS6C1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2638
seconds with 1680 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 10/23/2011 8:05:20 PM | Computer Name = D91CS6C1 | Source = DCOM | ID = 10010
Description = The server {2692A9D5-61DF-46D5-A5A1-A6CCA921D578} did not register
with DCOM within the required timeout.

Error - 10/23/2011 8:22:51 PM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 10/24/2011 4:51:51 PM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 10/27/2011 7:41:41 PM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/3/2011 9:20:54 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/3/2011 1:38:18 PM | Computer Name = D91CS6C1 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: The 2007 Microsoft Office Suite Service Pack 3 (SP3).

Error - 11/3/2011 4:11:45 PM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/3/2011 4:35:05 PM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/3/2011 4:51:49 PM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/3/2011 7:06:05 PM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.


< End of report >
  • 0

Advertisements

#2
RKinner
Posted 03 November 2011 - 11:29 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c 


:processes
killallprocesses

:OTL
O2 - BHO: (Reg Error: Value error.) - {9C6CFB8C-9EAF-460D-BE45-766A624E0E4F} - C:\WINDOWS\system32\qoMCSmMF.dll File not found
O4 - HKLM..\Run: [MBMon] "Rundll32" CTMBHA.DLL,MBMon File not found
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Plugin] C:\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL (MyWebSearch.com)
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O20 - AppInit_DLLs: (blhnaw.dll) -C:\WINDOWS\System32\BLHNAW.DLL ()
O20 - AppInit_DLLs: (awdhfb.dll) -C:\WINDOWS\System32\AWDHFB.DLL ()
O28 - HKLM ShellExecuteHooks: {BB6C9487-AAD6-47EE-A3FA-5432126062F2} - No CLSID value found.
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\qoMCSmMF) - File not found
O30 - LSA: Authentication Packages - (dll) - File not found
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\Shell - "" = AutoRun
O33 - MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\Shell\AutoRun\command - "" = E:\start.exe
[2010/12/18 10:30:19 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\BLHNAW.DLL
[2010/12/02 03:11:08 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\AWDHFB.DLL
[2008/09/07 07:52:38 | 001,299,499 | -HS- | C] () -- C:\WINDOWS\System32\auntaoqw.ini
[2008/09/05 22:05:55 | 000,000,648 | ---- | C] () -- C:\WINDOWS\cookies.ini
[2008/09/04 07:36:18 | 001,300,143 | -HS- | C] () -- C:\WINDOWS\System32\mkuiigkn.ini
[2008/09/03 07:05:18 | 001,436,042 | -HS- | C] () -- C:\WINDOWS\System32\xttjlmmw.ini
[2008/08/18 07:59:59 | 000,859,547 | -HS- | C] () -- C:\WINDOWS\System32\FMmSCMoq.ini2
[2008/08/18 07:59:57 | 000,859,815 | -HS- | C] () -- C:\WINDOWS\System32\FMmSCMoq.ini
@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98F0614F
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F56691E
@Alternate Data Stream - 1310 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:brX01bASowkud5z7gh24vh
@Alternate Data Stream - 1309 bytes -> C:\Program Files\WindowsUpdate:nxsLaeFdNy4wMG4Rn5KxO74
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:45F31C4F
@Alternate Data Stream - 1248 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:joIcF6my8n5V2E0J73YVQ
@Alternate Data Stream - 1203 bytes -> C:\Program Files\Outlook Express:V7cfSJ1UIycPqh11vjIB36WF
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2AB14A6F
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FE747C7
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:399441CC
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E50C1642

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C

     
:Commands
[EMPTYFLASH]
[purity]
[Reboot]
then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.


Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.



Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Open OTL again and select either the Use SafeList or All option in the Extra Registry group then the Run Scan button. Post the two logs it produces in your next reply.


Ron
  • 0

#3
Phillip Kaufmann
Posted 04 November 2011 - 06:00 AM

Phillip Kaufmann

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Ron thanks!

Error: Unable to interpret < > in the current context!
========== PROCESSES ==========
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C6CFB8C-9EAF-460D-BE45-766A624E0E4F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C6CFB8C-9EAF-460D-BE45-766A624E0E4F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MBMon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Plugin deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin deleted successfully.
File C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:blhnaw.dll deleted successfully.
File pInit_DLLs: (blhnaw.dll) -C:\WINDOWS\System32\BLHNAW.DLL not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:awdhfb.dll deleted successfully.
File pInit_DLLs: (awdhfb.dll) -C:\WINDOWS\System32\AWDHFB.DLL not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{BB6C9487-AAD6-47EE-A3FA-5432126062F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB6C9487-AAD6-47EE-A3FA-5432126062F2}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages:C:\WINDOWS\system32\qoMCSmMF deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages:dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
File E:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{916c6abe-c7ac-11e0-a739-00188ba4d335}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{916c6abe-c7ac-11e0-a739-00188ba4d335}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{916c6abe-c7ac-11e0-a739-00188ba4d335}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{916c6abe-c7ac-11e0-a739-00188ba4d335}\ not found.
File E:\start.exe not found.
C:\WINDOWS\system32\BLHNAW.DLL moved successfully.
C:\WINDOWS\system32\AWDHFB.DLL moved successfully.
C:\WINDOWS\system32\auntaoqw.ini moved successfully.
C:\WINDOWS\cookies.ini moved successfully.
C:\WINDOWS\system32\mkuiigkn.ini moved successfully.
C:\WINDOWS\system32\xttjlmmw.ini moved successfully.
C:\WINDOWS\system32\FMmSCMoq.ini2 moved successfully.
C:\WINDOWS\system32\FMmSCMoq.ini moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:98F0614F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:3F56691E deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:brX01bASowkud5z7gh24vh deleted successfully.
ADS C:\Program Files\WindowsUpdate:nxsLaeFdNy4wMG4Rn5KxO74 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:45F31C4F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:joIcF6my8n5V2E0J73YVQ deleted successfully.
ADS C:\Program Files\Outlook Express:V7cfSJ1UIycPqh11vjIB36WF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:2AB14A6F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:2FE747C7 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:399441CC deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:E50C1642 deleted successfully.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: autumn k
->Flash cache emptied: 34007 bytes

User: Default User

User: Guest

User: Guest.D91CS6C1
->Flash cache emptied: 1209 bytes

User: julie k
->Flash cache emptied: 434 bytes

User: LocalService

User: MCX1

User: NetworkService
->Flash cache emptied: 405 bytes

User: Phillip & Julie
->Flash cache emptied: 1934 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11042011_075203

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
  • 0

#4
RKinner
Posted 04 November 2011 - 12:55 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
That step worked anyway. Waiting on the other logs.

Ron
  • 0

#5
Phillip Kaufmann
Posted 05 November 2011 - 08:35 PM

Phillip Kaufmann

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
thanks for being patient, I work sick hours.

22:06:49.0341 1260 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
22:06:50.0232 1260 ============================================================
22:06:50.0232 1260 Current date / time: 2011/11/05 22:06:50.0232
22:06:50.0232 1260 SystemInfo:
22:06:50.0232 1260
22:06:50.0232 1260 OS Version: 5.1.2600 ServicePack: 3.0
22:06:50.0232 1260 Product type: Workstation
22:06:50.0232 1260 ComputerName: D91CS6C1
22:06:50.0232 1260 UserName: julie k
22:06:50.0232 1260 Windows directory: C:\WINDOWS
22:06:50.0232 1260 System windows directory: C:\WINDOWS
22:06:50.0232 1260 Processor architecture: Intel x86
22:06:50.0232 1260 Number of processors: 2
22:06:50.0232 1260 Page size: 0x1000
22:06:50.0232 1260 Boot type: Normal boot
22:06:50.0232 1260 ============================================================
22:06:53.0169 1260 Initialize success
22:06:56.0451 1984 ============================================================
22:06:56.0451 1984 Scan started
22:06:56.0451 1984 Mode: Manual;
22:06:56.0451 1984 ============================================================
22:06:59.0576 1984 Abiosdsk - ok
22:06:59.0748 1984 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:06:59.0763 1984 abp480n5 - ok
22:06:59.0841 1984 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:06:59.0935 1984 ACPI - ok
22:07:00.0216 1984 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:07:00.0232 1984 ACPIEC - ok
22:07:00.0279 1984 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:07:00.0294 1984 adpu160m - ok
22:07:00.0341 1984 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:07:00.0341 1984 aec - ok
22:07:00.0435 1984 AegisP (91f3df93f40a74d222cd166fe95db633) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:07:00.0466 1984 AegisP - ok
22:07:00.0669 1984 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:07:00.0701 1984 AFD - ok
22:07:00.0794 1984 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:07:00.0810 1984 agp440 - ok
22:07:00.0841 1984 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:07:00.0857 1984 agpCPQ - ok
22:07:00.0888 1984 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:07:00.0951 1984 Aha154x - ok
22:07:01.0107 1984 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:07:01.0138 1984 aic78u2 - ok
22:07:01.0216 1984 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:07:01.0232 1984 aic78xx - ok
22:07:01.0279 1984 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:07:01.0279 1984 AliIde - ok
22:07:01.0388 1984 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:07:01.0404 1984 alim1541 - ok
22:07:01.0419 1984 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:07:01.0435 1984 amdagp - ok
22:07:01.0466 1984 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:07:01.0466 1984 amsint - ok
22:07:01.0607 1984 AngelUsb (b001ead648a3e8fa06af7c221a5c1a4e) C:\WINDOWS\system32\DRIVERS\AngelUsb.sys
22:07:01.0638 1984 AngelUsb - ok
22:07:01.0841 1984 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:07:01.0888 1984 Arp1394 - ok
22:07:02.0060 1984 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:07:02.0107 1984 asc - ok
22:07:02.0310 1984 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:07:02.0326 1984 asc3350p - ok
22:07:02.0654 1984 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:07:02.0701 1984 asc3550 - ok
22:07:02.0841 1984 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
22:07:02.0888 1984 ASCTRM - ok
22:07:03.0154 1984 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:07:03.0185 1984 AsyncMac - ok
22:07:03.0419 1984 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:07:03.0419 1984 atapi - ok
22:07:03.0466 1984 Atdisk - ok
22:07:03.0701 1984 ati2mtag (2573c08729dd52b7b4f18df1592e0b37) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:07:03.0888 1984 ati2mtag - ok
22:07:04.0279 1984 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:07:04.0294 1984 Atmarpc - ok
22:07:04.0451 1984 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:07:04.0466 1984 audstub - ok
22:07:04.0560 1984 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
22:07:04.0576 1984 AVGIDSDriver - ok
22:07:04.0669 1984 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
22:07:04.0669 1984 AVGIDSEH - ok
22:07:04.0748 1984 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
22:07:04.0779 1984 AVGIDSFilter - ok
22:07:04.0826 1984 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
22:07:04.0826 1984 AVGIDSShim - ok
22:07:04.0904 1984 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:07:04.0919 1984 Avgldx86 - ok
22:07:04.0951 1984 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:07:04.0951 1984 Avgmfx86 - ok
22:07:04.0998 1984 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:07:05.0029 1984 Avgrkx86 - ok
22:07:05.0388 1984 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:07:05.0419 1984 Avgtdix - ok
22:07:05.0544 1984 bcm4sbxp (6489310d11971f6ba6c7f49be0baf6e0) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
22:07:05.0560 1984 bcm4sbxp - ok
22:07:05.0576 1984 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:07:05.0591 1984 Beep - ok
22:07:05.0685 1984 BTKRNL (9c3c8b9e2eda516eb44b51dab81dbd68) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
22:07:05.0826 1984 BTKRNL - ok
22:07:05.0904 1984 BTSERIAL (089f7526ff41c17b0a43896d0553d5a2) C:\WINDOWS\system32\drivers\btserial.sys
22:07:05.0919 1984 BTSERIAL - ok
22:07:05.0998 1984 BTWUSB (56c701580f2891952761362ba7594b3d) C:\WINDOWS\system32\Drivers\btwusb.sys
22:07:06.0029 1984 BTWUSB - ok
22:07:06.0091 1984 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:07:06.0107 1984 cbidf - ok
22:07:06.0169 1984 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:07:06.0169 1984 cbidf2k - ok
22:07:06.0216 1984 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:07:06.0232 1984 CCDECODE - ok
22:07:06.0326 1984 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:07:06.0341 1984 cd20xrnt - ok
22:07:06.0498 1984 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:07:06.0529 1984 Cdaudio - ok
22:07:06.0716 1984 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:07:06.0748 1984 Cdfs - ok
22:07:06.0904 1984 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:07:06.0919 1984 Cdrom - ok
22:07:06.0966 1984 Changer - ok
22:07:07.0123 1984 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:07:07.0138 1984 CmBatt - ok
22:07:07.0201 1984 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:07:07.0216 1984 CmdIde - ok
22:07:07.0263 1984 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:07:07.0279 1984 Compbatt - ok
22:07:07.0560 1984 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:07:07.0560 1984 Cpqarray - ok
22:07:07.0732 1984 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
22:07:07.0794 1984 ctsfm2k - ok
22:07:07.0857 1984 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
22:07:07.0873 1984 CTUSFSYN - ok
22:07:07.0998 1984 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:07:08.0185 1984 dac2w2k - ok
22:07:08.0263 1984 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:07:08.0279 1984 dac960nt - ok
22:07:08.0341 1984 DIFMBUS - ok
22:07:08.0466 1984 DIFMCDF - ok
22:07:08.0482 1984 DIFMCVsp - ok
22:07:08.0498 1984 DIFMMdm - ok
22:07:08.0576 1984 DIFMNET - ok
22:07:08.0638 1984 DIFMNVsp - ok
22:07:08.0638 1984 DIFMVsp - ok
22:07:08.0716 1984 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:07:08.0732 1984 Disk - ok
22:07:08.0794 1984 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:07:09.0076 1984 dmboot - ok
22:07:09.0451 1984 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:07:09.0466 1984 dmio - ok
22:07:09.0529 1984 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:07:09.0529 1984 dmload - ok
22:07:09.0560 1984 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:07:09.0576 1984 DMusic - ok
22:07:09.0623 1984 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:07:09.0638 1984 dpti2o - ok
22:07:09.0669 1984 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:07:09.0685 1984 drmkaud - ok
22:07:09.0732 1984 drvmcdb (96bc8f872f0270c10edc3931f1c03776) C:\WINDOWS\system32\drivers\drvmcdb.sys
22:07:09.0763 1984 drvmcdb - ok
22:07:09.0982 1984 drvnddm (5afbec7a6ac61b211633dfdb1d9e0c89) C:\WINDOWS\system32\drivers\drvnddm.sys
22:07:10.0029 1984 drvnddm - ok
22:07:10.0185 1984 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
22:07:10.0185 1984 DSproct - ok
22:07:10.0279 1984 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:07:10.0294 1984 E100B - ok
22:07:10.0560 1984 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:07:10.0623 1984 Fastfat - ok
22:07:10.0748 1984 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:07:10.0763 1984 Fdc - ok
22:07:10.0982 1984 FilterService (20fe03294ac1429ae88a64c2f754b0d4) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
22:07:10.0998 1984 FilterService - ok
22:07:11.0201 1984 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:07:11.0216 1984 Fips - ok
22:07:11.0294 1984 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:07:11.0310 1984 Flpydisk - ok
22:07:11.0451 1984 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:07:11.0513 1984 FltMgr - ok
22:07:11.0669 1984 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:07:11.0685 1984 Fs_Rec - ok
22:07:11.0826 1984 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:07:11.0857 1984 Ftdisk - ok
22:07:11.0982 1984 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:07:12.0013 1984 GEARAspiWDM - ok
22:07:12.0216 1984 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:07:12.0263 1984 Gpc - ok
22:07:12.0544 1984 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:07:12.0591 1984 HDAudBus - ok
22:07:12.0654 1984 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
22:07:12.0716 1984 HidIr - ok
22:07:12.0982 1984 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:07:12.0998 1984 HidUsb - ok
22:07:13.0201 1984 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:07:13.0216 1984 hpn - ok
22:07:13.0451 1984 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:07:13.0607 1984 HPZid412 - ok
22:07:13.0998 1984 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:07:14.0060 1984 HPZipr12 - ok
22:07:14.0138 1984 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:07:14.0154 1984 HPZius12 - ok
22:07:14.0544 1984 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
22:07:14.0716 1984 HSF_DPV - ok
22:07:14.0810 1984 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
22:07:14.0841 1984 HSXHWAZL - ok
22:07:14.0998 1984 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:07:15.0091 1984 HTTP - ok
22:07:15.0263 1984 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:07:15.0279 1984 i2omgmt - ok
22:07:15.0498 1984 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:07:15.0529 1984 i2omp - ok
22:07:15.0576 1984 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:07:15.0591 1984 i8042prt - ok
22:07:15.0685 1984 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:07:15.0716 1984 Imapi - ok
22:07:15.0826 1984 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:07:15.0841 1984 ini910u - ok
22:07:16.0091 1984 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:07:16.0107 1984 IntelIde - ok
22:07:16.0248 1984 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:07:16.0263 1984 intelppm - ok
22:07:16.0607 1984 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:07:16.0638 1984 Ip6Fw - ok
22:07:16.0701 1984 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:07:16.0716 1984 IpFilterDriver - ok
22:07:16.0826 1984 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:07:16.0841 1984 IpInIp - ok
22:07:17.0029 1984 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:07:17.0076 1984 IpNat - ok
22:07:17.0185 1984 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:07:17.0201 1984 IPSec - ok
22:07:17.0419 1984 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
22:07:17.0466 1984 IrBus - ok
22:07:17.0576 1984 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:07:17.0607 1984 IRENUM - ok
22:07:17.0779 1984 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:07:17.0794 1984 isapnp - ok
22:07:18.0029 1984 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:07:18.0044 1984 Kbdclass - ok
22:07:18.0232 1984 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:07:18.0248 1984 kbdhid - ok
22:07:18.0310 1984 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:07:18.0326 1984 kmixer - ok
22:07:18.0451 1984 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:07:18.0529 1984 KSecDD - ok
22:07:18.0654 1984 lbrtfdc - ok
22:07:18.0716 1984 lvpopflt (af280405c10f0d20f37670b7432e5c2f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
22:07:18.0763 1984 lvpopflt - ok
22:07:18.0904 1984 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
22:07:18.0904 1984 LVPr2Mon - ok
22:07:19.0310 1984 LVRS (e52f5a2cadcf08d07f559962f807a0a2) C:\WINDOWS\system32\DRIVERS\lvrs.sys
22:07:19.0341 1984 LVRS - ok
22:07:19.0888 1984 LVUVC (c3d02260beb2b48dea1efdfca91e4b69) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:07:20.0919 1984 LVUVC - ok
22:07:21.0123 1984 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:07:21.0138 1984 mdmxsdk - ok
22:07:21.0263 1984 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
22:07:21.0294 1984 MHNDRV - ok
22:07:21.0435 1984 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:07:21.0451 1984 mnmdd - ok
22:07:21.0748 1984 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:07:21.0763 1984 Modem - ok
22:07:22.0123 1984 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
22:07:22.0263 1984 monfilt - ok
22:07:22.0544 1984 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:07:22.0576 1984 Mouclass - ok
22:07:22.0701 1984 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:07:22.0732 1984 mouhid - ok
22:07:22.0857 1984 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:07:22.0873 1984 MountMgr - ok
22:07:23.0013 1984 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:07:23.0076 1984 mraid35x - ok
22:07:23.0185 1984 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:07:23.0216 1984 MRxDAV - ok
22:07:23.0451 1984 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:07:23.0498 1984 MRxSmb - ok
22:07:23.0591 1984 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:07:23.0607 1984 Msfs - ok
22:07:23.0826 1984 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:07:23.0841 1984 MSKSSRV - ok
22:07:23.0919 1984 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:07:23.0935 1984 MSPCLOCK - ok
22:07:24.0076 1984 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:07:24.0091 1984 MSPQM - ok
22:07:24.0263 1984 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:07:24.0279 1984 mssmbios - ok
22:07:24.0388 1984 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:07:24.0388 1984 MSTEE - ok
22:07:24.0607 1984 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:07:24.0623 1984 Mup - ok
22:07:24.0763 1984 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:07:24.0779 1984 NABTSFEC - ok
22:07:24.0873 1984 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:07:24.0951 1984 NDIS - ok
22:07:25.0091 1984 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:07:25.0107 1984 NdisIP - ok
22:07:25.0232 1984 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:07:25.0232 1984 NdisTapi - ok
22:07:25.0310 1984 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:07:25.0326 1984 Ndisuio - ok
22:07:25.0404 1984 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:07:25.0513 1984 NdisWan - ok
22:07:25.0732 1984 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:07:25.0748 1984 NDProxy - ok
22:07:25.0888 1984 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:07:25.0904 1984 NetBIOS - ok
22:07:25.0951 1984 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:07:25.0966 1984 NetBT - ok
22:07:26.0248 1984 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:07:26.0263 1984 NIC1394 - ok
22:07:26.0341 1984 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:07:26.0357 1984 Npfs - ok
22:07:26.0419 1984 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:07:26.0560 1984 Ntfs - ok
22:07:26.0654 1984 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:07:26.0654 1984 Null - ok
22:07:27.0169 1984 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:07:27.0591 1984 nv - ok
22:07:27.0841 1984 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:07:27.0857 1984 NwlnkFlt - ok
22:07:27.0873 1984 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:07:27.0888 1984 NwlnkFwd - ok
22:07:27.0966 1984 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:07:27.0982 1984 ohci1394 - ok
22:07:28.0060 1984 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
22:07:28.0060 1984 omci - ok
22:07:28.0404 1984 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
22:07:28.0451 1984 ossrv - ok
22:07:28.0544 1984 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:07:28.0591 1984 Parport - ok
22:07:28.0654 1984 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:07:28.0669 1984 PartMgr - ok
22:07:28.0779 1984 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:07:28.0794 1984 ParVdm - ok
22:07:28.0857 1984 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:07:28.0873 1984 PCI - ok
22:07:28.0951 1984 PCIDump - ok
22:07:29.0044 1984 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:07:29.0060 1984 PCIIde - ok
22:07:29.0263 1984 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:07:29.0294 1984 Pcmcia - ok
22:07:29.0294 1984 PDCOMP - ok
22:07:29.0326 1984 PDFRAME - ok
22:07:29.0373 1984 PDRELI - ok
22:07:29.0529 1984 PDRFRAME - ok
22:07:29.0654 1984 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:07:29.0685 1984 perc2 - ok
22:07:29.0748 1984 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:07:29.0794 1984 perc2hib - ok
22:07:29.0935 1984 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:07:29.0966 1984 PptpMiniport - ok
22:07:30.0169 1984 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:07:30.0185 1984 PSched - ok
22:07:30.0232 1984 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:07:30.0248 1984 Ptilink - ok
22:07:30.0341 1984 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:07:30.0435 1984 PxHelp20 - ok
22:07:30.0607 1984 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:07:30.0701 1984 ql1080 - ok
22:07:30.0779 1984 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:07:30.0810 1984 Ql10wnt - ok
22:07:30.0841 1984 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:07:30.0873 1984 ql12160 - ok
22:07:31.0044 1984 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:07:31.0076 1984 ql1240 - ok
22:07:31.0123 1984 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:07:31.0138 1984 ql1280 - ok
22:07:31.0185 1984 QWAVEDRV (2bb1d2baf3493362e5c1949c5f210d5f) C:\WINDOWS\system32\DRIVERS\qwavedrv.sys
22:07:31.0216 1984 QWAVEDRV - ok
22:07:31.0373 1984 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:07:31.0388 1984 RasAcd - ok
22:07:31.0607 1984 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:07:31.0623 1984 Rasl2tp - ok
22:07:31.0685 1984 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:07:31.0701 1984 RasPppoe - ok
22:07:31.0810 1984 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:07:31.0841 1984 Raspti - ok
22:07:31.0888 1984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:07:31.0904 1984 Rdbss - ok
22:07:32.0013 1984 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:07:32.0029 1984 RDPCDD - ok
22:07:32.0232 1984 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:07:32.0263 1984 rdpdr - ok
22:07:32.0341 1984 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:07:32.0388 1984 RDPWD - ok
22:07:32.0529 1984 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:07:32.0576 1984 redbook - ok
22:07:32.0669 1984 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
22:07:32.0716 1984 rimmptsk - ok
22:07:32.0748 1984 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
22:07:32.0763 1984 rimsptsk - ok
22:07:32.0873 1984 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
22:07:32.0904 1984 rismxdp - ok
22:07:33.0060 1984 s24trans (2c0e9e777ab1849b43494626c1f308b5) C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:07:33.0076 1984 s24trans - ok
22:07:33.0341 1984 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:07:33.0373 1984 sdbus - ok
22:07:33.0529 1984 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:07:33.0544 1984 Secdrv - ok
22:07:33.0748 1984 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:07:33.0763 1984 serenum - ok
22:07:33.0951 1984 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:07:33.0982 1984 Serial - ok
22:07:34.0185 1984 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:07:34.0201 1984 Sfloppy - ok
22:07:34.0279 1984 Simbad - ok
22:07:34.0388 1984 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:07:34.0404 1984 sisagp - ok
22:07:34.0716 1984 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:07:34.0748 1984 SLIP - ok
22:07:34.0841 1984 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:07:34.0857 1984 Sparrow - ok
22:07:35.0029 1984 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:07:35.0029 1984 splitter - ok
22:07:35.0326 1984 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:07:35.0779 1984 sr - ok
22:07:35.0966 1984 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:07:35.0982 1984 Srv - ok
22:07:36.0091 1984 sscdbhk5 (98625722ad52b40305e74aaa83c93086) C:\WINDOWS\system32\drivers\sscdbhk5.sys
22:07:36.0123 1984 sscdbhk5 - ok
22:07:36.0185 1984 ssfs0bbc (4479aeb7ec022b75f882c167fe2a7a34) C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys
22:07:36.0201 1984 ssfs0bbc - ok
22:07:36.0357 1984 SSHRMD (58154d7f69a1322d9bd885e2e61cf152) C:\WINDOWS\system32\Drivers\SSHRMD.SYS
22:07:36.0357 1984 SSHRMD - ok
22:07:36.0466 1984 SSIDRV (e971eee20b8083e57b5529aea065ec51) C:\WINDOWS\system32\Drivers\SSIDRV.SYS
22:07:36.0482 1984 SSIDRV - ok
22:07:36.0544 1984 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys
22:07:36.0576 1984 SSKBFD - ok
22:07:36.0857 1984 ssrtln (d79412e3942c8a257253487536d5a994) C:\WINDOWS\system32\drivers\ssrtln.sys
22:07:36.0904 1984 ssrtln - ok
22:07:37.0076 1984 STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys
22:07:37.0185 1984 STHDA - ok
22:07:37.0279 1984 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:07:37.0326 1984 streamip - ok
22:07:37.0419 1984 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:07:37.0435 1984 swenum - ok
22:07:37.0466 1984 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:07:37.0482 1984 swmidi - ok
22:07:37.0560 1984 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:07:37.0576 1984 symc810 - ok
22:07:37.0701 1984 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:07:37.0748 1984 symc8xx - ok
22:07:37.0935 1984 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:07:37.0935 1984 sym_hi - ok
22:07:38.0060 1984 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:07:38.0076 1984 sym_u3 - ok
22:07:38.0232 1984 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:07:38.0326 1984 SynTP - ok
22:07:38.0623 1984 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:07:38.0623 1984 sysaudio - ok
22:07:38.0732 1984 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:07:38.0763 1984 Tcpip - ok
22:07:38.0826 1984 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:07:38.0919 1984 TDPIPE - ok
22:07:39.0138 1984 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:07:39.0154 1984 TDTCP - ok
22:07:39.0294 1984 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:07:39.0341 1984 TermDD - ok
22:07:39.0826 1984 tfsnboio (d0177776e11b0b3f272eebd262a69661) C:\WINDOWS\system32\dla\tfsnboio.sys
22:07:39.0841 1984 tfsnboio - ok
22:07:40.0123 1984 tfsncofs (599804bc938b8305a5422319774da871) C:\WINDOWS\system32\dla\tfsncofs.sys
22:07:40.0138 1984 tfsncofs - ok
22:07:40.0169 1984 tfsndrct (a1902c00adc11c4d83f8e3ed947a6a32) C:\WINDOWS\system32\dla\tfsndrct.sys
22:07:40.0185 1984 tfsndrct - ok
22:07:40.0263 1984 tfsndres (d8ddb3f2b1bef15cff6728d89c042c61) C:\WINDOWS\system32\dla\tfsndres.sys
22:07:40.0279 1984 tfsndres - ok
22:07:40.0294 1984 tfsnifs (c4f2dea75300971cdaee311007de138d) C:\WINDOWS\system32\dla\tfsnifs.sys
22:07:40.0435 1984 tfsnifs - ok
22:07:40.0544 1984 tfsnopio (272925be0ea919f08286d2ee6f102b0f) C:\WINDOWS\system32\dla\tfsnopio.sys
22:07:40.0591 1984 tfsnopio - ok
22:07:40.0826 1984 tfsnpool (7b7d955e5cebc2fb88b03ef875d52a2f) C:\WINDOWS\system32\dla\tfsnpool.sys
22:07:40.0841 1984 tfsnpool - ok
22:07:40.0904 1984 tfsnudf (e3d01263109d800c1967c12c10a0b018) C:\WINDOWS\system32\dla\tfsnudf.sys
22:07:40.0919 1984 tfsnudf - ok
22:07:41.0076 1984 tfsnudfa (b9e9c377906e3a65bc74598fff7f7458) C:\WINDOWS\system32\dla\tfsnudfa.sys
22:07:41.0091 1984 tfsnudfa - ok
22:07:41.0185 1984 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:07:41.0216 1984 TosIde - ok
22:07:41.0279 1984 TPkd (a00dbb3ccf4e0821dd531db8746a1374) C:\WINDOWS\system32\drivers\TPkd.sys
22:07:41.0294 1984 TPkd - ok
22:07:41.0544 1984 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:07:41.0576 1984 Udfs - ok
22:07:41.0654 1984 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:07:41.0701 1984 ultra - ok
22:07:41.0919 1984 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:07:41.0966 1984 Update - ok
22:07:42.0310 1984 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:07:42.0341 1984 USBAAPL - ok
22:07:42.0435 1984 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:07:42.0451 1984 usbaudio - ok
22:07:42.0638 1984 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:07:42.0654 1984 usbccgp - ok
22:07:42.0810 1984 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:07:42.0826 1984 usbehci - ok
22:07:42.0966 1984 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:07:43.0044 1984 usbhub - ok
22:07:43.0341 1984 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:07:43.0373 1984 usbprint - ok
22:07:43.0466 1984 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:07:43.0482 1984 usbscan - ok
22:07:43.0779 1984 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:07:43.0794 1984 USBSTOR - ok
22:07:43.0951 1984 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:07:43.0966 1984 usbuhci - ok
22:07:44.0326 1984 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:07:44.0357 1984 usbvideo - ok
22:07:44.0529 1984 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:07:44.0685 1984 VgaSave - ok
22:07:44.0826 1984 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:07:44.0841 1984 viaagp - ok
22:07:44.0888 1984 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:07:44.0904 1984 ViaIde - ok
22:07:44.0951 1984 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:07:44.0966 1984 VolSnap - ok
22:07:45.0310 1984 w39n51 (95c7421f8bafc85ba09d33364058937d) C:\WINDOWS\system32\DRIVERS\w39n51.sys
22:07:45.0419 1984 w39n51 - ok
22:07:45.0607 1984 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:07:45.0623 1984 Wanarp - ok
22:07:45.0810 1984 wanatw - ok
22:07:45.0826 1984 WDICA - ok
22:07:45.0857 1984 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:07:45.0873 1984 wdmaud - ok
22:07:45.0935 1984 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
22:07:45.0998 1984 winachsf - ok
22:07:46.0294 1984 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:07:46.0310 1984 WmiAcpi - ok
22:07:46.0404 1984 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:07:46.0419 1984 WSTCODEC - ok
22:07:46.0529 1984 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:07:46.0560 1984 WudfPf - ok
22:07:46.0654 1984 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:07:46.0685 1984 WudfRd - ok
22:07:46.0716 1984 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
22:07:46.0763 1984 \Device\Harddisk0\DR0 - ok
22:07:46.0794 1984 Boot (0x1200) (5a254d3aaba07a996e526734a2b2f49c) \Device\Harddisk0\DR0\Partition0
22:07:46.0794 1984 \Device\Harddisk0\DR0\Partition0 - ok
22:07:46.0794 1984 ============================================================
22:07:46.0794 1984 Scan finished
22:07:46.0794 1984 ============================================================
22:07:46.0810 4976 Detected object count: 0
22:07:46.0810 4976 Actual detected object count: 0


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-05 22:11:43
-----------------------------
22:11:43.060 OS Version: Windows 5.1.2600 Service Pack 3
22:11:43.060 Number of processors: 2 586 0xF06
22:11:43.060 ComputerName: D91CS6C1 UserName: julie k
22:11:44.716 Initialize success
22:18:35.560 AVAST engine defs: 11110503
22:20:44.263 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:20:44.263 Disk 0 Vendor: FUJITSU_MHV2120BH 0085002A Size: 114473MB BusType: 3
22:20:46.279 Disk 0 MBR read successfully
22:20:46.279 Disk 0 MBR scan
22:20:46.326 Disk 0 unknown MBR code
22:20:46.326 Disk 0 scanning sectors +234436545
22:20:46.419 Disk 0 scanning C:\WINDOWS\system32\drivers
22:21:45.669 Service scanning
22:21:46.982 Modules scanning
22:22:17.576 AVAST engine scan C:\WINDOWS
22:22:40.294 AVAST engine scan C:\WINDOWS\system32
22:29:38.263 AVAST engine scan C:\WINDOWS\system32\drivers
22:30:02.388 AVAST engine scan C:\Documents and Settings\julie k
22:30:48.873 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\julie k\Desktop\MBR.dat"
22:30:48.888 The log file has been saved successfully to "C:\Documents and Settings\julie k\Desktop\aswMBR.txt"
  • 0

#6
Phillip Kaufmann
Posted 05 November 2011 - 08:45 PM

Phillip Kaufmann

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
OTL logfile created on: 11/5/2011 10:38:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\julie k\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 54.24% Memory free
3.85 Gb Paging File | 2.33 Gb Available in Paging File | 60.45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.09 Gb Total Space | 65.49 Gb Free Space | 62.32% Space Free | Partition Type: NTFS
Drive D: | 1.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: D91CS6C1 | User Name: julie k | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/05 22:36:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\julie k\Desktop\OTL.exe
PRC - [2011/10/24 20:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/10/18 06:14:54 | 001,229,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/01/12 22:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 19:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2009/05/13 15:40:08 | 006,345,840 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
PRC - [2009/04/21 18:26:52 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
PRC - [2008/07/14 12:49:42 | 000,623,904 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\xdcla.exe
PRC - [2008/07/14 12:24:46 | 000,024,576 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/25 18:10:50 | 000,079,136 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\OmniPage15\OpWare15.exe
PRC - [2007/06/25 18:10:20 | 000,943,392 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\OmniPage15\OpAgent.exe
PRC - [2007/05/02 18:16:54 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/12/06 16:39:56 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2006/08/28 23:57:12 | 000,395,776 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2006/05/24 20:28:28 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/05/01 11:34:00 | 000,262,217 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2006/05/01 11:28:26 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/05/01 11:28:06 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006/05/01 11:26:14 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/03/25 01:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/10/31 12:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2001/09/10 16:03:56 | 000,027,648 | R--- | M] () -- C:\Program Files\WinFax\WFXSWTCH.exe
PRC - [2001/09/10 16:03:55 | 000,549,376 | R--- | M] () -- C:\Program Files\WinFax\WFXCTL32.EXE
PRC - [2001/09/10 16:03:55 | 000,541,184 | R--- | M] (Symantec Corporation) -- C:\Program Files\WinFax\WFXMOD32.EXE
PRC - [2001/09/10 16:03:55 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WFXSNT40.EXE
PRC - [2000/09/28 23:58:42 | 000,129,536 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\WFXSVC.EXE


========== Modules (No Company Name) ==========

MOD - [2011/10/17 03:02:03 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_242da3de\mscorlib.dll
MOD - [2011/10/17 03:02:00 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_f6e43098\system.drawing.dll
MOD - [2011/10/17 03:01:56 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_761836ba\system.xml.dll
MOD - [2011/10/17 03:01:52 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c9942d2f\system.windows.forms.dll
MOD - [2011/10/17 03:01:44 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_a30c5079\system.dll
MOD - [2011/10/17 03:01:30 | 001,265,664 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2011/10/17 03:01:30 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2011/01/12 21:57:34 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2011/01/12 21:55:28 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2010/05/07 19:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 19:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 19:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 19:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 19:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 19:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/02/05 14:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/04/22 17:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 19:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 18:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 18:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 18:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 18:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 18:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 18:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 18:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 18:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 18:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/05/24 20:29:44 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006/05/01 11:38:06 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2006/05/01 11:38:06 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/05/01 11:38:06 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2006/03/10 13:49:30 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/08/16 23:02:54 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2005/08/16 23:02:54 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2005/08/16 23:02:54 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2005/08/16 23:02:52 | 000,573,440 | ---- | M] () -- c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll
MOD - [2001/09/10 16:03:56 | 000,027,648 | R--- | M] () -- C:\Program Files\WinFax\WFXSWTCH.exe
MOD - [2001/09/10 16:03:55 | 000,549,376 | R--- | M] () -- C:\Program Files\WinFax\WFXCTL32.EXE
MOD - [2001/09/10 16:03:49 | 000,160,256 | R--- | M] () -- C:\Program Files\WinFax\WFSUBKUP.DLL
MOD - [2000/09/28 23:58:40 | 000,228,864 | ---- | M] () -- C:\Program Files\WinFax\WFXVW32I.DLL
MOD - [2000/09/28 23:58:38 | 000,199,680 | ---- | M] () -- C:\Program Files\WinFax\WFXPDK32.DLL
MOD - [2000/09/28 23:58:38 | 000,012,800 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\WFXPNT40.DLL
MOD - [2000/09/28 23:58:34 | 000,288,768 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\pop3cli.dll
MOD - [2000/09/28 23:58:34 | 000,225,280 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\mime32.dll
MOD - [2000/09/28 23:58:34 | 000,177,152 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\smtpcli.dll
MOD - [2000/09/28 23:58:34 | 000,142,336 | ---- | M] () -- C:\Program Files\WinFax\SENGINE.DLL
MOD - [2000/09/28 23:58:32 | 001,574,400 | ---- | M] () -- C:\Program Files\WinFax\DCCDA32I.DLL
MOD - [2000/09/28 23:58:32 | 000,392,192 | ---- | M] () -- C:\Program Files\WinFax\DCCTBP32.DLL
MOD - [2000/09/28 23:58:32 | 000,166,912 | ---- | M] () -- C:\Program Files\WinFax\DCCDA32K.DLL


========== Win32 Services (SafeList) ==========

SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/04/21 18:26:52 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2006/12/06 16:39:56 | 000,069,632 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2006/05/01 11:34:00 | 000,262,217 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2005/10/06 19:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)
SRV - [2000/09/28 23:58:42 | 000,129,536 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\WINDOWS\system32\WFXSVC.EXE -- (wfxsvc)


========== Driver Services (SafeList) ==========

DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/05/14 18:04:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/05/14 18:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam C210(UVC)
DRV - [2010/05/14 18:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/14 18:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/21 18:27:04 | 000,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\SSIDRV.SYS -- (SSIDRV)
DRV - [2009/04/21 18:27:04 | 000,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\SSHRMD.SYS -- (SSHRMD)
DRV - [2009/04/21 18:27:02 | 000,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV - [2008/04/13 14:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/01/04 21:34:36 | 000,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/09/05 12:04:34 | 000,079,408 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2006/12/06 16:45:59 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/08/25 09:23:08 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/05/24 20:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 20:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 20:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/23 16:06:36 | 001,578,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/05/01 11:52:02 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/04/27 01:13:04 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/03/25 01:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/02/04 04:25:22 | 000,386,560 | ---- | M] (Lumanate, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AngelUsb.sys -- (AngelUsb)
DRV - [2006/01/10 13:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/01/04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/07/15 01:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/07/15 00:28:38 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/07/13 02:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/05/25 11:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005/01/10 12:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/10 12:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2004/02/13 18:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061206
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061206

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061206
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.com/myconnection
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Hotbar\bin\10.2.236.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/11/03 16:56:59 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/02/16 15:47:35 | 000,000,734 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Opware15] C:\Program Files\Nuance\OmniPage15\Opware15.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDF4 Registry Controller] C:\Program Files\Nuance\PDF Converter 4\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WFXSwtch] C:\Program Files\WinFax\WFXSWTCH.exe ()
O4 - HKLM..\Run: [WinFaxAppPortStarter] C:\WINDOWS\System32\WFXSNT40.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [OpAgent] C:\Program Files\Nuance\OmniPage15\OpAgent.exe (Nuance Communications, Inc.)
O4 - HKCU..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Controller.LNK = C:\Program Files\WinFax\WFXCTL32.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Image Retriever.lnk = C:\Program Files\Nuance\PaperPort\xdcla.exe (Nuance Communications, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZUxdm265YYUS File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.1 - C:\Program Files\Nuance\PDF Converter 4\cnvres_eng.dll ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...p1.0.0.15-3.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1005.cab (MySpace Uploader Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase5036.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1173785205875 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70C05421-3375-4540-8093-64BE7E1BE1F1}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\julie k\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\julie k\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {A213B520-C6C2-11d0-AF9D-008029E1027E} - C:\Program Files\WinFax\WFXSEH32.DLL (Symantec Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 06:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/05 22:36:32 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\julie k\Desktop\OTL.exe
[2011/11/05 22:04:28 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\julie k\Desktop\aswMBR.exe
[2011/11/05 22:02:51 | 001,563,952 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\julie k\Desktop\tdsskiller.exe
[2011/11/04 07:52:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/04 07:50:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/11/03 17:03:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\julie k\Application Data\AVG
[2011/11/03 17:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC Tuneup 2011
[2011/11/03 16:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\julie k\Application Data\AVG2012
[2011/11/03 16:56:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2011/11/03 16:55:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/03 16:55:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/10/27 20:57:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\julie k\Desktop\vicky
[2011/10/23 20:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/10/23 20:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/23 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/23 20:37:35 | 004,517,664 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2011/10/23 20:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/07 20:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\julie k\My Documents\My Digital Editions
[2011/10/07 06:23:48 | 000,230,608 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/05 22:40:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A5A5AB8F-4E2A-4C44-85E6-E78526FA7F69}.job
[2011/11/05 22:36:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\julie k\Desktop\OTL.exe
[2011/11/05 22:35:41 | 000,083,340 | ---- | M] () -- C:\Documents and Settings\julie k\Desktop\398-otl-oldtimers-list-it.htm
[2011/11/05 22:35:14 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/05 22:30:48 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\julie k\Desktop\MBR.dat
[2011/11/05 22:04:34 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\julie k\Desktop\aswMBR.exe
[2011/11/05 22:04:28 | 001,563,952 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\julie k\Desktop\tdsskiller.exe
[2011/11/05 22:00:28 | 108,876,448 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/11/05 21:57:52 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B0A519E8-0121-4975-BEC2-C6F1417EF271}.job
[2011/11/05 21:54:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/05 21:53:55 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/05 21:53:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/05 21:53:09 | 2145,845,248 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/04 07:50:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/11/04 07:36:13 | 000,466,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/03 17:02:15 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\julie k\Desktop\AVG PC Tuneup 2011.lnk
[2011/11/03 16:56:59 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/10/27 23:00:02 | 000,001,634 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_L7B6FB7B62AA0454D81E6B7AA0390A136.job
[2011/10/27 22:39:49 | 000,078,577 | ---- | M] () -- C:\Documents and Settings\julie k\Desktop\May 6, 2011 - Maverick[1].pdf
[2011/10/27 22:38:21 | 001,314,943 | ---- | M] () -- C:\Documents and Settings\julie k\Desktop\Maverick_-_Deposit_and_Bill_of_Sale_Contract_4-23-11[1].pdf
[2011/10/23 20:39:29 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/19 22:34:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/19 21:06:59 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/17 03:08:01 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/17 03:00:04 | 000,001,620 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_LFF9A54E41C0E47608E9B63A71E305440.job
[2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/05 22:35:40 | 000,083,340 | ---- | C] () -- C:\Documents and Settings\julie k\Desktop\398-otl-oldtimers-list-it.htm
[2011/11/05 22:30:48 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\julie k\Desktop\MBR.dat
[2011/11/05 22:00:28 | 108,876,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/11/03 17:02:15 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\julie k\Desktop\AVG PC Tuneup 2011.lnk
[2011/11/03 16:56:59 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/11/03 16:56:26 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjw.avm
[2011/10/27 22:39:49 | 000,078,577 | ---- | C] () -- C:\Documents and Settings\julie k\Desktop\May 6, 2011 - Maverick[1].pdf
[2011/10/27 22:38:21 | 001,314,943 | ---- | C] () -- C:\Documents and Settings\julie k\Desktop\Maverick_-_Deposit_and_Bill_of_Sale_Contract_4-23-11[1].pdf
[2011/10/23 20:39:29 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/19 21:04:05 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/11 20:18:34 | 000,000,633 | ---- | C] () -- C:\WINDOWS\System32\Franklin Access Manager.ini
[2011/03/14 17:11:35 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\julie k\Local Settings\Application Data\fusioncache.dat
[2011/02/20 18:38:09 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/07/05 08:28:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WTNSETUP.INI
[2010/07/05 07:33:14 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\DCCWFP32.DLL
[2010/07/05 07:33:13 | 000,000,250 | ---- | C] () -- C:\WINDOWS\WINFAX.INI
[2010/07/05 07:33:10 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2010/05/14 17:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 17:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/14 17:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 17:47:00 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/12 22:33:22 | 000,031,931 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/01/07 06:40:20 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/08/06 07:49:20 | 000,775,168 | ---- | C] () -- C:\WINDOWS\is-31ED9.exe
[2009/04/30 07:35:06 | 000,166,217 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2009/04/30 07:35:06 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2009/04/21 18:26:56 | 000,031,088 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll
[2009/04/21 18:26:48 | 000,016,240 | ---- | C] () -- C:\WINDOWS\System32\SsiEfr.exe
[2009/03/22 08:55:11 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2009/03/15 21:32:40 | 000,018,790 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2008/09/28 21:31:31 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/09/28 15:24:01 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\txtpdf2.dll
[2008/09/07 11:11:47 | 000,000,074 | ---- | C] () -- C:\WINDOWS\st_affiliate.ini
[2008/08/31 14:10:20 | 000,172,032 | ---- | C] () -- C:\WINDOWS\TDUninst.exe
[2008/08/20 06:35:03 | 000,000,022 | ---- | C] () -- C:\WINDOWS\pskt.ini
[2008/06/28 22:15:49 | 000,000,072 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/22 22:52:02 | 000,000,064 | ---- | C] () -- C:\WINDOWS\PrintWorkShop2004LE.ini
[2007/03/08 15:17:02 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/01/10 06:29:53 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/12/25 11:22:08 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2006/12/25 06:59:48 | 000,002,236 | ---- | C] () -- C:\Documents and Settings\julie k\Application Data\wklnhst.dat
[2006/12/06 17:01:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/12/06 16:52:43 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/06 16:46:19 | 000,000,411 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/06 16:45:02 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/12/06 16:40:21 | 000,010,820 | ---- | C] () -- C:\WINDOWS\System32\CTSBMB.INI
[2006/12/06 16:39:58 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\mes2046.dll
[2006/12/06 16:39:39 | 000,022,629 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
[2006/12/06 16:08:36 | 000,102,480 | ---- | C] () -- C:\WINDOWS\System32\EzRating.dll
[2006/12/06 16:08:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\EzdCoIns.dll
[2006/12/06 16:08:22 | 001,355,042 | ---- | C] () -- C:\WINDOWS\System32\CTMBHA.DLL
[2006/12/06 16:08:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/12/06 16:08:04 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/12/06 16:07:58 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/12/06 16:07:16 | 000,000,390 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/24 20:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/08/16 06:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 06:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 06:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 06:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 06:27:59 | 000,466,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 06:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 06:18:33 | 000,441,868 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 06:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 06:18:33 | 000,077,138 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 06:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 06:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 06:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 06:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 06:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 06:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 06:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 06:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/12 08:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000/02/24 01:03:04 | 000,061,502 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL

< End of report >
  • 0

#7
Phillip Kaufmann
Posted 05 November 2011 - 08:46 PM

Phillip Kaufmann

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
OTL Extras logfile created on: 11/5/2011 10:38:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\julie k\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 54.24% Memory free
3.85 Gb Paging File | 2.33 Gb Available in Paging File | 60.45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.09 Gb Total Space | 65.49 Gb Free Space | 62.32% Space Free | Partition Type: NTFS
Drive D: | 1.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: D91CS6C1 | User Name: julie k | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"3776:UDP" = 3776:UDP:*:Enabled:Media Center Extender Service
"3390:TCP" = 3390:TCP:*:Enabled:Remote Media Center Experience
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell\MediaDirect\PCMService.exe" = C:\Program Files\Dell\MediaDirect\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program -- (CyberLink Corp.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01C09D67-BE24-43C6-9C4A-060394517B09}" = Newnovelist2
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{23FE964A-853B-4176-86D7-9E18B5CA1FC0}" = Media Center Extender
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{272A0EBC-7824-4850-A69F-7D9B0D73A999}" = ScanSoft PDF Professional 4
"{292E0400-E811-4A08-82D8-1B5C8EF2CEB1}" = ScanSoft PaperPort 11
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2DFE1608-BDCA-11D1-B7AE-00C04FB92F3D}" = Microsoft Project 2000
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{348054A0-6F9A-4EF9-BBB0-827C14C20D86}" = Media Center Karaoke Plug-in
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{4447D5B5-95ED-4C4D-A9C3-1D8E892D5377}" = AVG 2012
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{66563AD8-637B-407F-BCA7-0233A16891AB}" = Business Contact Manager for Outlook 2003
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7FEC54BD-4EFD-45D9-BD30-9079B4AF0C1D}" = Image Retriever 8
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8543EFA3-2C95-48EB-ABB3-25CB69DAD47F}" = ScanSoft OmniPage 15
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{98BD9EA5-2DF2-445C-8C8D-057F55B3C633}" = AVG 2012
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C1008475-75B2-4475-B98C-51FAE8B62960}" = Concord WinFax Plugin v3.0
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7}" = Movie Magic Screenwriter 6
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2012
"BN_DesktopReader" = NOOK for PC
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Audio Pack" = Creative Audio Pack
"deskPDF 2.5 Professional_is1" = deskPDF 2.5 Professional Edition
"EHome Devices" = Media Center Extender
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"GPL Ghostscript_is1" = Docudesk GPL Ghostscript 8.15
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate1.6" = LiveUpdate 1.6 (Symantec Corporation)
"Logitech Vid" = Logitech Vid HD
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MyWebSearch bar Uninstall" = My Web Search (IWON)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ProInst" = Intel® PROSet/Wireless Software
"PROPLUSR" = Microsoft Office Professional Plus 2007
"RealPlayer 6.0" = RealPlayer Basic
"SAMB_ADVMB_FILTER_DRV" = Sound Blaster ADVANCED MB Drivers
"Sound Blaster Audigy ADVANCED MB Product Registration" = Sound Blaster Audigy ADVANCED MB Product Registration
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UOThirdDawn" = Ultima Online 3D
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinFax" = Symantec WinFax PRO
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/24/2011 6:25:28 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/24/2011 6:25:28 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 994141

Error - 10/24/2011 6:25:28 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 994141

Error - 10/24/2011 6:25:44 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/24/2011 6:25:44 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1009781

Error - 10/24/2011 6:25:44 AM | Computer Name = D91CS6C1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1009781

Error - 10/24/2011 6:26:06 AM | Computer Name = D91CS6C1 | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 10/25/2011 5:29:50 AM | Computer Name = D91CS6C1 | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x00000000.

Error - 11/3/2011 1:35:24 PM | Computer Name = D91CS6C1 | Source = MsiInstaller | ID = 11935
Description = Product: Microsoft Office Professional Plus 2007 -- Error 1935.An
error occurred during the installation of assembly component {626422C7-6435-4BDE-A16D-3904F02AC23D}.
HRESULT: 0x80070005. assembly interface: IAssemblyCacheItem, function: Commit,
assembly name: Microsoft.Vbe.Interop,fileVersion="12.0.6600.1000",version="12.0.0.0000000",culture="neutral",publicKeyToken="71E9BCE111E9429C"

Error - 11/3/2011 1:37:08 PM | Computer Name = D91CS6C1 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Office Professional Plus 2007 - Update 'Microsoft
Office 2007 Service Pack 3 (SP3)' could not be installed. Error code 1603. Windows
Installer can create logs to help troubleshoot issues with installing software
packages. Use the following link for instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127

[ OSession Events ]
Error - 6/27/2009 11:39:29 AM | Computer Name = D91CS6C1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/27/2009 11:40:02 AM | Computer Name = D91CS6C1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/27/2009 11:40:09 AM | Computer Name = D91CS6C1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/23/2011 3:55:35 PM | Computer Name = D91CS6C1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2638
seconds with 1680 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/4/2011 7:52:06 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/4/2011 7:52:06 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7031
Description = The Bluetooth Service service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/4/2011 7:52:07 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7034
Description = The Creative Labs Licensing Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/4/2011 7:52:07 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7034
Description = The Creative Service for CDROM Access service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/4/2011 7:52:07 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7034
Description = The Process Monitor service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/4/2011 7:52:08 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7034
Description = The Intel® PROSet/Wireless Registry Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/4/2011 7:52:09 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7034
Description = The WinFax PRO service terminated unexpectedly. It has done this
1 time(s).

Error - 11/4/2011 7:52:15 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 11/4/2011 7:57:29 AM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/5/2011 9:55:52 PM | Computer Name = D91CS6C1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.


< End of report >
  • 0

#8
Phillip Kaufmann
Posted 05 November 2011 - 09:14 PM

Phillip Kaufmann

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
ComboFix 11-11-05.03 - julie k 11/05/2011 22:55:10.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1355 [GMT -4:00]
Running from: c:\documents and settings\julie k\Desktop\ComboFix.exe
AV: AVG Anti-Virus 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Webroot AntiVirus with AntiSpyware *Disabled/Updated* {77E10C7F-2CCA-4187-9394-BDBC267AD597}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\0509c6
c:\documents and settings\All Users\Application Data\0509c6\38.mof
c:\documents and settings\All Users\Application Data\0509c6\SIP.ico
c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\documents and settings\All Users\Application Data\HotbarSA
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfapx.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfarx.dll
c:\documents and settings\All Users\Application Data\TEMP\AVG\avgntdumpx.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\avgrunasx.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\compat.ini
c:\documents and settings\All Users\Application Data\TEMP\AVG\htmlayout.dll
c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_es.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaconf.txt
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfacz.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfada.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaes.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfafr.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfage.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfahu.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaid.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfain.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfait.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfajp.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfako.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfams.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfanl.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapb.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapl.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapt.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaru.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasc.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfask.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasp.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfatr.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaus.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfavera.txt
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaverx.txt
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazh.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazt.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini
c:\documents and settings\julie k\Application Data\Smart Internet Protection 2011
c:\documents and settings\julie k\Application Data\WeatherDPA
c:\program files\FunWebProducts
c:\program files\FunWebProducts\ScreenSaver\Images\015F3359.urr
c:\program files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn.html
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BRovly.dll
c:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SHllvw.dll
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\2.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\2.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\2.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\2.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\2.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\2.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSBar.dll
c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\00020C2B
c:\program files\MyWebSearch\bar\Cache\001BA9E8
c:\program files\MyWebSearch\bar\Cache\00D93A2B
c:\program files\MyWebSearch\bar\Cache\00D94026.bin
c:\program files\MyWebSearch\bar\Cache\00D940F1.bin
c:\program files\MyWebSearch\bar\Cache\00D944F8.bin
c:\program files\MyWebSearch\bar\Cache\00D95208.bin
c:\program files\MyWebSearch\bar\Cache\01024658
c:\program files\MyWebSearch\bar\Cache\014001FF.bin
c:\program files\MyWebSearch\bar\Cache\01400376.bin
c:\program files\MyWebSearch\bar\Cache\014004CE.bin
c:\program files\MyWebSearch\bar\Cache\01401289.bin
c:\program files\MyWebSearch\bar\Cache\019E9210
c:\program files\MyWebSearch\bar\Cache\01A07BFE
c:\program files\MyWebSearch\bar\Cache\023B05E2.bin
c:\program files\MyWebSearch\bar\Cache\023B066F.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search2
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Message\COMMON\ask_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.htm
c:\program files\MyWebSearch\bar\Message\COMMON\center.htm
c:\program files\MyWebSearch\bar\Message\COMMON\index.htm
c:\program files\MyWebSearch\bar\Message\COMMON\mid_dots.gif
c:\program files\MyWebSearch\bar\Message\COMMON\mws_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\protect.htm
c:\program files\MyWebSearch\bar\Message\COMMON\shocked.gif
c:\program files\MyWebSearch\bar\Message\COMMON\stop.gif
c:\program files\MyWebSearch\bar\Message\COMMON\systray.htm
c:\program files\MyWebSearch\bar\Message\COMMON\systrayp.htm
c:\program files\MyWebSearch\bar\Message\COMMON\tp_grad.gif
c:\program files\MyWebSearch\bar\Message\COMMON\warn.gif
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\MyWebSearch\bar\Settings\setting2.htm
c:\program files\MyWebSearch\bar\Settings\settings.dat
c:\windows\iun6002.exe
c:\windows\kb913800.exe
c:\windows\pskt.ini
c:\windows\system32\ieupdates.exe.tmp
c:\windows\system32\mcrh.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-10-06 to 2011-11-06 )))))))))))))))))))))))))))))))
.
.
2011-11-04 11:52 . 2011-11-04 11:52 -------- d-----w- C:\_OTL
2011-11-04 11:50 . 2011-11-04 11:50 584192 ----a-w- C:\OTL.com
2011-11-03 21:03 . 2011-11-03 21:04 -------- d-----w- c:\documents and settings\julie k\Application Data\AVG
2011-11-03 20:55 . 2011-11-06 02:00 -------- d-----w- c:\windows\system32\drivers\AVG
2011-11-03 20:55 . 2011-11-03 21:08 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012
2011-10-24 00:38 . 2011-10-24 00:38 -------- d-----w- c:\program files\iPod
2011-10-24 00:38 . 2011-10-24 00:39 -------- d-----w- c:\program files\iTunes
2011-10-24 00:37 . 2011-08-02 21:38 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-10-24 00:37 . 2011-08-02 21:38 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-10-24 00:36 . 2011-10-24 00:36 -------- d-----w- c:\program files\Bonjour
2011-10-07 10:23 . 2011-10-07 10:23 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-04 10:21 . 2011-10-04 10:21 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-09-26 15:41 . 2011-09-26 15:41 611328 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2005-08-16 10:18 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2005-08-16 10:18 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-09-09 09:12 . 2005-08-16 10:18 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2005-08-16 10:18 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 03:05 . 2011-08-31 03:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 03:05 . 2011-08-31 03:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 03:05 . 2011-08-31 03:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 03:05 . 2011-08-31 03:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:48 . 2005-08-16 10:18 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2005-08-16 10:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2005-08-16 10:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2005-08-16 10:18 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2005-08-16 10:18 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-08 10:08 . 2011-08-08 10:08 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2009-03-05 21:02 238968 ----a-w- c:\program files\Webroot\Spy Sweeper\Backup\CtxMenu_1_0_0_10.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-21 68856]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"OpAgent"="c:\program files\Nuance\OmniPage15\OpAgent.exe" [2007-06-25 943392]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-09 761947]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 602182]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-25 282624]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-05-02 184320]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-26 49152]
"SpySweeper"="c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2009-05-13 6345840]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\Nuance\PaperPort\pptd40nt.exe" [2008-07-14 24576]
"IndexSearch"="c:\program files\Nuance\PaperPort\IndexSearch.exe" [2008-07-14 40960]
"PPort11reminder"="c:\program files\Nuance\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"Opware15"="c:\program files\Nuance\OmniPage15\Opware15.exe" [2007-06-25 79136]
"PDF4 Registry Controller"="c:\program files\Nuance\PDF Converter 4\RegistryController.exe" [2007-06-08 46632]
"WFXSwtch"="c:\progra~1\WinFax\WFXSWTCH.exe" [2001-09-10 27648]
"WinFaxAppPortStarter"="wfxsnt40.exe" [2001-09-10 45568]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-25 2415456]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
Controller.LNK - c:\program files\WinFax\WFXCTL32.EXE [2010-7-5 549376]
Extender Resource Monitor.lnk - c:\windows\ehome\RMSysTry.exe [2005-10-20 18432]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Image Retriever.lnk - c:\program files\Nuance\PaperPort\xdcla.exe [2008-7-14 623904]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-4 81920]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{A213B520-C6C2-11d0-AF9D-008029E1027E}"= "c:\program files\WinFax\WfxSeh32.Dll" [1998-07-27 38400]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [7/11/2011 1:14 AM 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/13/2011 6:30 AM 32592]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2/25/2009 3:24 PM 29808]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/7/2011 6:23 AM 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7/11/2011 1:14 AM 295248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [10/12/2011 6:25 AM 4433248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 6:09 AM 192776]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [7/11/2011 1:14 AM 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [7/11/2011 1:14 AM 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/4/2011 6:21 AM 16720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/20/2011 6:38 PM 136176]
S3 AngelUsb;Angel USB MPEG Device;c:\windows\system32\drivers\AngelUsb.sys [12/6/2006 4:08 PM 386560]
S3 DIFMBUS;Franklin EVDO USB Modem Composite Device Driver;c:\windows\system32\DRIVERS\DIFMBUS.sys --> c:\windows\system32\DRIVERS\DIFMBUS.sys [?]
S3 DIFMCDF;Franklin EVDO USB Modem Installation CD;c:\windows\system32\DRIVERS\DIFMCDF.sys --> c:\windows\system32\DRIVERS\DIFMCDF.sys [?]
S3 DIFMCVsp;Franklin EVDO USB Modem CM Port;c:\windows\system32\DRIVERS\DIFMCVsp.sys --> c:\windows\system32\DRIVERS\DIFMCVsp.sys [?]
S3 DIFMMdm;Franklin EVDO USB Modem;c:\windows\system32\DRIVERS\DIFMMdm.sys --> c:\windows\system32\DRIVERS\DIFMMdm.sys [?]
S3 DIFMNET;Franklin EVDO USB Modem Network Adapter;c:\windows\system32\DRIVERS\DIFMNET.sys --> c:\windows\system32\DRIVERS\DIFMNET.sys [?]
S3 DIFMNVsp;Franklin EVDO USB Modem NMEA Port Serial Port;c:\windows\system32\DRIVERS\DIFMNVsp.sys --> c:\windows\system32\DRIVERS\DIFMNVsp.sys [?]
S3 DIFMVsp;Franklin EVDO USB Modem Diagnostics Port;c:\windows\system32\DRIVERS\DIFMVsp.sys --> c:\windows\system32\DRIVERS\DIFMVsp.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/20/2011 6:38 PM 136176]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 63958218
*NewlyCreated* - ASWMBR
*Deregistered* - 63958218
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:34]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-20 22:38]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-20 22:38]
.
2011-11-06 c:\windows\Tasks\User_Feed_Synchronization-{A5A5AB8F-4E2A-4C44-85E6-E78526FA7F69}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
2011-11-06 c:\windows\Tasks\User_Feed_Synchronization-{B0A519E8-0121-4975-BEC2-C6F1417EF271}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
2011-10-28 c:\windows\Tasks\wrSpySweeper_L7B6FB7B62AA0454D81E6B7AA0390A136.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2007-07-22 19:40]
.
2011-10-28 c:\windows\Tasks\wrSpySweeper_L7B6FB7B62AA0454D81E6B7AA0390A136.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2007-07-22 19:40]
.
2011-10-17 c:\windows\Tasks\wrSpySweeper_LFF9A54E41C0E47608E9B63A71E305440.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2007-07-22 19:40]
.
2011-10-17 c:\windows\Tasks\wrSpySweeper_LFF9A54E41C0E47608E9B63A71E305440.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2007-07-22 19:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.cox.com/myconnection
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Open with ScanSoft PDF Converter 4.1 - c:\program files\Nuance\PDF Converter 4\cnvres_eng.dll /100
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-05 23:02
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1148)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-11-05 23:11:53
ComboFix-quarantined-files.txt 2011-11-06 03:11
.
Pre-Run: 71,014,559,744 bytes free
Post-Run: 71,313,334,272 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 270C57FF3834A0E678D58590CA528758
  • 0

#9
RKinner
Posted 05 November 2011 - 09:24 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
No problem with delays. I was just afraid you were going to stop after the first thing.

Start, Run, services.msc, OK to bring up the services window. Find

HP CUE DeviceDiscovery Service

Right click and select Properties then change the Startup Type: to Disabled. OK and close the services window.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat Vino's but select Application.

Are you still getting your bad image errors?

Ron
  • 0

#10
Phillip Kaufmann
Posted 05 November 2011 - 09:55 PM

Phillip Kaufmann

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
so far no pop ups regarding images. :)

Vino's Event Viewer v01c run on Windows XP in English
Report run at 05/11/2011 11:54:30 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 05/11/2011 10:49:36 PM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The HP CUE DeviceDiscovery Service service hung on starting.

Log: 'System' Date/Time: 05/11/2011 9:49:23 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Process Monitor service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 05/11/2011 9:55:52 PM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The HP CUE DeviceDiscovery Service service hung on starting.

Log: 'System' Date/Time: 04/11/2011 7:57:29 AM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The HP CUE DeviceDiscovery Service service hung on starting.

Log: 'System' Date/Time: 04/11/2011 7:52:15 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The iPod Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:09 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The WinFax PRO service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:08 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:07 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Process Monitor service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:07 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:07 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Creative Labs Licensing Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:06 AM
Type: error Category: 0
Event: 7031 Source: Service Control Manager
The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Log: 'System' Date/Time: 04/11/2011 7:52:06 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:06 AM
Type: error Category: 0
Event: 7031 Source: Service Control Manager
The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Log: 'System' Date/Time: 04/11/2011 7:52:05 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless SSO Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:05 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:05 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:52:05 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 04/11/2011 7:39:21 AM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The HP CUE DeviceDiscovery Service service hung on starting.

Log: 'System' Date/Time: 03/11/2011 7:06:05 PM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The HP CUE DeviceDiscovery Service service hung on starting.

Log: 'System' Date/Time: 03/11/2011 4:51:49 PM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The HP CUE DeviceDiscovery Service service hung on starting.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 05/11/2011 10:05:31 PM
Type: warning Category: 0
Event: 11050 Source: dnscache
The DNS Client service could not contact any DNS servers for a repeated number of attempts. For the next 30 seconds the DNS Client service will not use the network to avoid further network performance problems. It will resume its normal behavior after that. If this problem persists, verify your TCP/IP configuration, specifically check that you have a preferred (and possibly an alternate) DNS server configured. If the problem continues, verify network conditions to these DNS servers or contact your network administrator.

Log: 'System' Date/Time: 05/11/2011 9:01:49 PM
Type: warning Category: 0
Event: 8021 Source: BROWSER
The browser was unable to retrieve a list of servers from the browser master \\DETHFACT-PC on the network \Device\NetBT_Tcpip_{70C05421-3375-4540-8093-64BE7E1BE1F1}. The data is the error code.

Log: 'System' Date/Time: 03/11/2011 12:17:23 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0018DEB35E4A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 03/11/2011 12:17:14 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0018DEB35E4A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 03/11/2011 12:17:03 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0018DEB35E4A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 03/11/2011 12:16:57 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0018DEB35E4A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 27/10/2011 11:22:37 PM
Type: warning Category: 0
Event: 240 Source: Win32k
A request to suspend power was denied by winlogon.exe.

Log: 'System' Date/Time: 27/10/2011 10:42:35 PM
Type: warning Category: 0
Event: 8021 Source: BROWSER
The browser was unable to retrieve a list of servers from the browser master \\DETHFACT-PC on the network \Device\NetBT_Tcpip_{70C05421-3375-4540-8093-64BE7E1BE1F1}. The data is the error code.
  • 0

#11
RKinner
Posted 05 November 2011 - 10:07 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
That's about all I see so I think we can clean up now.

We need to clean up System Restore. Follow Jim's procedure here:
http://aumha.net/vie...581099691bf108f


You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.

To hide hidden files again (If you do not run OTL cleanup):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.

You probably do not have the latest Java (Java™ 6 Update 27 or 7 update 0). Get the latest at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Note on Java and Firefox. For some reason Java does not remove old consoles from Firefox. Any time you update Java you should do Firefox, Add-ons, Extensions and disable any old Java Consoles

They will look like: Java Console 6.xx. The xx corresponds to the update number. When they switch to 7 update 0 then it will be Java Console 7.

Multiple Java Consoles will slow down the Firefox boot. After any change to Firefox or its extension you should run Speedyfox. (Mentioned later.)



Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas. If you don't use MSN Messenger I would not upgdate it. MS installs a bunch of stuff when you do. You can tell the program to not show you that update.)
If you use Firefox or Chome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP