Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer running very slow. Mention of rootkit infection, please help

Started by rockitout , Apr 18 2012 12:57 PM

  • Please log in to reply

#1
rockitout
Posted 18 April 2012 - 12:57 PM

rockitout

    Member

  • Member
  • PipPipPip
  • 140 posts
I have a computer that I'm fixing for a friend. I was not able to do hardly anything on the computer. I found out he was running both Avast and McAfee. I have since removed McAfee from the computer. His complaint was that the computer is running very slow. I ran a few scans on it and one of them mentioned a rootkit infection. I have attached my OTL and Extras log for review. Thanks in advance for your help.

OTL logfile created on: 4/18/2012 1:30:04 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Documents and Settings\Larry\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.98 Mb Total Physical Memory | 307.64 Mb Available Physical Memory | 30.31% Memory free
2.85 Gb Paging File | 1.88 Gb Available in Paging File | 66.03% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 41.44 Gb Free Space | 58.42% Space Free | Partition Type: NTFS
Drive E: | 7.22 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DGJ2NV51 | User Name: Larry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/18 13:23:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/26 02:34:22 | 000,306,688 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
PRC - [2012/03/10 00:03:33 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2012/03/07 16:27:25 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/03/06 18:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/02/22 21:49:58 | 006,591,800 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/08 10:45:44 | 000,822,456 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/07/21 16:19:46 | 000,129,536 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\browser\ybrwicon.exe
PRC - [2006/03/03 13:18:10 | 000,200,704 | ---- | M] (Yahoo!, Inc.) -- C:\Program Files\Yahoo!\browser\ycommon.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/18 09:20:37 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/04/18 09:20:19 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/04/18 02:49:26 | 001,767,424 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12041800\algo.dll
MOD - [2012/02/24 19:29:28 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
MOD - [2012/02/24 19:27:19 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
MOD - [2012/02/24 19:26:49 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012/02/22 21:49:56 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2012/02/22 21:49:38 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2012/02/18 12:28:37 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/02/18 12:26:45 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012/02/18 12:23:22 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012/02/18 12:00:11 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012/02/17 23:52:35 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/12/12 17:21:12 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/12/12 17:20:59 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/11/03 10:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\SYSTEM32\quartz.dll
MOD - [2011/10/12 16:20:09 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2009/02/13 13:44:56 | 000,071,696 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll
MOD - [2009/02/13 13:44:52 | 000,207,376 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\cntscan.dll
MOD - [2009/02/13 13:44:52 | 000,117,264 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\apengine.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\SYSTEM32\devenum.dll
MOD - [2006/02/23 16:13:02 | 000,038,912 | ---- | M] () -- C:\Program Files\Yahoo!\browser\YCommonPS.dll
MOD - [2004/04/11 19:57:44 | 000,040,960 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DirWatcher.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - File not found [Disabled | Stopped] -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE -- (LiveUpdate)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/16 09:10:37 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\Yahoo!\browser\SABProcEnum.sys -- (SABProcEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys -- (MBAMProtector)
DRV - [2012/03/06 18:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 18:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 18:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/06 18:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 18:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 18:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 17:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/09 14:56:12 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SBREDrv.sys -- (SBRE)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004/12/10 23:30:42 | 001,903,338 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelS51.sys -- (IntelS51) Intel®
DRV - [2004/04/15 13:31:02 | 000,101,480 | ---- | M] (Visual Networks) [Kernel | Boot | Unknown] -- C:\WINDOWS\System32\drivers\IPVNMon.sys -- (IPVNMon)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://att.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {318FB8C0-187A-44B1-9219-515739926BC6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...3A-F057AC50981E
IE - HKCU\..\SearchScopes\{318FB8C0-187A-44B1-9219-515739926BC6}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{3BF3B163-2C8E-41FF-94F8-F0AF9A383AE5}: "URL" = http://www.google.co...&rlz=1I7PCTA_en
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://bing.zugo.com...fg=2-76-0-1konn
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/?ilc=8"
FF - prefs.js..keyword.URL: "http://bing.zugo.com...-76-0-1kosp&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer8: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYVerInfo.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer8: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Larry\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/13 14:25:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/03/22 07:12:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/24 10:15:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/10 00:06:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/04/16 07:34:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/10 00:05:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/14 20:04:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/13 14:25:16 | 000,000,000 | ---D | M]

[2012/04/16 08:07:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Extensions
[2012/04/18 13:22:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions
[2010/04/17 09:57:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/09 20:53:04 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}
[2010/06/09 20:55:25 | 000,000,000 | ---D | M] (Shop to Win5) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions\{c6bb86ca-9f1d-4fbe-84cd-4c1fac754d08}
[2012/04/18 13:22:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions\staged
[2011/04/25 13:02:12 | 000,000,000 | ---D | M] (Support.com Toolbar) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions\[email protected]
[2010/09/28 22:39:14 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\searchplugins\askcom.xml
[2010/06/09 20:55:02 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\searchplugins\bing-zugo.xml
[2008/02/06 14:14:15 | 000,000,277 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\searchplugins\search.xml
[2012/04/18 13:20:20 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\searchplugins\siteadvisor.xml
[2011/12/12 17:40:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/12 17:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/03/10 00:06:03 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\DOCUMENTS AND SETTINGS\LARRY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A8E3714M.DEFAULT\EXTENSIONS\[email protected]
[2011/12/07 08:26:30 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2006/04/30 12:39:25 | 000,060,518 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2006/04/30 12:39:26 | 000,049,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2006/04/30 12:39:25 | 000,165,992 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2006/10/02 22:59:57 | 000,040,552 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\mozilla firefox\plugins\NPAdbESD.dll
[2006/04/30 12:39:30 | 000,000,680 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.png
[2006/04/30 12:39:29 | 000,000,741 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.src
[2006/04/30 12:39:29 | 000,001,150 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.png
[2006/04/30 12:39:29 | 000,000,539 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.src
[2011/12/07 05:42:07 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2006/04/30 12:39:29 | 000,000,356 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.png
[2006/04/30 12:39:29 | 000,001,007 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.src
[2006/04/30 12:39:29 | 000,000,210 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.gif
[2006/04/30 12:39:29 | 000,001,056 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.src
[2006/04/30 12:39:29 | 000,001,076 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.gif
[2006/04/30 12:39:29 | 000,000,718 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.src
[2011/12/07 05:42:07 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2006/04/30 12:39:29 | 000,000,088 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.gif
[2006/04/30 12:39:29 | 000,001,122 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.src

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe ESD Manager Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2007/01/29 18:58:14 | 000,000,732 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found
O2 - BHO: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume File not found
O4 - HKLM..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe" File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\SYSTEM32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.4; OfficeLivePatch.1.3; AskTbBLPV5/5.9.1.14019)" -"http://match.xamo.ne...d&game=Sextris" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Wallpaper =
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2008/03/17 14:44:12 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2008/03/17 14:44:12 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2008/03/17 14:44:12 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2008/03/17 14:44:12 | 000,000,000 | ---D | M]
O9 - Extra Button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} http://www.xblock.co...clean_micro.exe (Reg Error: Key error.)
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} http://amiuptodate.m...pdatePortal.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...840/mcfscan.cab (McFreeScan Class)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CC54B11-78D3-4423-9234-AF5A7F0D8F60}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Larry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Larry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/18 13:23:12 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.exe
[2012/04/16 17:52:49 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012/04/16 17:52:49 | 000,027,984 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2012/04/16 17:52:08 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2012/04/16 12:00:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Larry\Local Settings\Application Data\visi_coupon
[2012/03/31 21:21:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Larry\Recent
[2012/03/23 11:20:17 | 000,000,000 | ---D | C] -- C:\w
[2012/03/23 11:20:13 | 000,000,000 | ---D | C] -- C:\skins
[2012/03/23 11:20:07 | 000,000,000 | ---D | C] -- C:\e
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/18 13:42:55 | 000,001,196 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
[2012/04/18 13:36:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/18 13:23:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.exe
[2012/04/18 13:10:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/18 13:01:01 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/04/18 09:15:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/18 09:13:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/04/18 09:10:31 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/18 09:10:30 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2740297282-3233457664-774040315-1006.job
[2012/04/18 09:10:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/04/17 03:02:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/16 19:00:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2012/04/16 16:29:46 | 000,000,210 | -HS- | M] () -- C:\BOOT.INI
[2012/04/16 13:43:43 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/04/16 09:40:12 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/04/16 09:16:32 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/03/30 18:55:25 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Larry\Desktop\Update Checker.lnk
[2012/03/30 18:47:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/03/23 11:20:31 | 000,000,240 | ---- | M] () -- C:\srch_site_1.gif
[2012/03/23 11:20:30 | 000,000,277 | ---- | M] () -- C:\mov_1.gif
[2012/03/23 11:20:30 | 000,000,274 | ---- | M] () -- C:\trav_1.gif
[2012/03/23 11:20:29 | 000,000,273 | ---- | M] () -- C:\srch_stk_1.gif
[2012/03/23 11:20:25 | 000,000,284 | ---- | M] () -- C:\srch_map_1.gif
[2012/03/23 11:20:24 | 000,000,138 | ---- | M] () -- C:\flk2.gif
[2012/03/23 11:20:24 | 000,000,103 | ---- | M] () -- C:\del_1.gif
[2012/03/23 11:20:23 | 000,000,380 | ---- | M] () -- C:\edu.bmp
[2012/03/23 11:20:23 | 000,000,268 | ---- | M] () -- C:\ab_1.gif
[2012/03/23 11:20:23 | 000,000,121 | ---- | M] () -- C:\srch_nws_1.gif
[2012/03/23 11:20:22 | 000,000,304 | ---- | M] () -- C:\dir.bmp
[2012/03/23 11:20:22 | 000,000,279 | ---- | M] () -- C:\hj_1.gif
[2012/03/23 11:20:21 | 000,000,265 | ---- | M] () -- C:\srch_ans_1.gif
[2012/03/23 11:20:21 | 000,000,123 | ---- | M] () -- C:\srch_sh_1.gif
[2012/03/23 11:20:21 | 000,000,113 | ---- | M] () -- C:\srch_aud_1.gif
[2012/03/23 11:20:20 | 000,000,131 | ---- | M] () -- C:\srch_loc_1.gif
[2012/03/23 11:20:20 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2012/03/23 11:20:20 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2012/03/23 11:20:15 | 000,000,352 | ---- | M] () -- C:\addmy.bmp
[2012/03/23 11:20:14 | 000,001,028 | ---- | M] () -- C:\msgr_on.bmp
[2012/03/23 11:20:12 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/17 03:02:11 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/03/23 11:20:30 | 000,000,277 | ---- | C] () -- C:\mov_1.gif
[2012/03/23 11:20:30 | 000,000,274 | ---- | C] () -- C:\trav_1.gif
[2012/03/23 11:20:30 | 000,000,240 | ---- | C] () -- C:\srch_site_1.gif
[2012/03/23 11:20:29 | 000,000,273 | ---- | C] () -- C:\srch_stk_1.gif
[2012/03/23 11:20:25 | 000,000,284 | ---- | C] () -- C:\srch_map_1.gif
[2012/03/23 11:20:24 | 000,000,138 | ---- | C] () -- C:\flk2.gif
[2012/03/23 11:20:24 | 000,000,103 | ---- | C] () -- C:\del_1.gif
[2012/03/23 11:20:23 | 000,000,380 | ---- | C] () -- C:\edu.bmp
[2012/03/23 11:20:23 | 000,000,268 | ---- | C] () -- C:\ab_1.gif
[2012/03/23 11:20:22 | 000,000,304 | ---- | C] () -- C:\dir.bmp
[2012/03/23 11:20:22 | 000,000,279 | ---- | C] () -- C:\hj_1.gif
[2012/03/23 11:20:22 | 000,000,121 | ---- | C] () -- C:\srch_nws_1.gif
[2012/03/23 11:20:21 | 000,000,265 | ---- | C] () -- C:\srch_ans_1.gif
[2012/03/23 11:20:21 | 000,000,113 | ---- | C] () -- C:\srch_aud_1.gif
[2012/03/23 11:20:20 | 000,000,131 | ---- | C] () -- C:\srch_loc_1.gif
[2012/03/23 11:20:20 | 000,000,123 | ---- | C] () -- C:\srch_sh_1.gif
[2012/03/23 11:20:20 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2012/03/23 11:20:20 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2012/03/23 11:20:15 | 000,000,352 | ---- | C] () -- C:\addmy.bmp
[2012/03/23 11:20:14 | 000,001,028 | ---- | C] () -- C:\msgr_on.bmp
[2012/03/23 11:20:12 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2012/02/17 23:07:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

========== LOP Check ==========

[2010/09/25 15:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2012/03/09 23:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2007/09/07 17:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2007/08/18 15:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2012/03/09 23:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Expert PDF 7
[2012/03/09 23:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Expert PDF Jobs
[2011/04/27 19:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2008/01/11 14:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/12 13:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/09 20:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2004/10/19 15:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/12/12 22:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual Networks
[2011/05/05 20:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer
[2007/07/16 15:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2011/04/27 18:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\DriverCure
[2005/12/30 13:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Leadertech
[2006/06/20 20:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Musicmatch
[2006/04/10 17:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Netscape
[2011/04/27 18:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\ParetoLogic
[2006/06/08 17:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Registry Booster
[2010/12/04 20:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Registry Mechanic
[2007/08/10 12:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Systweak
[2011/03/14 20:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Uniblue
[2010/04/17 21:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Windows Desktop Search
[2010/05/18 15:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Windows Search
[2012/04/18 09:15:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/04/16 19:00:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2012/04/18 13:01:01 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2007/08/18 14:30:52 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4295826C
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >

Attached Files


  • 0

Advertisements

#2
RKinner
Posted 19 April 2012 - 05:59 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
OK going to give you a lot to do since you have malware and slowness complaints:

Uninstall:
Ask Toolbar
Java™ 6 Update 24
CA Yahoo! Anti-Spy
getPlus®_ocx
Google Toolbar for Internet Explorer
Internet Explorer Default Page
Microsoft Search Enhancement Pack
MSN Toolbar
MSN Toolbar Platform
SUPERAntiSpyware
Windows Live Essentials
Windows Live Toolbar
Yahoo! Search Protection
Yahoo! Software Update

ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan (Allow the Avast Engine)
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it.

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute for things to settle down.


File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.






Ron
  • 0

#3
rockitout
Posted 20 April 2012 - 04:56 AM

rockitout

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, Thank you for replying to my post. Unfortunately, I won't be able to start the things you suggested until first thing tomorrow morning. After that you can expect quick replies from me. Thanks again.
  • 0

#4
rockitout
Posted 21 April 2012 - 09:27 AM

rockitout

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Here are all the logs you asked for. Everything went pretty smoothly, except I could not uninstall "Internet Explorer Default Page" or " Microsoft Search Enhancement Pack", as I could not find them in Add/Remove programs. Anyway thanks again for your help, and I will wait 'till your next reply.



ComboFix 12-04-20.03 - Larry 04/21/2012 8:21.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.396 [GMT -5:00]
Running from: c:\documents and settings\Larry\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\D1B5B4F1.TMP
c:\documents and settings\All Users\Application Data\Toolbar4
c:\documents and settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\searchplugins\bing-zugo.xml
c:\documents and settings\Larry\GoToAssistDownloadHelper.exe
c:\documents and settings\Larry\WINDOWS
c:\program files\popcorn Terms.html
c:\windows\patch.exe
c:\windows\system32\logs
c:\windows\system32\logs\Events.dat
c:\windows\system32\SET1BD.tmp
c:\windows\system32\SET1BE.tmp
c:\windows\system32\setb0.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-03-21 to 2012-04-21 )))))))))))))))))))))))))))))))
.
.
2012-04-21 12:59 . 2012-04-21 12:59 9310 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-04-21 05:04 . 2012-04-21 05:04 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Sun
2012-04-20 22:35 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{430BC1CE-8033-48BF-A363-896FA8ADE383}\mpengine.dll
2012-04-20 12:58 . 2012-04-20 12:58 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2012-04-20 12:58 . 2012-04-20 12:58 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2012-04-16 22:52 . 2010-11-09 19:56 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-04-16 22:52 . 2010-11-09 19:56 27984 ----a-w- c:\windows\system32\sbbd.exe
2012-04-16 22:52 . 2012-04-18 17:15 -------- d-----w- C:\VIPRERESCUE
2012-04-16 17:00 . 2012-04-16 17:00 -------- d-----w- c:\documents and settings\Larry\Local Settings\Application Data\visi_coupon
2012-04-16 12:40 . 2012-04-16 12:40 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2012-04-16 12:30 . 2012-04-16 12:30 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2012-04-02 00:17 . 2012-04-02 00:17 -------- d-----w- c:\documents and settings\TEMP
2012-03-23 16:20 . 2012-03-23 16:20 -------- d-----w- C:\w
2012-03-23 16:20 . 2012-03-23 16:20 -------- d-----w- C:\skins
2012-03-23 16:20 . 2012-03-23 16:20 -------- d-----w- C:\e
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-16 14:10 . 2011-12-12 21:47 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-16 14:10 . 2011-06-04 23:41 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 20:56 . 2010-04-16 02:32 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-14 02:15 . 2006-10-09 01:05 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-03-06 23:15 . 2010-09-25 20:48 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2010-09-25 20:48 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:03 . 2011-05-31 02:54 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:03 . 2010-09-25 20:49 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:02 . 2010-09-25 20:49 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-06 23:01 . 2010-09-25 20:49 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2010-09-25 20:48 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-06 23:01 . 2010-09-25 20:48 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-06 23:01 . 2010-09-25 20:49 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 22:58 . 2010-09-25 20:48 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-06 17:02 . 2012-03-06 16:59 141312 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-06 17:02 . 2012-03-06 17:04 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-03-06 17:02 . 2010-04-18 01:43 567696 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-01 11:01 . 2004-08-04 10:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2004-08-04 10:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2004-08-04 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2004-08-04 10:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-23 15:18 . 2009-10-03 18:19 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-03 09:22 . 2004-08-04 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-04-21 13:08 . 2011-12-12 22:41 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-01-12 1517368]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2012-02-23 6591800]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2011-06-08 822456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-12 290816]
"mmtask"="c:\program files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe" [2006-01-17 53248]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-03-15 122933]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-03-10 296056]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk]
backup=c:\windows\pss\ymetray.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteAdvisor
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"427:UDP"= 427:UDP:SLP_Port(427)
.
R1 aswSnx;aswSnx;c:\windows\SYSTEM32\DRIVERS\aswSnx.sys [5/30/2011 9:54 PM 612184]
R1 aswSP;aswSP;c:\windows\SYSTEM32\DRIVERS\aswSP.sys [9/25/2010 3:49 PM 337880]
R1 SBRE;SBRE;c:\windows\SYSTEM32\DRIVERS\SBREDrv.sys [4/16/2012 5:52 PM 98392]
R2 aswFsBlk;aswFsBlk;c:\windows\SYSTEM32\DRIVERS\aswFsBlk.sys [9/25/2010 3:49 PM 20696]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/15/2010 9:32 PM 654408]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [11/15/2009 11:57 AM 95200]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [4/15/2010 9:32 PM 22344]
S2 gupdate1cac2de67bcfd4c;Google Update Service (gupdate1cac2de67bcfd4c);c:\program files\Google\Update\GoogleUpdate.exe [3/13/2010 1:52 PM 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [12/12/2011 4:47 PM 253088]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/13/2010 1:52 PM 133104]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - IPVNMon
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2011-12-12 14:10]
.
2012-04-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
.
2012-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-13 18:52]
.
2012-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-13 18:52]
.
2012-04-21 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]
.
2012-04-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2740297282-3233457664-774040315-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-01-30 23:45]
.
2012-04-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2740297282-3233457664-774040315-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-01-30 23:45]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://bing.zugo.com/s/?src=FF-Address&site=Bing&cfg=2-76-0-1kosp&q=
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-MSN Toolbar - c:\program files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
HKLM-Run-Microsoft Default Manager - c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-21 08:34
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\TEMP\TMP00000002EB9E6395E4CC7ECE 524288 bytes
c:\windows\TEMP\TMP000000063B340782076A6436 0 bytes
c:\windows\TEMP\TMP0000000D0A2414E41B39C1E5 524288 bytes
c:\windows\TEMP\TMP000000169E3EE6EE81DAADCF 524288 bytes
c:\windows\TEMP\{7C05E5F1-7EB1-409D-AB5C-7C7E41606994}
c:\windows\TEMP\{7EA19DBF-2462-4CB4-A87E-4F6276A01BB2}
c:\windows\TEMP\{7EE96C1E-B6DD-4EC8-BEF1-C9F5876E49CA}
c:\windows\TEMP\{A1A906A4-CA12-4B66-817B-89B13AC04234}
c:\windows\TEMP\{A4383E7B-9214-4AA1-B09B-CEA052AFF56C}
c:\windows\TEMP\{B35195C8-3C39-4BBF-9019-18AD8A968F0A}
c:\windows\TEMP\{C0652803-7734-498D-93C3-1A7D474ABF70}
c:\windows\TEMP\{EFF22A09-A424-47B5-B6EA-E1554E762B5D}
c:\windows\TEMP\TMP00000020D33D57B51EFA779C 524288 bytes
c:\windows\TEMP\TMP000000217C7039681DB3C255 524288 bytes
c:\windows\TEMP\TMP00000025B159A80302F3E3B3 524288 bytes
c:\windows\TEMP\TMP0000002B2F8C11BEE2487BDC 524288 bytes
c:\windows\TEMP\TMP0000002DEAEC78F4A51B19F1 524288 bytes
c:\windows\TEMP\TMP0000003BAD1D4EF75CE138F8 524288 bytes
c:\windows\TEMP\TMP00000044646019F6B44D5758 524288 bytes
c:\windows\TEMP\TMP00000050A96DDA73930490AE 524288 bytes
c:\windows\TEMP\MpCmdRun.log 15216 bytes
c:\windows\TEMP\MpSigStub.log 20702 bytes
c:\windows\TEMP\Perflib_Perfdata_240.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_3fc.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_438.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_4f4.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_5b8.dat 16384 bytes
c:\windows\TEMP\Perflib_Perfdata_aa8.dat 16384 bytes
c:\windows\TEMP\ver40.tmp 352 bytes
c:\windows\TEMP\WFV36.tmp 8192 bytes
c:\windows\TEMP\WFV59.tmp 8192 bytes
c:\windows\TEMP\WGAErrLog.txt 66 bytes
c:\windows\TEMP\WGANotify.settings 409 bytes
c:\windows\TEMP\ZAP11.tmp
c:\windows\TEMP\ZAP12.tmp
c:\windows\TEMP\ZAP15.tmp
c:\windows\TEMP\ZAP1A7.tmp
c:\windows\TEMP\_avast5_
c:\windows\TEMP\_avast_
c:\windows\TEMP\{11DEB464-E11D-46A6-AA2E-ED495DCBB975}
c:\windows\TEMP\{4695D18A-76B2-4BF5-9D3F-5747DD62B1E5}
c:\windows\TEMP\{69EEB5AD-1BBB-4DD3-B4BE-6C07B9FC2D34}
c:\windows\TEMP\GoogleToolbarInstaller1.log 270 bytes
c:\windows\TEMP\hpqddsvc.log 265841 bytes
c:\windows\TEMP\mcafee_DRV38o2ieCjMkTh 2048 bytes
c:\windows\TEMP\mcafee_g8On4RHa139bz4A 2048 bytes
c:\windows\TEMP\mcafee_ItffbH7xLDXNPRQ 2048 bytes
c:\windows\TEMP\TMP0000001D52D4622C632235ED
.
scan completed successfully
hidden files: 48
.
**************************************************************************
.
Completion time: 2012-04-21 08:40:18
ComboFix-quarantined-files.txt 2012-04-21 13:40
.
Pre-Run: 44,128,673,792 bytes free
Post-Run: 44,559,544,320 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - BDF6F518C4305248A975D18A0A0029BB



08:47:24.0296 2248 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
08:47:24.0656 2248 ============================================================
08:47:24.0656 2248 Current date / time: 2012/04/21 08:47:24.0656
08:47:24.0656 2248 SystemInfo:
08:47:24.0656 2248
08:47:24.0656 2248 OS Version: 5.1.2600 ServicePack: 3.0
08:47:24.0656 2248 Product type: Workstation
08:47:24.0656 2248 ComputerName: DGJ2NV51
08:47:24.0656 2248 UserName: Larry
08:47:24.0656 2248 Windows directory: C:\WINDOWS
08:47:24.0656 2248 System windows directory: C:\WINDOWS
08:47:24.0656 2248 Processor architecture: Intel x86
08:47:24.0656 2248 Number of processors: 1
08:47:24.0656 2248 Page size: 0x1000
08:47:24.0656 2248 Boot type: Normal boot
08:47:24.0656 2248 ============================================================
08:47:26.0343 2248 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:47:26.0343 2248 \Device\Harddisk0\DR0:
08:47:26.0343 2248 MBR partitions:
08:47:26.0343 2248 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8DE2BED
08:47:26.0437 2248 C: <-> \Device\Harddisk0\DR0\Partition0
08:47:26.0437 2248 Initialize success
08:47:26.0437 2248 ============================================================
08:47:36.0656 3760 ============================================================
08:47:36.0656 3760 Scan started
08:47:36.0656 3760 Mode: Manual;
08:47:36.0656 3760 ============================================================
08:47:37.0187 3760 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:47:37.0203 3760 Aavmker4 - ok
08:47:37.0265 3760 Abiosdsk - ok
08:47:37.0375 3760 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
08:47:37.0375 3760 abp480n5 - ok
08:47:37.0546 3760 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:47:37.0562 3760 ACPI - ok
08:47:37.0656 3760 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:47:37.0656 3760 ACPIEC - ok
08:47:37.0781 3760 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:47:37.0796 3760 AdobeFlashPlayerUpdateSvc - ok
08:47:37.0953 3760 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
08:47:37.0953 3760 adpu160m - ok
08:47:38.0093 3760 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
08:47:38.0093 3760 aeaudio - ok
08:47:38.0203 3760 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:47:38.0218 3760 aec - ok
08:47:38.0312 3760 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:47:38.0312 3760 AFD - ok
08:47:38.0468 3760 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
08:47:38.0468 3760 agp440 - ok
08:47:38.0578 3760 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
08:47:38.0578 3760 agpCPQ - ok
08:47:38.0671 3760 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
08:47:38.0671 3760 Aha154x - ok
08:47:38.0781 3760 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
08:47:38.0781 3760 aic78u2 - ok
08:47:38.0875 3760 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
08:47:38.0875 3760 aic78xx - ok
08:47:38.0953 3760 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
08:47:38.0953 3760 Alerter - ok
08:47:39.0093 3760 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
08:47:39.0093 3760 ALG - ok
08:47:39.0265 3760 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
08:47:39.0265 3760 AliIde - ok
08:47:39.0359 3760 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
08:47:39.0359 3760 alim1541 - ok
08:47:39.0531 3760 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
08:47:39.0531 3760 amdagp - ok
08:47:39.0640 3760 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
08:47:39.0640 3760 amsint - ok
08:47:39.0671 3760 AppMgmt - ok
08:47:39.0796 3760 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
08:47:39.0812 3760 asc - ok
08:47:39.0906 3760 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
08:47:39.0906 3760 asc3350p - ok
08:47:40.0015 3760 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
08:47:40.0015 3760 asc3550 - ok
08:47:40.0203 3760 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:47:40.0218 3760 aspnet_state - ok
08:47:40.0375 3760 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:47:40.0375 3760 aswFsBlk - ok
08:47:40.0484 3760 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
08:47:40.0484 3760 aswMon2 - ok
08:47:40.0593 3760 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
08:47:40.0593 3760 aswRdr - ok
08:47:40.0718 3760 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
08:47:40.0734 3760 aswSnx - ok
08:47:40.0906 3760 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
08:47:40.0921 3760 aswSP - ok
08:47:41.0062 3760 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
08:47:41.0062 3760 aswTdi - ok
08:47:41.0187 3760 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:47:41.0187 3760 AsyncMac - ok
08:47:41.0281 3760 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:47:41.0281 3760 atapi - ok
08:47:41.0343 3760 Atdisk - ok
08:47:41.0421 3760 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:47:41.0421 3760 Atmarpc - ok
08:47:41.0546 3760 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
08:47:41.0546 3760 AudioSrv - ok
08:47:41.0718 3760 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:47:41.0718 3760 audstub - ok
08:47:41.0828 3760 Automatic LiveUpdate Scheduler - ok
08:47:42.0000 3760 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
08:47:42.0000 3760 avast! Antivirus - ok
08:47:42.0171 3760 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:47:42.0171 3760 Beep - ok
08:47:42.0265 3760 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
08:47:42.0281 3760 BITS - ok
08:47:42.0390 3760 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
08:47:42.0406 3760 Browser - ok
08:47:42.0562 3760 catchme - ok
08:47:42.0718 3760 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
08:47:42.0718 3760 cbidf - ok
08:47:42.0781 3760 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:47:42.0781 3760 cbidf2k - ok
08:47:42.0875 3760 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
08:47:42.0875 3760 cd20xrnt - ok
08:47:43.0062 3760 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:47:43.0062 3760 Cdaudio - ok
08:47:43.0156 3760 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:47:43.0171 3760 Cdfs - ok
08:47:43.0328 3760 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:47:43.0343 3760 Cdrom - ok
08:47:43.0390 3760 Changer - ok
08:47:43.0468 3760 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
08:47:43.0468 3760 CiSvc - ok
08:47:43.0578 3760 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
08:47:43.0578 3760 ClipSrv - ok
08:47:43.0765 3760 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:47:43.0781 3760 clr_optimization_v2.0.50727_32 - ok
08:47:43.0953 3760 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
08:47:43.0953 3760 CmdIde - ok
08:47:43.0984 3760 COMSysApp - ok
08:47:44.0078 3760 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
08:47:44.0078 3760 Cpqarray - ok
08:47:44.0171 3760 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
08:47:44.0171 3760 CryptSvc - ok
08:47:44.0281 3760 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
08:47:44.0296 3760 dac2w2k - ok
08:47:44.0468 3760 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
08:47:44.0468 3760 dac960nt - ok
08:47:44.0562 3760 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
08:47:44.0578 3760 DcomLaunch - ok
08:47:44.0687 3760 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
08:47:44.0687 3760 Dhcp - ok
08:47:44.0859 3760 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:47:44.0859 3760 Disk - ok
08:47:44.0906 3760 dmadmin - ok
08:47:45.0031 3760 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:47:45.0078 3760 dmboot - ok
08:47:45.0265 3760 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:47:45.0265 3760 dmio - ok
08:47:45.0343 3760 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:47:45.0359 3760 dmload - ok
08:47:45.0437 3760 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
08:47:45.0437 3760 dmserver - ok
08:47:45.0609 3760 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:47:45.0609 3760 DMusic - ok
08:47:45.0687 3760 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
08:47:45.0687 3760 Dnscache - ok
08:47:45.0828 3760 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
08:47:45.0828 3760 Dot3svc - ok
08:47:46.0015 3760 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
08:47:46.0015 3760 dpti2o - ok
08:47:46.0109 3760 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:47:46.0109 3760 drmkaud - ok
08:47:46.0218 3760 drvmcdb (049177996e5e33b5faf40cad2b82098c) C:\WINDOWS\system32\drivers\drvmcdb.sys
08:47:46.0218 3760 drvmcdb - ok
08:47:46.0406 3760 drvnddm (2f4134d073f972575c174e3d621f0107) C:\WINDOWS\system32\drivers\drvnddm.sys
08:47:46.0421 3760 drvnddm - ok
08:47:46.0546 3760 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
08:47:46.0546 3760 DSBrokerService - ok
08:47:46.0609 3760 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
08:47:46.0609 3760 DSproct - ok
08:47:46.0781 3760 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
08:47:46.0781 3760 dsunidrv - ok
08:47:46.0875 3760 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:47:46.0890 3760 E100B - ok
08:47:46.0968 3760 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
08:47:46.0984 3760 EapHost - ok
08:47:47.0093 3760 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
08:47:47.0093 3760 ERSvc - ok
08:47:47.0218 3760 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:47:47.0234 3760 Eventlog - ok
08:47:47.0359 3760 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\Es.dll
08:47:47.0359 3760 EventSystem - ok
08:47:47.0531 3760 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:47:47.0531 3760 Fastfat - ok
08:47:47.0609 3760 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:47:47.0625 3760 FastUserSwitchingCompatibility - ok
08:47:47.0781 3760 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:47:47.0781 3760 Fdc - ok
08:47:47.0875 3760 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:47:47.0875 3760 Fips - ok
08:47:48.0062 3760 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:47:48.0062 3760 Flpydisk - ok
08:47:48.0156 3760 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:47:48.0156 3760 FltMgr - ok
08:47:48.0296 3760 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:47:48.0296 3760 FontCache3.0.0.0 - ok
08:47:48.0468 3760 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:47:48.0468 3760 Fs_Rec - ok
08:47:48.0562 3760 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:47:48.0578 3760 Ftdisk - ok
08:47:48.0656 3760 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:47:48.0656 3760 Gpc - ok
08:47:48.0843 3760 gupdate1cac2de67bcfd4c (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
08:47:48.0843 3760 gupdate1cac2de67bcfd4c - ok
08:47:48.0859 3760 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
08:47:48.0859 3760 gupdatem - ok
08:47:49.0015 3760 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:47:49.0015 3760 helpsvc - ok
08:47:49.0078 3760 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
08:47:49.0093 3760 HidServ - ok
08:47:49.0234 3760 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:47:49.0250 3760 HidUsb - ok
08:47:49.0390 3760 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
08:47:49.0390 3760 hkmsvc - ok
08:47:49.0562 3760 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
08:47:49.0562 3760 hpn - ok
08:47:49.0812 3760 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
08:47:49.0828 3760 hpqcxs08 - ok
08:47:50.0046 3760 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
08:47:50.0046 3760 hpqddsvc - ok
08:47:50.0250 3760 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
08:47:50.0265 3760 HPZid412 - ok
08:47:50.0406 3760 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
08:47:50.0406 3760 HPZipr12 - ok
08:47:50.0578 3760 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
08:47:50.0578 3760 HPZius12 - ok
08:47:50.0687 3760 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:47:50.0703 3760 HTTP - ok
08:47:50.0812 3760 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
08:47:50.0828 3760 HTTPFilter - ok
08:47:51.0000 3760 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
08:47:51.0000 3760 i2omgmt - ok
08:47:51.0093 3760 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
08:47:51.0093 3760 i2omp - ok
08:47:51.0187 3760 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:47:51.0187 3760 i8042prt - ok
08:47:51.0343 3760 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
08:47:51.0390 3760 ialm - ok
08:47:51.0609 3760 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:47:51.0640 3760 idsvc - ok
08:47:51.0812 3760 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:47:51.0828 3760 Imapi - ok
08:47:51.0906 3760 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
08:47:51.0921 3760 ImapiService - ok
08:47:52.0109 3760 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
08:47:52.0109 3760 ini910u - ok
08:47:52.0203 3760 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:47:52.0203 3760 IntelIde - ok
08:47:52.0375 3760 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:47:52.0375 3760 intelppm - ok
08:47:52.0546 3760 IntelS51 (f61bd411a315b9721ddef61e44d34474) C:\WINDOWS\system32\DRIVERS\IntelS51.sys
08:47:52.0609 3760 IntelS51 - ok
08:47:52.0781 3760 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:47:52.0781 3760 Ip6Fw - ok
08:47:52.0890 3760 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:47:52.0890 3760 IpFilterDriver - ok
08:47:53.0046 3760 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:47:53.0046 3760 IpInIp - ok
08:47:53.0156 3760 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:47:53.0171 3760 IpNat - ok
08:47:53.0343 3760 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:47:53.0343 3760 IPSec - ok
08:47:53.0421 3760 IPVNMon (0b46016d4df29ff99edb33fadb643cbb) C:\WINDOWS\system32\drivers\IPVNMon.sys
08:47:53.0421 3760 IPVNMon - ok
08:47:53.0515 3760 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:47:53.0515 3760 IRENUM - ok
08:47:53.0625 3760 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:47:53.0625 3760 isapnp - ok
08:47:53.0812 3760 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:47:53.0812 3760 Kbdclass - ok
08:47:53.0906 3760 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:47:53.0921 3760 kmixer - ok
08:47:54.0093 3760 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:47:54.0093 3760 KSecDD - ok
08:47:54.0203 3760 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
08:47:54.0218 3760 lanmanserver - ok
08:47:54.0312 3760 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
08:47:54.0328 3760 lanmanworkstation - ok
08:47:54.0468 3760 lbrtfdc - ok
08:47:54.0578 3760 LiveUpdate - ok
08:47:54.0671 3760 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
08:47:54.0671 3760 LmHosts - ok
08:47:54.0812 3760 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
08:47:54.0812 3760 MBAMProtector - ok
08:47:54.0953 3760 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
08:47:54.0984 3760 MBAMService - ok
08:47:55.0187 3760 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
08:47:55.0187 3760 McAfee SiteAdvisor Service - ok
08:47:55.0296 3760 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
08:47:55.0296 3760 Messenger - ok
08:47:55.0453 3760 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:47:55.0453 3760 mnmdd - ok
08:47:55.0546 3760 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
08:47:55.0546 3760 mnmsrvc - ok
08:47:55.0718 3760 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:47:55.0718 3760 Modem - ok
08:47:55.0812 3760 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
08:47:55.0812 3760 MODEMCSA - ok
08:47:55.0906 3760 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:47:55.0906 3760 Mouclass - ok
08:47:56.0093 3760 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:47:56.0093 3760 mouhid - ok
08:47:56.0296 3760 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:47:56.0296 3760 MountMgr - ok
08:47:56.0406 3760 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
08:47:56.0406 3760 mraid35x - ok
08:47:56.0500 3760 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:47:56.0500 3760 MRxDAV - ok
08:47:56.0687 3760 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:47:56.0703 3760 MRxSmb - ok
08:47:56.0812 3760 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
08:47:56.0812 3760 MSDTC - ok
08:47:57.0000 3760 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:47:57.0000 3760 Msfs - ok
08:47:57.0328 3760 MSIServer - ok
08:47:57.0437 3760 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:47:57.0437 3760 MSKSSRV - ok
08:47:57.0531 3760 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:47:57.0531 3760 MSPCLOCK - ok
08:47:57.0640 3760 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:47:57.0640 3760 MSPQM - ok
08:47:57.0750 3760 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:47:57.0765 3760 mssmbios - ok
08:47:57.0843 3760 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:47:57.0843 3760 Mup - ok
08:47:58.0000 3760 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
08:47:58.0015 3760 napagent - ok
08:47:58.0171 3760 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:47:58.0171 3760 NDIS - ok
08:47:58.0265 3760 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:47:58.0265 3760 NdisTapi - ok
08:47:58.0359 3760 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:47:58.0359 3760 Ndisuio - ok
08:47:58.0453 3760 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:47:58.0453 3760 NdisWan - ok
08:47:58.0609 3760 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:47:58.0609 3760 NDProxy - ok
08:47:58.0703 3760 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\WINDOWS\system32\HPZinw12.dll
08:47:58.0718 3760 Net Driver HPZ12 - ok
08:47:58.0875 3760 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:47:58.0875 3760 NetBIOS - ok
08:47:59.0000 3760 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:47:59.0015 3760 NetBT - ok
08:47:59.0125 3760 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:47:59.0140 3760 NetDDE - ok
08:47:59.0140 3760 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:47:59.0156 3760 NetDDEdsdm - ok
08:47:59.0265 3760 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:47:59.0265 3760 Netlogon - ok
08:47:59.0406 3760 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
08:47:59.0406 3760 Netman - ok
08:47:59.0593 3760 NetSvc (02d0798f376fcbd0210eda58476d0b1b) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
08:47:59.0593 3760 NetSvc - ok
08:47:59.0765 3760 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:47:59.0765 3760 NetTcpPortSharing - ok
08:47:59.0875 3760 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
08:47:59.0875 3760 Nla - ok
08:48:00.0046 3760 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:48:00.0046 3760 Npfs - ok
08:48:00.0171 3760 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:48:00.0171 3760 Ntfs - ok
08:48:00.0281 3760 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:48:00.0296 3760 NtLmSsp - ok
08:48:00.0421 3760 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
08:48:00.0421 3760 NtmsSvc - ok
08:48:00.0578 3760 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:48:00.0578 3760 Null - ok
08:48:00.0718 3760 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:48:00.0765 3760 nv - ok
08:48:00.0921 3760 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:48:00.0921 3760 NwlnkFlt - ok
08:48:01.0000 3760 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:48:01.0000 3760 NwlnkFwd - ok
08:48:01.0125 3760 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
08:48:01.0125 3760 Parport - ok
08:48:01.0296 3760 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:48:01.0296 3760 PartMgr - ok
08:48:01.0375 3760 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:48:01.0375 3760 ParVdm - ok
08:48:01.0531 3760 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:48:01.0531 3760 PCI - ok
08:48:01.0593 3760 PCIDump - ok
08:48:01.0687 3760 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:48:01.0687 3760 PCIIde - ok
08:48:01.0796 3760 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:48:01.0812 3760 Pcmcia - ok
08:48:01.0921 3760 PDCOMP - ok
08:48:01.0968 3760 PDFRAME - ok
08:48:02.0046 3760 PDRELI - ok
08:48:02.0093 3760 PDRFRAME - ok
08:48:02.0187 3760 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
08:48:02.0187 3760 perc2 - ok
08:48:02.0281 3760 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
08:48:02.0281 3760 perc2hib - ok
08:48:02.0406 3760 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:48:02.0421 3760 PlugPlay - ok
08:48:02.0531 3760 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\WINDOWS\system32\HPZipm12.dll
08:48:02.0531 3760 Pml Driver HPZ12 - ok
08:48:02.0656 3760 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:48:02.0656 3760 PolicyAgent - ok
08:48:02.0828 3760 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:48:02.0843 3760 PptpMiniport - ok
08:48:02.0937 3760 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:48:02.0937 3760 ProtectedStorage - ok
08:48:03.0125 3760 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:48:03.0125 3760 PSched - ok
08:48:03.0203 3760 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:48:03.0203 3760 Ptilink - ok
08:48:03.0312 3760 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:48:03.0312 3760 PxHelp20 - ok
08:48:03.0421 3760 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
08:48:03.0421 3760 ql1080 - ok
08:48:03.0562 3760 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
08:48:03.0562 3760 Ql10wnt - ok
08:48:03.0656 3760 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
08:48:03.0671 3760 ql12160 - ok
08:48:03.0765 3760 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
08:48:03.0765 3760 ql1240 - ok
08:48:03.0859 3760 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
08:48:03.0875 3760 ql1280 - ok
08:48:03.0968 3760 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:48:03.0968 3760 RasAcd - ok
08:48:04.0046 3760 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
08:48:04.0062 3760 RasAuto - ok
08:48:04.0218 3760 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:48:04.0218 3760 Rasl2tp - ok
08:48:04.0296 3760 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
08:48:04.0312 3760 RasMan - ok
08:48:04.0484 3760 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:48:04.0484 3760 RasPppoe - ok
08:48:04.0562 3760 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:48:04.0562 3760 Raspti - ok
08:48:04.0656 3760 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:48:04.0671 3760 Rdbss - ok
08:48:04.0859 3760 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:48:04.0859 3760 RDPCDD - ok
08:48:04.0953 3760 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:48:04.0968 3760 rdpdr - ok
08:48:05.0125 3760 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
08:48:05.0140 3760 RDPWD - ok
08:48:05.0234 3760 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
08:48:05.0250 3760 RDSessMgr - ok
08:48:05.0421 3760 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:48:05.0421 3760 redbook - ok
08:48:05.0781 3760 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
08:48:05.0781 3760 RemoteAccess - ok
08:48:05.0875 3760 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
08:48:05.0875 3760 RpcLocator - ok
08:48:06.0000 3760 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
08:48:06.0015 3760 RpcSs - ok
08:48:06.0125 3760 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
08:48:06.0125 3760 RSVP - ok
08:48:06.0265 3760 SABProcEnum - ok
08:48:06.0390 3760 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:48:06.0390 3760 SamSs - ok
08:48:06.0562 3760 SBRE (c1ae5d1f53285d79a0b73a62af20734f) C:\WINDOWS\system32\drivers\SBREdrv.sys
08:48:06.0562 3760 SBRE - ok
08:48:06.0656 3760 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
08:48:06.0671 3760 SCardSvr - ok
08:48:06.0781 3760 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
08:48:06.0781 3760 Schedule - ok
08:48:06.0906 3760 SeaPort - ok
08:48:07.0062 3760 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:48:07.0062 3760 Secdrv - ok
08:48:07.0156 3760 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
08:48:07.0156 3760 seclogon - ok
08:48:07.0281 3760 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
08:48:07.0281 3760 SENS - ok
08:48:07.0453 3760 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:48:07.0453 3760 serenum - ok
08:48:07.0546 3760 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
08:48:07.0546 3760 Serial - ok
08:48:07.0734 3760 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:48:07.0734 3760 Sfloppy - ok
08:48:07.0828 3760 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
08:48:07.0843 3760 SharedAccess - ok
08:48:07.0953 3760 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:48:07.0968 3760 ShellHWDetection - ok
08:48:08.0062 3760 Simbad - ok
08:48:08.0171 3760 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
08:48:08.0171 3760 sisagp - ok
08:48:08.0375 3760 smwdm (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys
08:48:08.0406 3760 smwdm - ok
08:48:08.0593 3760 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
08:48:08.0593 3760 Sparrow - ok
08:48:08.0687 3760 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:48:08.0687 3760 splitter - ok
08:48:08.0765 3760 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
08:48:08.0781 3760 Spooler - ok
08:48:08.0875 3760 sprtsvc_dellsupportcenter - ok
08:48:09.0062 3760 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:48:09.0062 3760 sr - ok
08:48:09.0156 3760 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
08:48:09.0156 3760 srservice - ok
08:48:09.0343 3760 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:48:09.0359 3760 Srv - ok
08:48:09.0515 3760 sscdbhk5 (7c0c9bdca2d351ff3b4f9b69f99aa995) C:\WINDOWS\system32\drivers\sscdbhk5.sys
08:48:09.0515 3760 sscdbhk5 - ok
08:48:09.0609 3760 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
08:48:09.0625 3760 SSDPSRV - ok
08:48:09.0796 3760 ssrtln (31726706d54894d5059f7471111a87bb) C:\WINDOWS\system32\drivers\ssrtln.sys
08:48:09.0812 3760 ssrtln - ok
08:48:09.0890 3760 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
08:48:09.0906 3760 stisvc - ok
08:48:10.0078 3760 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:48:10.0078 3760 swenum - ok
08:48:10.0234 3760 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:48:10.0234 3760 swmidi - ok
08:48:10.0312 3760 SwPrv - ok
08:48:10.0390 3760 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
08:48:10.0390 3760 symc810 - ok
08:48:10.0531 3760 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
08:48:10.0546 3760 symc8xx - ok
08:48:10.0640 3760 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
08:48:10.0640 3760 sym_hi - ok
08:48:10.0734 3760 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
08:48:10.0734 3760 sym_u3 - ok
08:48:10.0828 3760 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:48:10.0843 3760 sysaudio - ok
08:48:10.0953 3760 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
08:48:10.0953 3760 SysmonLog - ok
08:48:11.0062 3760 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
08:48:11.0078 3760 TapiSrv - ok
08:48:11.0250 3760 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:48:11.0250 3760 Tcpip - ok
08:48:11.0328 3760 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:48:11.0343 3760 TDPIPE - ok
08:48:11.0437 3760 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:48:11.0437 3760 TDTCP - ok
08:48:11.0562 3760 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:48:11.0562 3760 TermDD - ok
08:48:11.0656 3760 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
08:48:11.0671 3760 TermService - ok
08:48:11.0843 3760 tfsnboio (b0d311f33c5b4a5858e4e6c965a79267) C:\WINDOWS\system32\dla\tfsnboio.sys
08:48:11.0843 3760 tfsnboio - ok
08:48:11.0968 3760 tfsncofs (250f74fce5d1eccb29ad9abeb55f35d8) C:\WINDOWS\system32\dla\tfsncofs.sys
08:48:11.0968 3760 tfsncofs - ok
08:48:12.0031 3760 tfsndrct (e23291934c59e1741ba83582e7a209c0) C:\WINDOWS\system32\dla\tfsndrct.sys
08:48:12.0031 3760 tfsndrct - ok
08:48:12.0078 3760 tfsndres (0d863d020633025f1e4ad3e0e325d503) C:\WINDOWS\system32\dla\tfsndres.sys
08:48:12.0078 3760 tfsndres - ok
08:48:12.0125 3760 tfsnifs (e3e10696663e35062851a376299198bd) C:\WINDOWS\system32\dla\tfsnifs.sys
08:48:12.0125 3760 tfsnifs - ok
08:48:12.0156 3760 tfsnopio (00cc366bdcbd8a9a1c95c1c59900dd9b) C:\WINDOWS\system32\dla\tfsnopio.sys
08:48:12.0156 3760 tfsnopio - ok
08:48:12.0187 3760 tfsnpool (84a91d08f49831e8c24e4d25ddefae87) C:\WINDOWS\system32\dla\tfsnpool.sys
08:48:12.0187 3760 tfsnpool - ok
08:48:12.0234 3760 tfsnudf (55b761c6e2d4fcedac3b46b6c0724830) C:\WINDOWS\system32\dla\tfsnudf.sys
08:48:12.0234 3760 tfsnudf - ok
08:48:12.0265 3760 tfsnudfa (64c6e8c217e30ee595120c66f6e783ba) C:\WINDOWS\system32\dla\tfsnudfa.sys
08:48:12.0281 3760 tfsnudfa - ok
08:48:12.0343 3760 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:48:12.0359 3760 Themes - ok
08:48:12.0515 3760 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
08:48:12.0515 3760 TosIde - ok
08:48:12.0593 3760 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
08:48:12.0609 3760 TrkWks - ok
08:48:12.0781 3760 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:48:12.0781 3760 Udfs - ok
08:48:12.0906 3760 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
08:48:12.0906 3760 ultra - ok
08:48:13.0015 3760 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:48:13.0031 3760 Update - ok
08:48:13.0156 3760 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
08:48:13.0171 3760 upnphost - ok
08:48:13.0250 3760 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
08:48:13.0265 3760 UPS - ok
08:48:13.0406 3760 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:48:13.0406 3760 usbccgp - ok
08:48:13.0515 3760 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:48:13.0515 3760 usbehci - ok
08:48:13.0703 3760 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:48:13.0703 3760 usbhub - ok
08:48:13.0781 3760 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:48:13.0796 3760 usbprint - ok
08:48:13.0906 3760 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:48:13.0906 3760 usbscan - ok
08:48:14.0046 3760 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:48:14.0062 3760 USBSTOR - ok
08:48:14.0171 3760 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:48:14.0171 3760 usbuhci - ok
08:48:14.0250 3760 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:48:14.0265 3760 VgaSave - ok
08:48:14.0359 3760 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
08:48:14.0359 3760 viaagp - ok
08:48:14.0453 3760 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:48:14.0453 3760 ViaIde - ok
08:48:14.0562 3760 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:48:14.0562 3760 VolSnap - ok
08:48:14.0640 3760 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
08:48:14.0656 3760 VSS - ok
08:48:14.0765 3760 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
08:48:14.0781 3760 w32time - ok
08:48:14.0953 3760 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:48:14.0953 3760 Wanarp - ok
08:48:15.0046 3760 wanatw - ok
08:48:15.0078 3760 WDICA - ok
08:48:15.0171 3760 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:48:15.0171 3760 wdmaud - ok
08:48:15.0312 3760 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
08:48:15.0328 3760 WebClient - ok
08:48:15.0468 3760 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
08:48:15.0468 3760 WinDefend - ok
08:48:15.0640 3760 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:48:15.0656 3760 winmgmt - ok
08:48:15.0843 3760 wlidsvc (d9250b31b353ee3322c1cad411997e38) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:48:15.0906 3760 wlidsvc - ok
08:48:16.0031 3760 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
08:48:16.0046 3760 WmdmPmSN - ok
08:48:16.0171 3760 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:48:16.0171 3760 WmiApSrv - ok
08:48:16.0343 3760 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
08:48:16.0359 3760 WMPNetworkSvc - ok
08:48:16.0515 3760 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:48:16.0515 3760 WS2IFSL - ok
08:48:16.0609 3760 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
08:48:16.0625 3760 wscsvc - ok
08:48:16.0703 3760 WSearch - ok
08:48:16.0781 3760 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
08:48:16.0781 3760 wuauserv - ok
08:48:16.0921 3760 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:48:16.0921 3760 WudfPf - ok
08:48:17.0046 3760 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:48:17.0046 3760 WudfRd - ok
08:48:17.0125 3760 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
08:48:17.0140 3760 WudfSvc - ok
08:48:17.0250 3760 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
08:48:17.0265 3760 WZCSVC - ok
08:48:17.0375 3760 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
08:48:17.0390 3760 xmlprov - ok
08:48:17.0421 3760 MBR (0x1B8) (a03e065717cb65f3034ad33ad58b6bba) \Device\Harddisk0\DR0
08:48:17.0437 3760 \Device\Harddisk0\DR0 - ok
08:48:17.0468 3760 Boot (0x1200) (2e828e31f39f0b8cceda3c9475b885b5) \Device\Harddisk0\DR0\Partition0
08:48:17.0484 3760 \Device\Harddisk0\DR0\Partition0 - ok
08:48:17.0484 3760 ============================================================
08:48:17.0484 3760 Scan finished
08:48:17.0484 3760 ============================================================
08:48:17.0500 0320 Detected object count: 0
08:48:17.0500 0320 Actual detected object count: 0
08:48:46.0937 3676 Deinitialize success





08:50:42.0156 2448 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
08:50:42.0531 2448 ============================================================
08:50:42.0531 2448 Current date / time: 2012/04/21 08:50:42.0531
08:50:42.0531 2448 SystemInfo:
08:50:42.0531 2448
08:50:42.0531 2448 OS Version: 5.1.2600 ServicePack: 3.0
08:50:42.0531 2448 Product type: Workstation
08:50:42.0531 2448 ComputerName: DGJ2NV51
08:50:42.0531 2448 UserName: Larry
08:50:42.0531 2448 Windows directory: C:\WINDOWS
08:50:42.0531 2448 System windows directory: C:\WINDOWS
08:50:42.0531 2448 Processor architecture: Intel x86
08:50:42.0531 2448 Number of processors: 1
08:50:42.0531 2448 Page size: 0x1000
08:50:42.0531 2448 Boot type: Normal boot
08:50:42.0531 2448 ============================================================
08:50:44.0250 2448 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:50:44.0250 2448 \Device\Harddisk0\DR0:
08:50:44.0250 2448 MBR partitions:
08:50:44.0250 2448 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8DE2BED
08:50:44.0359 2448 C: <-> \Device\Harddisk0\DR0\Partition0
08:50:44.0359 2448 Initialize success
08:50:44.0359 2448 ============================================================
08:51:12.0187 1932 ============================================================
08:51:12.0187 1932 Scan started
08:51:12.0187 1932 Mode: Manual; SigCheck; TDLFS;
08:51:12.0187 1932 ============================================================
08:51:12.0437 1932 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:51:12.0562 1932 Aavmker4 - ok
08:51:12.0640 1932 Abiosdsk - ok
08:51:12.0734 1932 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
08:51:12.0890 1932 abp480n5 - ok
08:51:13.0062 1932 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:51:13.0234 1932 ACPI - ok
08:51:13.0390 1932 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:51:13.0531 1932 ACPIEC - ok
08:51:13.0703 1932 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:51:13.0718 1932 AdobeFlashPlayerUpdateSvc - ok
08:51:13.0875 1932 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
08:51:14.0062 1932 adpu160m - ok
08:51:14.0218 1932 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
08:51:14.0250 1932 aeaudio - ok
08:51:14.0421 1932 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:51:14.0562 1932 aec - ok
08:51:14.0734 1932 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:51:14.0796 1932 AFD - ok
08:51:14.0937 1932 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
08:51:15.0093 1932 agp440 - ok
08:51:15.0265 1932 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
08:51:15.0421 1932 agpCPQ - ok
08:51:15.0593 1932 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
08:51:15.0671 1932 Aha154x - ok
08:51:15.0843 1932 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
08:51:15.0984 1932 aic78u2 - ok
08:51:16.0156 1932 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
08:51:16.0296 1932 aic78xx - ok
08:51:16.0375 1932 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
08:51:16.0531 1932 Alerter - ok
08:51:16.0640 1932 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
08:51:16.0703 1932 ALG - ok
08:51:16.0875 1932 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
08:51:17.0031 1932 AliIde - ok
08:51:17.0187 1932 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
08:51:17.0328 1932 alim1541 - ok
08:51:17.0484 1932 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
08:51:17.0656 1932 amdagp - ok
08:51:17.0828 1932 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
08:51:17.0906 1932 amsint - ok
08:51:17.0953 1932 AppMgmt - ok
08:51:18.0046 1932 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
08:51:18.0187 1932 asc - ok
08:51:18.0359 1932 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
08:51:18.0437 1932 asc3350p - ok
08:51:18.0531 1932 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
08:51:18.0671 1932 asc3550 - ok
08:51:18.0890 1932 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:51:18.0906 1932 aspnet_state - ok
08:51:19.0062 1932 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:51:19.0078 1932 aswFsBlk - ok
08:51:19.0187 1932 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
08:51:19.0203 1932 aswMon2 - ok
08:51:19.0296 1932 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
08:51:19.0312 1932 aswRdr - ok
08:51:19.0484 1932 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
08:51:19.0531 1932 aswSnx - ok
08:51:19.0640 1932 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
08:51:19.0656 1932 aswSP - ok
08:51:19.0765 1932 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
08:51:19.0781 1932 aswTdi - ok
08:51:19.0890 1932 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:51:20.0046 1932 AsyncMac - ok
08:51:20.0218 1932 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:51:20.0359 1932 atapi - ok
08:51:20.0421 1932 Atdisk - ok
08:51:20.0515 1932 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:51:20.0671 1932 Atmarpc - ok
08:51:20.0781 1932 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
08:51:20.0937 1932 AudioSrv - ok
08:51:21.0093 1932 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:51:21.0234 1932 audstub - ok
08:51:21.0343 1932 Automatic LiveUpdate Scheduler - ok
08:51:21.0484 1932 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
08:51:21.0500 1932 avast! Antivirus - ok
08:51:21.0671 1932 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:51:21.0828 1932 Beep - ok
08:51:21.0937 1932 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
08:51:22.0125 1932 BITS - ok
08:51:22.0250 1932 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
08:51:22.0390 1932 Browser - ok
08:51:22.0546 1932 catchme - ok
08:51:22.0703 1932 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
08:51:22.0843 1932 cbidf - ok
08:51:22.0984 1932 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:51:23.0125 1932 cbidf2k - ok
08:51:23.0218 1932 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
08:51:23.0296 1932 cd20xrnt - ok
08:51:23.0468 1932 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:51:23.0609 1932 Cdaudio - ok
08:51:23.0718 1932 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:51:23.0859 1932 Cdfs - ok
08:51:24.0015 1932 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:51:24.0171 1932 Cdrom - ok
08:51:24.0312 1932 Changer - ok
08:51:24.0390 1932 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
08:51:24.0531 1932 CiSvc - ok
08:51:24.0640 1932 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
08:51:24.0796 1932 ClipSrv - ok
08:51:24.0984 1932 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:51:25.0000 1932 clr_optimization_v2.0.50727_32 - ok
08:51:25.0156 1932 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
08:51:25.0312 1932 CmdIde - ok
08:51:25.0359 1932 COMSysApp - ok
08:51:25.0453 1932 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
08:51:25.0609 1932 Cpqarray - ok
08:51:25.0734 1932 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
08:51:25.0890 1932 CryptSvc - ok
08:51:26.0046 1932 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
08:51:26.0187 1932 dac2w2k - ok
08:51:26.0375 1932 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
08:51:26.0515 1932 dac960nt - ok
08:51:26.0609 1932 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
08:51:26.0640 1932 DcomLaunch - ok
08:51:26.0750 1932 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
08:51:26.0890 1932 Dhcp - ok
08:51:27.0046 1932 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:51:27.0187 1932 Disk - ok
08:51:27.0234 1932 dmadmin - ok
08:51:27.0390 1932 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:51:27.0593 1932 dmboot - ok
08:51:27.0765 1932 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:51:27.0906 1932 dmio - ok
08:51:28.0046 1932 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:51:28.0203 1932 dmload - ok
08:51:28.0281 1932 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
08:51:28.0437 1932 dmserver - ok
08:51:28.0593 1932 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:51:28.0750 1932 DMusic - ok
08:51:28.0875 1932 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
08:51:28.0937 1932 Dnscache - ok
08:51:29.0062 1932 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
08:51:29.0250 1932 Dot3svc - ok
08:51:29.0421 1932 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
08:51:29.0578 1932 dpti2o - ok
08:51:29.0671 1932 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:51:29.0812 1932 drmkaud - ok
08:51:29.0953 1932 drvmcdb (049177996e5e33b5faf40cad2b82098c) C:\WINDOWS\system32\drivers\drvmcdb.sys
08:51:30.0000 1932 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
08:51:30.0000 1932 drvmcdb - detected UnsignedFile.Multi.Generic (1)
08:51:30.0187 1932 drvnddm (2f4134d073f972575c174e3d621f0107) C:\WINDOWS\system32\drivers\drvnddm.sys
08:51:30.0203 1932 drvnddm ( UnsignedFile.Multi.Generic ) - warning
08:51:30.0203 1932 drvnddm - detected UnsignedFile.Multi.Generic (1)
08:51:30.0343 1932 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
08:51:30.0359 1932 DSBrokerService - ok
08:51:30.0562 1932 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
08:51:30.0671 1932 DSproct ( UnsignedFile.Multi.Generic ) - warning
08:51:30.0671 1932 DSproct - detected UnsignedFile.Multi.Generic (1)
08:51:31.0046 1932 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
08:51:31.0093 1932 dsunidrv - ok
08:51:31.0265 1932 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:51:31.0296 1932 E100B - ok
08:51:31.0406 1932 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
08:51:31.0562 1932 EapHost - ok
08:51:31.0671 1932 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
08:51:31.0828 1932 ERSvc - ok
08:51:31.0953 1932 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:51:32.0000 1932 Eventlog - ok
08:51:32.0140 1932 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\Es.dll
08:51:32.0187 1932 EventSystem - ok
08:51:32.0375 1932 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:51:32.0515 1932 Fastfat - ok
08:51:32.0609 1932 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:51:32.0671 1932 FastUserSwitchingCompatibility - ok
08:51:32.0859 1932 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:51:33.0000 1932 Fdc - ok
08:51:33.0187 1932 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:51:33.0343 1932 Fips - ok
08:51:33.0500 1932 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:51:33.0656 1932 Flpydisk - ok
08:51:33.0843 1932 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:51:34.0000 1932 FltMgr - ok
08:51:34.0156 1932 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:51:34.0171 1932 FontCache3.0.0.0 - ok
08:51:34.0343 1932 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:51:34.0500 1932 Fs_Rec - ok
08:51:34.0609 1932 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:51:34.0750 1932 Ftdisk - ok
08:51:34.0937 1932 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:51:35.0093 1932 Gpc - ok
08:51:35.0265 1932 gupdate1cac2de67bcfd4c (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
08:51:35.0281 1932 gupdate1cac2de67bcfd4c - ok
08:51:35.0296 1932 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
08:51:35.0296 1932 gupdatem - ok
08:51:35.0437 1932 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:51:35.0593 1932 helpsvc - ok
08:51:35.0703 1932 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
08:51:35.0875 1932 HidServ - ok
08:51:36.0015 1932 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:51:36.0187 1932 HidUsb - ok
08:51:36.0312 1932 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
08:51:36.0468 1932 hkmsvc - ok
08:51:36.0640 1932 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
08:51:36.0781 1932 hpn - ok
08:51:37.0046 1932 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
08:51:37.0078 1932 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
08:51:37.0078 1932 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
08:51:37.0312 1932 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
08:51:37.0359 1932 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
08:51:37.0359 1932 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
08:51:37.0546 1932 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
08:51:37.0640 1932 HPZid412 - ok
08:51:37.0828 1932 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
08:51:37.0859 1932 HPZipr12 - ok
08:51:38.0046 1932 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
08:51:38.0078 1932 HPZius12 - ok
08:51:38.0281 1932 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:51:38.0296 1932 HTTP - ok
08:51:38.0421 1932 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
08:51:38.0578 1932 HTTPFilter - ok
08:51:38.0734 1932 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
08:51:38.0890 1932 i2omgmt - ok
08:51:39.0046 1932 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
08:51:39.0203 1932 i2omp - ok
08:51:39.0296 1932 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:51:39.0453 1932 i8042prt - ok
08:51:39.0671 1932 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
08:51:39.0781 1932 ialm - ok
08:51:40.0000 1932 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:51:40.0062 1932 idsvc - ok
08:51:40.0218 1932 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:51:40.0375 1932 Imapi - ok
08:51:40.0453 1932 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
08:51:40.0609 1932 ImapiService - ok
08:51:40.0796 1932 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
08:51:40.0937 1932 ini910u - ok
08:51:41.0046 1932 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:51:41.0203 1932 IntelIde - ok
08:51:41.0328 1932 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:51:41.0468 1932 intelppm - ok
08:51:41.0625 1932 IntelS51 (f61bd411a315b9721ddef61e44d34474) C:\WINDOWS\system32\DRIVERS\IntelS51.sys
08:51:41.0750 1932 IntelS51 - ok
08:51:41.0921 1932 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:51:42.0078 1932 Ip6Fw - ok
08:51:42.0187 1932 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:51:42.0312 1932 IpFilterDriver - ok
08:51:42.0421 1932 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:51:42.0562 1932 IpInIp - ok
08:51:42.0671 1932 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:51:42.0812 1932 IpNat - ok
08:51:42.0984 1932 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:51:43.0140 1932 IPSec - ok
08:51:43.0296 1932 IPVNMon (0b46016d4df29ff99edb33fadb643cbb) C:\WINDOWS\system32\drivers\IPVNMon.sys
08:51:43.0328 1932 IPVNMon ( UnsignedFile.Multi.Generic ) - warning
08:51:43.0328 1932 IPVNMon - detected UnsignedFile.Multi.Generic (1)
08:51:43.0484 1932 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:51:43.0562 1932 IRENUM - ok
08:51:43.0734 1932 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:51:43.0890 1932 isapnp - ok
08:51:44.0046 1932 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:51:44.0187 1932 Kbdclass - ok
08:51:44.0359 1932 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:51:44.0515 1932 kmixer - ok
08:51:44.0687 1932 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:51:44.0750 1932 KSecDD - ok
08:51:44.0843 1932 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
08:51:44.0906 1932 lanmanserver - ok
08:51:45.0015 1932 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
08:51:45.0046 1932 lanmanworkstation - ok
08:51:45.0187 1932 lbrtfdc - ok
08:51:45.0296 1932 LiveUpdate - ok
08:51:45.0406 1932 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
08:51:45.0562 1932 LmHosts - ok
08:51:45.0718 1932 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
08:51:45.0734 1932 MBAMProtector - ok
08:51:45.0890 1932 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
08:51:45.0937 1932 MBAMService - ok
08:51:46.0125 1932 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
08:51:46.0140 1932 McAfee SiteAdvisor Service - ok
08:51:46.0234 1932 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
08:51:46.0390 1932 Messenger - ok
08:51:46.0562 1932 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:51:46.0718 1932 mnmdd - ok
08:51:46.0828 1932 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
08:51:47.0000 1932 mnmsrvc - ok
08:51:47.0171 1932 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:51:47.0328 1932 Modem - ok
08:51:47.0484 1932 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
08:51:47.0640 1932 MODEMCSA - ok
08:51:47.0734 1932 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:51:47.0890 1932 Mouclass - ok
08:51:48.0046 1932 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:51:48.0218 1932 mouhid - ok
08:51:48.0375 1932 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:51:48.0531 1932 MountMgr - ok
08:51:48.0703 1932 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
08:51:48.0843 1932 mraid35x - ok
08:51:48.0968 1932 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:51:49.0109 1932 MRxDAV - ok
08:51:49.0281 1932 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:51:49.0375 1932 MRxSmb - ok
08:51:49.0453 1932 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
08:51:49.0625 1932 MSDTC - ok
08:51:49.0796 1932 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:51:49.0984 1932 Msfs - ok
08:51:50.0062 1932 MSIServer - ok
08:51:50.0171 1932 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:51:50.0343 1932 MSKSSRV - ok
08:51:50.0515 1932 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:51:50.0671 1932 MSPCLOCK - ok
08:51:50.0828 1932 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:51:50.0984 1932 MSPQM - ok
08:51:51.0156 1932 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:51:51.0312 1932 mssmbios - ok
08:51:51.0468 1932 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:51:51.0515 1932 Mup - ok
08:51:51.0640 1932 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
08:51:51.0796 1932 napagent - ok
08:51:52.0031 1932 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:51:52.0171 1932 NDIS - ok
08:51:52.0296 1932 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:51:52.0343 1932 NdisTapi - ok
08:51:52.0515 1932 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:51:52.0671 1932 Ndisuio - ok
08:51:52.0828 1932 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:51:52.0984 1932 NdisWan - ok
08:51:53.0125 1932 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:51:53.0187 1932 NDProxy - ok
08:51:53.0312 1932 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\WINDOWS\system32\HPZinw12.dll
08:51:53.0312 1932 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:51:53.0312 1932 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:51:53.0484 1932 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:51:53.0640 1932 NetBIOS - ok
08:51:53.0812 1932 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:51:53.0984 1932 NetBT - ok
08:51:54.0109 1932 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:51:54.0281 1932 NetDDE - ok
08:51:54.0296 1932 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:51:54.0437 1932 NetDDEdsdm - ok
08:51:54.0562 1932 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:51:54.0718 1932 Netlogon - ok
08:51:54.0859 1932 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
08:51:55.0015 1932 Netman - ok
08:51:55.0203 1932 NetSvc (02d0798f376fcbd0210eda58476d0b1b) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
08:51:55.0218 1932 NetSvc ( UnsignedFile.Multi.Generic ) - warning
08:51:55.0218 1932 NetSvc - detected UnsignedFile.Multi.Generic (1)
08:51:55.0390 1932 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:51:55.0406 1932 NetTcpPortSharing - ok
08:51:55.0515 1932 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
08:51:55.0562 1932 Nla - ok
08:51:55.0718 1932 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:51:55.0875 1932 Npfs - ok
08:51:56.0046 1932 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:51:56.0250 1932 Ntfs - ok
08:51:56.0359 1932 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:51:56.0500 1932 NtLmSsp - ok
08:51:56.0625 1932 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
08:51:56.0812 1932 NtmsSvc - ok
08:51:57.0000 1932 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:51:57.0171 1932 Null - ok
08:51:57.0531 1932 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:51:57.0765 1932 nv - ok
08:51:57.0921 1932 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:51:58.0093 1932 NwlnkFlt - ok
08:51:58.0265 1932 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:51:58.0421 1932 NwlnkFwd - ok
08:51:58.0515 1932 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
08:51:58.0671 1932 Parport - ok
08:51:58.0843 1932 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:51:58.0968 1932 PartMgr - ok
08:51:59.0078 1932 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:51:59.0234 1932 ParVdm - ok
08:51:59.0406 1932 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:51:59.0562 1932 PCI - ok
08:51:59.0703 1932 PCIDump - ok
08:51:59.0781 1932 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:51:59.0921 1932 PCIIde - ok
08:52:00.0046 1932 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:52:00.0203 1932 Pcmcia - ok
08:52:00.0328 1932 PDCOMP - ok
08:52:00.0375 1932 PDFRAME - ok
08:52:00.0421 1932 PDRELI - ok
08:52:00.0468 1932 PDRFRAME - ok
08:52:00.0546 1932 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
08:52:00.0703 1932 perc2 - ok
08:52:00.0921 1932 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
08:52:01.0062 1932 perc2hib - ok
08:52:01.0187 1932 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:52:01.0218 1932 PlugPlay - ok
08:52:01.0296 1932 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\WINDOWS\system32\HPZipm12.dll
08:52:01.0312 1932 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:52:01.0312 1932 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:52:01.0437 1932 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:52:01.0578 1932 PolicyAgent - ok
08:52:01.0750 1932 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:52:01.0906 1932 PptpMiniport - ok
08:52:02.0000 1932 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:52:02.0156 1932 ProtectedStorage - ok
08:52:02.0328 1932 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:52:02.0500 1932 PSched - ok
08:52:02.0640 1932 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:52:02.0796 1932 Ptilink - ok
08:52:02.0921 1932 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:52:02.0968 1932 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
08:52:02.0968 1932 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
08:52:03.0140 1932 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
08:52:03.0296 1932 ql1080 - ok
08:52:03.0406 1932 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
08:52:03.0562 1932 Ql10wnt - ok
08:52:03.0734 1932 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
08:52:03.0859 1932 ql12160 - ok
08:52:03.0968 1932 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
08:52:04.0125 1932 ql1240 - ok
08:52:04.0281 1932 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
08:52:04.0437 1932 ql1280 - ok
08:52:04.0531 1932 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:52:04.0671 1932 RasAcd - ok
08:52:04.0750 1932 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
08:52:04.0921 1932 RasAuto - ok
08:52:05.0078 1932 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:52:05.0218 1932 Rasl2tp - ok
08:52:05.0343 1932 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
08:52:05.0515 1932 RasMan - ok
08:52:05.0671 1932 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:52:05.0828 1932 RasPppoe - ok
08:52:05.0968 1932 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:52:06.0156 1932 Raspti - ok
08:52:06.0265 1932 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:52:06.0421 1932 Rdbss - ok
08:52:06.0593 1932 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:52:06.0750 1932 RDPCDD - ok
08:52:06.0859 1932 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:52:07.0015 1932 rdpdr - ok
08:52:07.0171 1932 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
08:52:07.0234 1932 RDPWD - ok
08:52:07.0343 1932 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
08:52:07.0484 1932 RDSessMgr - ok
08:52:07.0640 1932 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:52:07.0796 1932 redbook - ok
08:52:07.0906 1932 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
08:52:08.0046 1932 RemoteAccess - ok
08:52:08.0140 1932 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
08:52:08.0281 1932 RpcLocator - ok
08:52:08.0406 1932 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
08:52:08.0421 1932 RpcSs - ok
08:52:08.0546 1932 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
08:52:08.0687 1932 RSVP - ok
08:52:08.0828 1932 SABProcEnum - ok
08:52:08.0953 1932 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:52:09.0093 1932 SamSs - ok
08:52:09.0265 1932 SBRE (c1ae5d1f53285d79a0b73a62af20734f) C:\WINDOWS\system32\drivers\SBREdrv.sys
08:52:09.0281 1932 SBRE - ok
08:52:09.0359 1932 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
08:52:09.0531 1932 SCardSvr - ok
08:52:09.0640 1932 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
08:52:09.0812 1932 Schedule - ok
08:52:09.0937 1932 SeaPort - ok
08:52:10.0109 1932 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:52:10.0203 1932 Secdrv - ok
08:52:10.0265 1932 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
08:52:10.0421 1932 seclogon - ok
08:52:10.0531 1932 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
08:52:10.0687 1932 SENS - ok
08:52:10.0859 1932 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:52:11.0000 1932 serenum - ok
08:52:11.0171 1932 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
08:52:11.0328 1932 Serial - ok
08:52:11.0500 1932 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:52:11.0656 1932 Sfloppy - ok
08:52:11.0750 1932 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
08:52:11.0906 1932 SharedAccess - ok
08:52:12.0015 1932 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:52:12.0031 1932 ShellHWDetection - ok
08:52:12.0156 1932 Simbad - ok
08:52:12.0250 1932 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
08:52:12.0390 1932 sisagp - ok
08:52:12.0593 1932 smwdm (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys
08:52:12.0671 1932 smwdm - ok
08:52:12.0843 1932 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
08:52:12.0953 1932 Sparrow - ok
08:52:13.0125 1932 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:52:13.0265 1932 splitter - ok
08:52:13.0375 1932 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
08:52:13.0390 1932 Spooler - ok
08:52:13.0484 1932 sprtsvc_dellsupportcenter - ok
08:52:13.0656 1932 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:52:13.0734 1932 sr - ok
08:52:13.0859 1932 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
08:52:13.0953 1932 srservice - ok
08:52:14.0125 1932 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:52:14.0187 1932 Srv - ok
08:52:14.0375 1932 sscdbhk5 (7c0c9bdca2d351ff3b4f9b69f99aa995) C:\WINDOWS\system32\drivers\sscdbhk5.sys
08:52:14.0390 1932 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
08:52:14.0390 1932 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
08:52:14.0468 1932 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
08:52:14.0546 1932 SSDPSRV - ok
08:52:14.0734 1932 ssrtln (31726706d54894d5059f7471111a87bb) C:\WINDOWS\system32\drivers\ssrtln.sys
08:52:14.0750 1932 ssrtln ( UnsignedFile.Multi.Generic ) - warning
08:52:14.0750 1932 ssrtln - detected UnsignedFile.Multi.Generic (1)
08:52:14.0890 1932 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
08:52:15.0062 1932 stisvc - ok
08:52:15.0218 1932 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:52:15.0375 1932 swenum - ok
08:52:15.0468 1932 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:52:15.0625 1932 swmidi - ok
08:52:15.0703 1932 SwPrv - ok
08:52:15.0828 1932 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
08:52:15.0968 1932 symc810 - ok
08:52:16.0078 1932 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
08:52:16.0234 1932 symc8xx - ok
08:52:16.0406 1932 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
08:52:16.0546 1932 sym_hi - ok
08:52:16.0734 1932 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
08:52:16.0875 1932 sym_u3 - ok
08:52:17.0046 1932 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:52:17.0203 1932 sysaudio - ok
08:52:17.0281 1932 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
08:52:17.0421 1932 SysmonLog - ok
08:52:17.0531 1932 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
08:52:17.0703 1932 TapiSrv - ok
08:52:17.0906 1932 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:52:17.0921 1932 Tcpip - ok
08:52:18.0046 1932 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:52:18.0203 1932 TDPIPE - ok
08:52:18.0359 1932 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:52:18.0531 1932 TDTCP - ok
08:52:18.0625 1932 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:52:18.0781 1932 TermDD - ok
08:52:18.0921 1932 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
08:52:19.0078 1932 TermService - ok
08:52:19.0234 1932 tfsnboio (b0d311f33c5b4a5858e4e6c965a79267) C:\WINDOWS\system32\dla\tfsnboio.sys
08:52:19.0250 1932 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
08:52:19.0250 1932 tfsnboio - detected UnsignedFile.Multi.Generic (1)
08:52:19.0406 1932 tfsncofs (250f74fce5d1eccb29ad9abeb55f35d8) C:\WINDOWS\system32\dla\tfsncofs.sys
08:52:19.0421 1932 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
08:52:19.0421 1932 tfsncofs - detected UnsignedFile.Multi.Generic (1)
08:52:19.0578 1932 tfsndrct (e23291934c59e1741ba83582e7a209c0) C:\WINDOWS\system32\dla\tfsndrct.sys
08:52:19.0593 1932 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
08:52:19.0593 1932 tfsndrct - detected UnsignedFile.Multi.Generic (1)
08:52:19.0750 1932 tfsndres (0d863d020633025f1e4ad3e0e325d503) C:\WINDOWS\system32\dla\tfsndres.sys
08:52:19.0765 1932 tfsndres ( UnsignedFile.Multi.Generic ) - warning
08:52:19.0765 1932 tfsndres - detected UnsignedFile.Multi.Generic (1)
08:52:19.0937 1932 tfsnifs (e3e10696663e35062851a376299198bd) C:\WINDOWS\system32\dla\tfsnifs.sys
08:52:19.0984 1932 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
08:52:19.0984 1932 tfsnifs - detected UnsignedFile.Multi.Generic (1)
08:52:20.0140 1932 tfsnopio (00cc366bdcbd8a9a1c95c1c59900dd9b) C:\WINDOWS\system32\dla\tfsnopio.sys
08:52:20.0156 1932 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
08:52:20.0156 1932 tfsnopio - detected UnsignedFile.Multi.Generic (1)
08:52:20.0312 1932 tfsnpool (84a91d08f49831e8c24e4d25ddefae87) C:\WINDOWS\system32\dla\tfsnpool.sys
08:52:20.0312 1932 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
08:52:20.0312 1932 tfsnpool - detected UnsignedFile.Multi.Generic (1)
08:52:20.0484 1932 tfsnudf (55b761c6e2d4fcedac3b46b6c0724830) C:\WINDOWS\system32\dla\tfsnudf.sys
08:52:20.0500 1932 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
08:52:20.0500 1932 tfsnudf - detected UnsignedFile.Multi.Generic (1)
08:52:20.0656 1932 tfsnudfa (64c6e8c217e30ee595120c66f6e783ba) C:\WINDOWS\system32\dla\tfsnudfa.sys
08:52:20.0656 1932 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
08:52:20.0656 1932 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
08:52:20.0781 1932 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:52:20.0796 1932 Themes - ok
08:52:20.0984 1932 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
08:52:21.0125 1932 TosIde - ok
08:52:21.0250 1932 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
08:52:21.0406 1932 TrkWks - ok
08:52:21.0578 1932 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:52:21.0734 1932 Udfs - ok
08:52:21.0843 1932 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
08:52:21.0953 1932 ultra - ok
08:52:22.0140 1932 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:52:22.0296 1932 Update - ok
08:52:22.0406 1932 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
08:52:22.0500 1932 upnphost - ok
08:52:22.0609 1932 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
08:52:22.0781 1932 UPS - ok
08:52:22.0937 1932 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:52:23.0078 1932 usbccgp - ok
08:52:23.0187 1932 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:52:23.0343 1932 usbehci - ok
08:52:23.0515 1932 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:52:23.0671 1932 usbhub - ok
08:52:23.0859 1932 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:52:24.0031 1932 usbprint - ok
08:52:24.0203 1932 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:52:24.0359 1932 usbscan - ok
08:52:24.0515 1932 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:52:24.0671 1932 USBSTOR - ok
08:52:24.0765 1932 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:52:24.0921 1932 usbuhci - ok
08:52:25.0078 1932 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:52:25.0218 1932 VgaSave - ok
08:52:25.0312 1932 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
08:52:25.0468 1932 viaagp - ok
08:52:25.0640 1932 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:52:25.0796 1932 ViaIde - ok
08:52:25.0906 1932 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:52:26.0093 1932 VolSnap - ok
08:52:26.0203 1932 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
08:52:26.0265 1932 VSS - ok
08:52:26.0390 1932 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
08:52:26.0546 1932 w32time - ok
08:52:26.0687 1932 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:52:26.0828 1932 Wanarp - ok
08:52:26.0953 1932 wanatw - ok
08:52:27.0015 1932 WDICA - ok
08:52:27.0125 1932 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:52:27.0265 1932 wdmaud - ok
08:52:27.0390 1932 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
08:52:27.0562 1932 WebClient - ok
08:52:27.0703 1932 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
08:52:27.0703 1932 WinDefend - ok
08:52:27.0890 1932 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:52:28.0031 1932 winmgmt - ok
08:52:28.0234 1932 wlidsvc (d9250b31b353ee3322c1cad411997e38) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:52:28.0328 1932 wlidsvc - ok
08:52:28.0437 1932 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
08:52:28.0484 1932 WmdmPmSN - ok
08:52:28.0640 1932 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:52:28.0796 1932 WmiApSrv - ok
08:52:28.0984 1932 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
08:52:29.0062 1932 WMPNetworkSvc - ok
08:52:29.0234 1932 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:52:29.0390 1932 WS2IFSL - ok
08:52:29.0515 1932 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
08:52:29.0687 1932 wscsvc - ok
08:52:29.0765 1932 WSearch - ok
08:52:29.0843 1932 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
08:52:30.0000 1932 wuauserv - ok
08:52:30.0171 1932 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:52:30.0234 1932 WudfPf - ok
08:52:30.0406 1932 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:52:30.0437 1932 WudfRd - ok
08:52:30.0546 1932 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
08:52:30.0609 1932 WudfSvc - ok
08:52:30.0734 1932 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
08:52:30.0937 1932 WZCSVC - ok
08:52:31.0046 1932 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
08:52:31.0203 1932 xmlprov - ok
08:52:31.0218 1932 MBR (0x1B8) (a03e065717cb65f3034ad33ad58b6bba) \Device\Harddisk0\DR0
08:52:31.0312 1932 \Device\Harddisk0\DR0 - ok
08:52:31.0343 1932 Boot (0x1200) (2e828e31f39f0b8cceda3c9475b885b5) \Device\Harddisk0\DR0\Partition0
08:52:31.0343 1932 \Device\Harddisk0\DR0\Partition0 - ok
08:52:31.0359 1932 ============================================================
08:52:31.0359 1932 Scan finished
08:52:31.0359 1932 ============================================================
08:52:31.0468 0448 Detected object count: 21
08:52:31.0468 0448 Actual detected object count: 21
08:53:44.0171 0448 drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0171 0448 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0171 0448 drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0171 0448 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0171 0448 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0171 0448 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0171 0448 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0171 0448 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0171 0448 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0171 0448 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 IPVNMon ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 IPVNMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0187 0448 tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0187 0448 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0203 0448 tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0203 0448 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0203 0448 tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0203 0448 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0203 0448 tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0203 0448 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0203 0448 tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0203 0448 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0203 0448 tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0203 0448 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0203 0448 tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0203 0448 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:44.0203 0448 tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
08:53:44.0203 0448 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:53:51.0640 3324 Deinitialize success





aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-21 08:56:30
-----------------------------
08:56:30.609 OS Version: Windows 5.1.2600 Service Pack 3
08:56:30.609 Number of processors: 1 586 0x304
08:56:30.609 ComputerName: DGJ2NV51 UserName: Larry
08:56:31.031 Initialize success
08:56:34.906 AVAST engine defs: 12042100
08:57:16.015 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
08:57:16.015 Disk 0 Vendor: ST380011A 8.16 Size: 76293MB BusType: 3
08:57:16.015 Disk 0 MBR read successfully
08:57:16.031 Disk 0 MBR scan
08:57:16.531 Disk 0 unknown MBR code
08:57:16.546 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 47 MB offset 63
08:57:17.250 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 72645 MB offset 96390
08:57:17.640 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 3584 MB offset 148890420
08:57:17.828 Disk 0 scanning sectors +156232125
08:57:18.187 Disk 0 scanning C:\WINDOWS\system32\drivers
08:57:37.500 Service scanning
08:58:11.765 Modules scanning
08:58:31.437 AVAST engine scan C:\WINDOWS
08:58:37.656 AVAST engine scan C:\WINDOWS\system32
09:01:17.500 AVAST engine scan C:\WINDOWS\system32\drivers
09:01:37.593 AVAST engine scan C:\Documents and Settings\Larry
09:06:24.265 AVAST engine scan C:\Documents and Settings\All Users
09:13:34.562 Scan finished successfully
09:17:16.859 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Larry\Desktop\MBR.dat"
09:17:16.875 The log file has been saved successfully to "C:\Documents and Settings\Larry\Desktop\aswMBR.txt"





OTL logfile created on: 4/21/2012 9:20:17 AM - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Documents and Settings\Larry\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.98 Mb Total Physical Memory | 198.39 Mb Available Physical Memory | 19.55% Memory free
2.85 Gb Paging File | 2.19 Gb Available in Paging File | 76.92% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 41.53 Gb Free Space | 58.54% Space Free | Partition Type: NTFS
Drive E: | 7.22 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DGJ2NV51 | User Name: Larry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/21 08:08:21 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/04/18 13:23:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/26 02:34:22 | 000,306,688 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
PRC - [2012/03/10 00:03:33 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2012/03/06 18:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/07/21 16:19:46 | 000,129,536 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\browser\ybrwicon.exe
PRC - [2006/03/03 13:18:10 | 000,200,704 | ---- | M] (Yahoo!, Inc.) -- C:\Program Files\Yahoo!\browser\ycommon.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/21 08:08:20 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/04/21 01:32:24 | 001,769,984 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12042100\algo.dll
MOD - [2012/02/24 19:29:28 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
MOD - [2012/02/24 19:27:19 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
MOD - [2012/02/24 19:26:49 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012/02/18 12:28:37 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/02/18 12:26:45 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012/02/18 12:23:22 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012/02/18 12:00:11 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012/02/17 23:52:35 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/10/12 16:20:09 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2009/02/13 13:44:56 | 000,071,696 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll
MOD - [2009/02/13 13:44:52 | 000,207,376 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\cntscan.dll
MOD - [2009/02/13 13:44:52 | 000,117,264 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\apengine.dll
MOD - [2006/02/23 16:13:02 | 000,038,912 | ---- | M] () -- C:\Program Files\Yahoo!\browser\YCommonPS.dll
MOD - [2004/04/11 19:57:44 | 000,040,960 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DirWatcher.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - File not found [Disabled | Stopped] -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE -- (LiveUpdate)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/16 09:10:37 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\Yahoo!\browser\SABProcEnum.sys -- (SABProcEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Larry\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Larry\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys -- (MBAMProtector)
DRV - [2012/03/06 18:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 18:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 18:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/06 18:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 18:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 18:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 17:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/11/09 14:56:12 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SBREDrv.sys -- (SBRE)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004/12/10 23:30:42 | 001,903,338 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelS51.sys -- (IntelS51) Intel®
DRV - [2004/04/15 13:31:02 | 000,101,480 | ---- | M] (Visual Networks) [Kernel | Boot | Unknown] -- C:\WINDOWS\System32\drivers\IPVNMon.sys -- (IPVNMon)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {318FB8C0-187A-44B1-9219-515739926BC6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...3A-F057AC50981E
IE - HKCU\..\SearchScopes\{318FB8C0-187A-44B1-9219-515739926BC6}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{3BF3B163-2C8E-41FF-94F8-F0AF9A383AE5}: "URL" = http://www.google.co...&rlz=1I7PCTA_en
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://bing.zugo.com...fg=2-76-0-1konn
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://bing.zugo.com...-76-0-1kosp&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer8: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYVerInfo.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer8: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Larry\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/13 14:25:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/03/22 07:12:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/24 10:15:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/10 00:06:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/04/16 07:34:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/21 08:08:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/21 08:08:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/13 14:25:16 | 000,000,000 | ---D | M]

[2012/04/16 08:07:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Extensions
[2012/04/21 08:08:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions
[2010/06/09 20:53:04 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}
[2010/06/09 20:55:25 | 000,000,000 | ---D | M] (Shop to Win5) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions\{c6bb86ca-9f1d-4fbe-84cd-4c1fac754d08}
[2012/04/21 08:08:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\extensions\staged
[2010/09/28 22:39:14 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\searchplugins\askcom.xml
[2008/02/06 14:14:15 | 000,000,277 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\searchplugins\search.xml
[2012/04/18 13:20:20 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\a8e3714m.default\searchplugins\siteadvisor.xml
[2011/12/12 17:40:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/21 08:08:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/04/21 08:08:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2006/10/02 22:59:57 | 000,040,552 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\mozilla firefox\plugins\NPAdbESD.dll
[2012/04/21 08:08:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/21 08:08:15 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe ESD Manager Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\Larry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/21 08:34:34 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2008/03/17 14:44:12 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2008/03/17 14:44:12 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2008/03/17 14:44:12 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2008/03/17 14:44:12 | 000,000,000 | ---D | M]
O9 - Extra Button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} http://www.xblock.co...clean_micro.exe (Reg Error: Key error.)
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} http://amiuptodate.m...pdatePortal.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...840/mcfscan.cab (McFreeScan Class)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CC54B11-78D3-4423-9234-AF5A7F0D8F60}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Larry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Larry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe - (Yahoo! Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {0430454D-47EA-11D6-AD58-00010333D0AD} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} - Reg Error: Value error.
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {34C70B70-8FFF-4179-A2EB-0819FFA38126} - Reg Error: Value error.
ActiveX: {362A5D5E-1BF6-4CA7-87B4-B6686F3C1BEF} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {38539595-3E29-410d-ABBD-3D6A75BC9A73} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4DAEE2D4-A471-42AC-97A2-4C2A79C77648} - Reg Error: Value error.
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser
ActiveX: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - Reg Error: Value error.
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {944D7BBB-EA1D-43EB-B49F-F517CF2B6C9D} - Reg Error: Value error.
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider
ActiveX: {A0739DE2-571F-11D2-A031-0060977F760C} - InterActual PCFriendly ActiveX Control
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {CE734E0A-D6D3-4A92-AF9F-499BE87A025C} - Reg Error: Value error.
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {F53CE5EC-1CD8-41EB-A220-F8EA247E3A06} - Reg Error: Value error.
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\SERWVDRV.DLL (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/04/21 08:54:35 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Larry\Desktop\aswMBR.exe
[2012/04/21 08:44:21 | 002,072,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Larry\Desktop\tdsskiller.exe
[2012/04/21 08:18:28 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/04/21 08:15:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/04/21 08:15:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/04/21 08:15:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/04/21 08:15:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/04/21 08:15:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/04/21 08:15:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/21 08:12:51 | 004,470,025 | R--- | C] (Swearware) -- C:\Documents and Settings\Larry\Desktop\ComboFix.exe
[2012/04/21 00:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Sun
[2012/04/20 07:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2012/04/20 07:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2012/04/18 13:23:12 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.exe
[2012/04/16 17:52:49 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012/04/16 17:52:49 | 000,027,984 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2012/04/16 17:52:08 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2012/04/16 12:00:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Larry\Local Settings\Application Data\visi_coupon
[2012/03/31 21:21:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Larry\Recent
[2012/03/23 11:20:17 | 000,000,000 | ---D | C] -- C:\w
[2012/03/23 11:20:13 | 000,000,000 | ---D | C] -- C:\skins
[2012/03/23 11:20:07 | 000,000,000 | ---D | C] -- C:\e
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/21 09:17:16 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Larry\Desktop\MBR.dat
[2012/04/21 09:10:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/21 08:55:07 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Larry\Desktop\aswMBR.exe
[2012/04/21 08:44:31 | 002,072,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Larry\Desktop\tdsskiller.exe
[2012/04/21 08:44:13 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Larry\Desktop\Computer running very slow. Mention of rootkit infection, please help - Geeks to Go Forums.URL
[2012/04/21 08:34:34 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2012/04/21 08:18:36 | 000,000,327 | RHS- | M] () -- C:\BOOT.INI
[2012/04/21 08:13:07 | 004,470,025 | R--- | M] (Swearware) -- C:\Documents and Settings\Larry\Desktop\ComboFix.exe
[2012/04/21 08:03:01 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/21 07:59:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/04/21 07:58:38 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/21 07:58:37 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2740297282-3233457664-774040315-1006.job
[2012/04/21 07:58:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/04/21 07:36:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/20 23:10:01 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2740297282-3233457664-774040315-1006.job
[2012/04/20 07:58:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/04/18 13:23:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.exe
[2012/04/17 03:02:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/16 16:29:46 | 000,000,210 | ---- | M] () -- C:\Boot.bak
[2012/04/16 13:43:43 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/04/16 09:40:12 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/04/16 09:16:32 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/16 09:10:36 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/16 09:10:35 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/03/30 18:55:25 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Larry\Desktop\Update Checker.lnk
[2012/03/30 18:47:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/03/23 11:20:31 | 000,000,240 | ---- | M] () -- C:\srch_site_1.gif
[2012/03/23 11:20:30 | 000,000,277 | ---- | M] () -- C:\mov_1.gif
[2012/03/23 11:20:30 | 000,000,274 | ---- | M] () -- C:\trav_1.gif
[2012/03/23 11:20:29 | 000,000,273 | ---- | M] () -- C:\srch_stk_1.gif
[2012/03/23 11:20:25 | 000,000,284 | ---- | M] () -- C:\srch_map_1.gif
[2012/03/23 11:20:24 | 000,000,138 | ---- | M] () -- C:\flk2.gif
[2012/03/23 11:20:24 | 000,000,103 | ---- | M] () -- C:\del_1.gif
[2012/03/23 11:20:23 | 000,000,380 | ---- | M] () -- C:\edu.bmp
[2012/03/23 11:20:23 | 000,000,268 | ---- | M] () -- C:\ab_1.gif
[2012/03/23 11:20:23 | 000,000,121 | ---- | M] () -- C:\srch_nws_1.gif
[2012/03/23 11:20:22 | 000,000,304 | ---- | M] () -- C:\dir.bmp
[2012/03/23 11:20:22 | 000,000,279 | ---- | M] () -- C:\hj_1.gif
[2012/03/23 11:20:21 | 000,000,265 | ---- | M] () -- C:\srch_ans_1.gif
[2012/03/23 11:20:21 | 000,000,123 | ---- | M] () -- C:\srch_sh_1.gif
[2012/03/23 11:20:21 | 000,000,113 | ---- | M] () -- C:\srch_aud_1.gif
[2012/03/23 11:20:20 | 000,000,131 | ---- | M] () -- C:\srch_loc_1.gif
[2012/03/23 11:20:20 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2012/03/23 11:20:20 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2012/03/23 11:20:15 | 000,000,352 | ---- | M] () -- C:\addmy.bmp
[2012/03/23 11:20:14 | 000,001,028 | ---- | M] () -- C:\msgr_on.bmp
[2012/03/23 11:20:12 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/21 09:17:16 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Larry\Desktop\MBR.dat
[2012/04/21 08:44:13 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Larry\Desktop\Computer running very slow. Mention of rootkit infection, please help - Geeks to Go Forums.URL
[2012/04/21 08:18:36 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2012/04/21 08:18:31 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/04/21 08:15:28 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/04/21 08:15:28 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/04/21 08:15:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/04/21 08:15:28 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/04/21 08:15:28 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/04/17 03:02:11 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/03/23 11:20:30 | 000,000,277 | ---- | C] () -- C:\mov_1.gif
[2012/03/23 11:20:30 | 000,000,274 | ---- | C] () -- C:\trav_1.gif
[2012/03/23 11:20:30 | 000,000,240 | ---- | C] () -- C:\srch_site_1.gif
[2012/03/23 11:20:29 | 000,000,273 | ---- | C] () -- C:\srch_stk_1.gif
[2012/03/23 11:20:25 | 000,000,284 | ---- | C] () -- C:\srch_map_1.gif
[2012/03/23 11:20:24 | 000,000,138 | ---- | C] () -- C:\flk2.gif
[2012/03/23 11:20:24 | 000,000,103 | ---- | C] () -- C:\del_1.gif
[2012/03/23 11:20:23 | 000,000,380 | ---- | C] () -- C:\edu.bmp
[2012/03/23 11:20:23 | 000,000,268 | ---- | C] () -- C:\ab_1.gif
[2012/03/23 11:20:22 | 000,000,304 | ---- | C] () -- C:\dir.bmp
[2012/03/23 11:20:22 | 000,000,279 | ---- | C] () -- C:\hj_1.gif
[2012/03/23 11:20:22 | 000,000,121 | ---- | C] () -- C:\srch_nws_1.gif
[2012/03/23 11:20:21 | 000,000,265 | ---- | C] () -- C:\srch_ans_1.gif
[2012/03/23 11:20:21 | 000,000,113 | ---- | C] () -- C:\srch_aud_1.gif
[2012/03/23 11:20:20 | 000,000,131 | ---- | C] () -- C:\srch_loc_1.gif
[2012/03/23 11:20:20 | 000,000,123 | ---- | C] () -- C:\srch_sh_1.gif
[2012/03/23 11:20:20 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2012/03/23 11:20:20 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2012/03/23 11:20:15 | 000,000,352 | ---- | C] () -- C:\addmy.bmp
[2012/03/23 11:20:14 | 000,001,028 | ---- | C] () -- C:\msgr_on.bmp
[2012/03/23 11:20:12 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2012/02/17 23:07:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST380011A
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 0.00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 71.00GB
Starting Offset: 49351680
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 4.00GB
Starting Offset: 76231895040
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2009/10/22 12:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Adobe
[2006/07/09 20:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\AdobeAUM
[2006/03/14 13:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\AdobeUM
[2011/12/12 16:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Apple Computer
[2006/06/05 18:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Corel
[2005/12/30 13:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\CyberLink
[2011/04/27 18:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\DriverCure
[2006/10/20 11:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Google
[2007/04/11 18:33:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Larry\Application Data\Gtek
[2006/05/14 16:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Help
[2008/12/16 01:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\HP
[2012/04/21 08:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\HPAppData
[2010/07/22 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\HpUpdate
[2004/10/19 15:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Identities
[2004/10/19 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Jasc Software Inc
[2007/01/29 18:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Lavasoft
[2005/12/30 13:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Leadertech
[2005/12/12 23:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Macromedia
[2010/04/15 21:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Malwarebytes
[2009/12/03 15:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\McAfee
[2011/12/12 18:27:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Larry\Application Data\Microsoft
[2012/04/16 08:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Mozilla
[2006/06/20 20:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Musicmatch
[2007/03/21 21:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\MySpace
[2006/04/10 17:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Netscape
[2011/04/27 18:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\ParetoLogic
[2006/06/05 18:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\PC Tools
[2011/12/11 22:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Real
[2006/06/08 17:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Registry Booster
[2010/12/04 20:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Registry Mechanic
[2005/12/30 13:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Sonic
[2004/10/19 15:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Sun
[2007/08/10 12:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Systweak
[2011/10/30 11:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\U3
[2011/03/14 20:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Uniblue
[2010/04/17 21:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Windows Desktop Search
[2010/05/18 15:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Windows Search
[2011/10/23 14:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Yahoo!

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys
[2008/08/26 20:57:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:atapi.sys
[2008/08/26 20:57:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\I386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\SYSTEM32\csrss.exe
[2004/08/04 05:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\I386\CSRSS.EXE
[2004/08/04 05:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SYSTEM32\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\I386\SVCHOST.EXE
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\I386\USERINIT.EXE
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\I386\WINLOGON.EXE
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/21 08:08:15 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/21 08:08:15 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/21 08:08:15 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/04/21 08:08:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/04/21 08:08:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/21 08:08:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\YBROWSER.EXE\shell\open\command\\: "C:\PROGRA~1\Yahoo!\browser\ybrowser.exe" [2006/08/11 19:53:02 | 000,668,184 | ---- | M] (Yahoo!, Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/21 08:08:15 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/21 08:08:15 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/21 08:08:15 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/04/21 08:08:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/04/21 08:08:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/21 08:08:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\YBROWSER.EXE\shell\open\command\\: "C:\PROGRA~1\Yahoo!\browser\ybrowser.exe" [2006/08/11 19:53:02 | 000,668,184 | ---- | M] (Yahoo!, Inc.)

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >





OTL Extras logfile created on: 4/21/2012 9:20:17 AM - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Documents and Settings\Larry\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.98 Mb Total Physical Memory | 198.39 Mb Available Physical Memory | 19.55% Memory free
2.85 Gb Paging File | 2.19 Gb Available in Paging File | 76.92% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 41.53 Gb Free Space | 58.54% Space Free | Partition Type: NTFS
Drive E: | 7.22 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DGJ2NV51 | User Name: Larry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"427:UDP" = 427:UDP:*:Enabled:SLP_Port(427)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"427:UDP" = 427:UDP:*:Enabled:SLP_Port(427)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"E:\setup\HPZnui01.exe" = E:\setup\HPZnui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe:*:Enabled:hpqcopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{097346E0-6A51-11D1-AD16-00A0C95E0503}(SBC)" = Visual IP InSight(SBC)
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{114AA4D3-A577-400E-A1B2-3CF75CF8D2E2}" = C5500_Help
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{22988B2A-374A-4A7B-B795-A1AFF2046BE9}" = PhotoGallery
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java™ 7 Update 3
"{26BEE28E-C285-4532-82D3-7CE3C5F805D4}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{403EF592-953B-4794-BCEF-ECAB835C2095}" =
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{54AA707B-68DA-49A4-9916-68DD670241BD}" = AT&T Yahoo! Music Jukebox
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B8B9664-21C8-4A1C-AEE4-EF7B1EEB6BD3}" = PS_AIO_04_C5500_Software
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66468F4D-BC4E-470C-9093-B3B6A1BB378C}" = MSN Toolbar Platform
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{6CC1EE94-B426-478B-AE83-F83EBB4EF66A}" = HPPhotoSmartDiscLabel_PaperLabel
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7ED180E1-ADE9-4C69-8845-BDF518D763B8}" = hpphotosmartdisclabelplugin
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A558B0C-541D-47e0-A177-8635CE723B07}" = HP Photosmart C5500 All-In-One Driver Software 11.0 Rel .4
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8E37A0C8-C0E7-4E7A-8739-ACF20D02E70C}" = PS_AIO_04_C5500_Software_Min
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91120409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9310B0-FAD0-440E-97B1-5EE14568EF78}" = PS_AIO_04_C5500_ProductContext
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{BB8B979E-E336-47E7-96BC-1031C1B94561}" =
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BCC09E9C-3340-473D-A4FE-8580992CA77A}" = HPPhotoSmartDiscLabelContent1
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C77A7F57-0BA5-4A17-B1C4-28E1D5F5A6EC}" = C5500
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003" =
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043" =
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = Expert PDF 7 Reader
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"avast" = avast! Free Antivirus
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"FileHippo.com" = FileHippo.com Update Checker
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photo & Imaging" = HP Image Zone 3.5
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Intel® 536EP Modem" = Intel® 536EP Modem
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MicroSim Inhospital" = MicroSim Inhospital
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 15.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Applications" = AT&T Yahoo! Applications

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/16/2012 10:37:23 AM | Computer Name = DGJ2NV51 | Source = Application Error | ID = 1000
Description = Faulting application ycommon.exe, version 2006.3.2.1, faulting module
ycommon.exe, version 2006.3.2.1, fault address 0x00004ffc.

Error - 4/16/2012 12:59:15 PM | Computer Name = DGJ2NV51 | Source = MsiInstaller | ID = 11721
Description = Product: HP Photosmart Essential 2.5 -- Error 1721. There is a problem
with this Windows Installer package. A program required for this install to complete
could not be run. Contact your support personnel or package vendor. Action: KillMon.27372AF7_42C8_4792_AC6F_A9ACB331F2E7,
location: C:\Program Files\HP\Digital Imaging\bin\, command: C:\Program Files\HP\Digital
Imaging\bin\HpqSRmon.exe "-off"

Error - 4/16/2012 1:01:43 PM | Computer Name = DGJ2NV51 | Source = Application Hang | ID = 1002
Description = Hanging application YahooMessenger.exe, version 11.5.0.192, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/16/2012 5:29:34 PM | Computer Name = DGJ2NV51 | Source = MsiInstaller | ID = 11721
Description = Product: HP Photosmart Essential 2.5 -- Error 1721. There is a problem
with this Windows Installer package. A program required for this install to complete
could not be run. Contact your support personnel or package vendor. Action: KillMon.27372AF7_42C8_4792_AC6F_A9ACB331F2E7,
location: C:\Program Files\HP\Digital Imaging\bin\, command: C:\Program Files\HP\Digital
Imaging\bin\HpqSRmon.exe "-off"

Error - 4/16/2012 5:29:37 PM | Computer Name = DGJ2NV51 | Source = MsiInstaller | ID = 11721
Description = Product: HP Photosmart Essential 2.5 -- Error 1721. There is a problem
with this Windows Installer package. A program required for this install to complete
could not be run. Contact your support personnel or package vendor. Action: KillMon.27372AF7_42C8_4792_AC6F_A9ACB331F2E7,
location: C:\Program Files\HP\Digital Imaging\bin\, command: C:\Program Files\HP\Digital
Imaging\bin\HpqSRmon.exe "-off"

Error - 4/16/2012 5:29:39 PM | Computer Name = DGJ2NV51 | Source = MsiInstaller | ID = 11721
Description = Product: HP Photosmart Essential 2.5 -- Error 1721. There is a problem
with this Windows Installer package. A program required for this install to complete
could not be run. Contact your support personnel or package vendor. Action: KillMon.27372AF7_42C8_4792_AC6F_A9ACB331F2E7,
location: C:\Program Files\HP\Digital Imaging\bin\, command: C:\Program Files\HP\Digital
Imaging\bin\HpqSRmon.exe "-off"

Error - 4/17/2012 6:28:16 AM | Computer Name = DGJ2NV51 | Source = MsiInstaller | ID = 11721
Description = Product: HP Photosmart Essential 2.5 -- Error 1721. There is a problem
with this Windows Installer package. A program required for this install to complete
could not be run. Contact your support personnel or package vendor. Action: KillMon.27372AF7_42C8_4792_AC6F_A9ACB331F2E7,
location: C:\Program Files\HP\Digital Imaging\bin\, command: C:\Program Files\HP\Digital
Imaging\bin\HpqSRmon.exe "-off"

Error - 4/21/2012 9:06:44 AM | Computer Name = DGJ2NV51 | Source = Application Hang | ID = 1002
Description = Hanging application YahooMessenger.exe, version 11.5.0.192, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/21/2012 9:06:48 AM | Computer Name = DGJ2NV51 | Source = Application Hang | ID = 1002
Description = Hanging application YahooMessenger.exe, version 11.5.0.192, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/21/2012 9:29:04 AM | Computer Name = DGJ2NV51 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: A connection with the server could not be established

[ System Events ]
Error - 4/21/2012 8:51:51 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/21/2012 8:51:51 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/21/2012 8:51:51 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/21/2012 8:51:51 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/21/2012 8:51:51 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/21/2012 8:59:01 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7000
Description = The SeaPort service failed to start due to the following error: %%2

Error - 4/21/2012 9:01:18 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/21/2012 9:02:24 AM | Computer Name = DGJ2NV51 | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 4/21/2012 9:02:51 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Windows Installer service
to connect.

Error - 4/21/2012 9:02:51 AM | Computer Name = DGJ2NV51 | Source = Service Control Manager | ID = 7000
Description = The Windows Installer service failed to start due to the following
error: %%1053


< End of report >





Vino's Event Viewer v01c run on Windows XP in English
Report run at 21/04/2012 10:04:51 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/04/2012 9:48:41 AM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The HP CUE DeviceDiscovery Service service hung on starting.

Log: 'System' Date/Time: 21/04/2012 9:46:30 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The SeaPort service failed to start due to the following error: The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





Vino's Event Viewer v01c run on Windows XP in English
Report run at 21/04/2012 10:03:35 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/04/2012 9:59:03 AM
Type: error Category: 0
Event: 11721 Source: MsiInstaller
Product: HP Photosmart Essential 2.5 -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: KillMon.27372AF7_42C8_4792_AC6F_A9ACB331F2E7, location: C:\Program Files\HP\Digital Imaging\bin\, command: C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe "-off"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/04/2012 9:59:03 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
Detection of product '{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}', feature 'UpgradeInformationFeature' failed during request for component '{F954278E-3C10-4388-9661-120B836CEEF5}'

Log: 'Application' Date/Time: 21/04/2012 9:59:03 AM
Type: warning Category: 0
Event: 1004 Source: MsiInstaller
Detection of product '{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}', feature 'UpgradeInformationFeature', component '{1EC44B3D-105E-4886-B548-3EDD8E7AD79D}' failed. The resource 'C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe' does not exist.

Log: 'Application' Date/Time: 21/04/2012 9:51:07 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
Detection of product '{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}', feature 'UpgradeInformationFeature' failed during request for component '{F954278E-3C10-4388-9661-120B836CEEF5}'

Log: 'Application' Date/Time: 21/04/2012 9:51:07 AM
Type: warning Category: 0
Event: 1004 Source: MsiInstaller
Detection of product '{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}', feature 'UpgradeInformationFeature', component '{1EC44B3D-105E-4886-B548-3EDD8E7AD79D}' failed. The resource 'C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe' does not exist.

Log: 'Application' Date/Time: 21/04/2012 9:50:20 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
Detection of product '{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}', feature 'UpgradeInformationFeature' failed during request for component '{F954278E-3C10-4388-9661-120B836CEEF5}'

Log: 'Application' Date/Time: 21/04/2012 9:50:20 AM
Type: warning Category: 0
Event: 1004 Source: MsiInstaller
Detection of product '{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}', feature 'UpgradeInformationFeature', component '{1EC44B3D-105E-4886-B548-3EDD8E7AD79D}' failed. The resource 'C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe' does not exist.
  • 0

#5
rockitout
Posted 21 April 2012 - 09:27 AM

rockitout

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
System Idle Process 0 93.75 0 K 16 K
procexp.exe 2540 3.13 21,204 K 26,980 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
AvastSvc.exe 1644 3.13 20,240 K 40,404 K avast! Service AVAST Software (Verified) AVAST Software
Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs
Ymsgr_tray.exe 4012 19,112 K 6,440 K Yahoo! Messenger Tray Yahoo! Inc. (Verified) Yahoo! Inc.
ycommon.exe 396 3,044 K 8,744 K YCommon Exe Module Yahoo!, Inc. (Unable to verify) Yahoo!, Inc.
ybrwicon.exe 1992 1,428 K 4,360 K YBrwIcon Yahoo! Inc. (Unable to verify) Yahoo! Inc.
wuauclt.exe 2668 2,712 K 4,956 K Windows Update Microsoft Corporation (Verified) Microsoft Windows Component Publisher
wscntfy.exe 2312 1,044 K 3,092 K Windows Security Center Notification App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
wmiprvse.exe 1196 3,056 K 7,824 K WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
wmiprvse.exe 2108 2,764 K 5,448 K WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
WLIDSVCM.EXE 3444 1,008 K 2,616 K Microsoft® Windows Live ID Service Monitor Microsoft Corporation (Verified) Microsoft Corporation
WLIDSVC.EXE 2748 5,056 K 9,024 K Microsoft® Windows Live ID Service Microsoft Corporation (Verified) Microsoft Corporation
winlogon.exe 704 6,624 K 4,584 K Windows NT Logon Application Microsoft Corporation (Verified) Microsoft Windows Component Publisher
UpdateChecker.exe 224 20,384 K 24,332 K FileHippo.com Update Checker FileHippo.com (Unable to verify) FileHippo.com
tfswctrl.exe 160 1,336 K 4,028 K Drive Letter Access Component Sonic Solutions (Unable to verify) Sonic Solutions
System 4 0 K 228 K
svchost.exe 1164 21,712 K 33,988 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 952 3,648 K 5,924 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1028 2,400 K 5,228 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1316 1,852 K 4,436 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 960 1,660 K 4,364 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1864 5,268 K 8,936 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2528 1,404 K 3,508 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2576 1,404 K 3,492 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2720 2,872 K 4,968 K Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
sprtsvc.exe 2612 3,116 K 1,200 K SupportSoft Agent Service SupportSoft, Inc. (Verified) Dell Inc.
sprtcmd.exe 1968 12,940 K 1,348 K Dell Support Center Updates SupportSoft, Inc. (Verified) Dell Inc.
spoolsv.exe 1720 4,128 K 6,148 K Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smss.exe 624 176 K 424 K Windows NT Session Manager Microsoft Corporation (Verified) Microsoft Windows Component Publisher
services.exe 748 3,288 K 4,424 K Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Component Publisher
searchindexer.exe 2908 19,692 K 10,500 K Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 3332 2,588 K 4,344 K Run a DLL as an App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
realsched.exe 208 1,528 K 572 K RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks, Inc.
PCMService.exe 2008 7,808 K 16,284 K PowerCinema Resident Program for Dell CyberLink Corp. (Unable to verify) CyberLink Corp.
MsMpEng.exe 1120 35,980 K 41,492 K Service Executable Microsoft Corporation (Verified) Microsoft Corporation
msiexec.exe 1884 3,384 K 6,452 K Windows® installer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
mmtask.exe 2016 1,016 K 3,164 K <Musicmatch System Tray Application> Musicmatch Inc. (Unable to verify) Musicmatch Inc.
McSACore.exe 2224 16,524 K 4,744 K SiteAdvisor McAfee, Inc. (Verified) McAfee, Inc.
mbamservice.exe 1940 127,856 K 125,580 K Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
mbamgui.exe 196 3,992 K 7,000 K Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
lsass.exe 760 4,332 K 1,892 K LSA Shell (Export Version) Microsoft Corporation (Verified) Microsoft Windows Component Publisher
igfxpers.exe 2032 1,348 K 4,008 K persistence Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
hpqtra08.exe 348 7,004 K 14,416 K HP Digital Imaging Monitor Hewlett-Packard Co. (Verified) Hewlett Packard
hpqste08.exe 3808 5,276 K 9,664 K HP CUE Status Root Hewlett-Packard Co. (Unable to verify) Hewlett-Packard Co.
hpqste08.exe 1984 4,712 K 8,924 K HP CUE Status Root Hewlett-Packard Co. (Unable to verify) Hewlett-Packard Co.
hpqgpc01.exe 4044 2,640 K 8,044 K GPCore COM object Hewlett-Packard (Unable to verify) Hewlett-Packard
hpqbam08.exe 4040 1,592 K 4,832 K HP CUE Alert Popup Window Objects Hewlett-Packard Co. (Unable to verify) Hewlett-Packard Co.
hkcmd.exe 2044 1,060 K 3,156 K hkcmd Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
explorer.exe 1652 17,784 K 28,516 K Windows Explorer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
DVDLauncher.exe 140 1,076 K 3,436 K CyberLink PowerCinema Resident Program CyberLink Corp. (Unable to verify) CyberLink Corp.
DesktopWeather.exe 228 52,424 K 16,860 K The Weather Channel Interactive, Inc. (Verified) The Weather Channel Interactive, Inc.
ctfmon.exe 244 1,400 K 4,464 K CTF Loader Microsoft Corporation (Verified) Microsoft Windows Component Publisher
csrss.exe 680 1,912 K 4,364 K Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Component Publisher
apdproxy.exe 168 2,852 K 5,556 K Adobe Photoshop Album Starter Edition 3.2 component Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
alg.exe 2060 1,444 K 3,796 K Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher






Summary
Operating System
MS Windows XP Home 32-bit SP3
CPU
Intel Pentium 4
Prescott 90nm Technology
RAM
1.00 GB Dual-Channel DDR @ 166MHz (2.5-3-3-7)
Motherboard
Dell Computer Corp. 0N6381 (Microprocessor)
Graphics
Default Monitor (1024x768@60Hz)
Intel® 82865G Graphics Controller
Hard Drives
78GB Seagate ST380011A (PATA) 31 °C
Optical Drives
HL-DT-ST DVD-ROM GDR8163B
TEAC DVD+RW DV-W58E
Audio
Unimodem Half-Duplex Audio Device
Operating System
MS Windows XP Home 32-bit SP3
Installation Date: 12 December 2005, 21:05
Serial Number: xxxxxxxxxxxxxxxxxxxxxxxxxx
Windows Security Center
Firewall Disabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Antivirus
Antivirus Enabled
Company Name AVAST Software
Display Name avast! Antivirus
Product Version 5.0.117441938
Environment Variables
USERPROFILE C:\Documents and Settings\Larry
SystemRoot C:\WINDOWS
User Variables
TEMP C:\Documents and Settings\Larry\Local Settings\Temp
TMP C:\Documents and Settings\Larry\Local Settings\Temp
path %CommonProgramFiles%\Microsoft Shared\Windows Live
Machine Variables
ComSpec C:\WINDOWS\system32\cmd.exe
Path C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\system32\wbem
%CommonProgramFiles%\Microsoft Shared\Windows Live
C:\PROGRA~1\COMMON~1\SONICS~1
C:\Program Files\QuickTime\QTSystem
windir C:\WINDOWS
FP_NO_HOST_CHECK NO
OS Windows_NT
PROCESSOR_ARCHITECTURE x86
PROCESSOR_LEVEL 15
PROCESSOR_IDENTIFIER x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_REVISION 0304
NUMBER_OF_PROCESSORS 1
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
VERSION 3.0.5.001
SESSIONID 1136886947673htx60601b45934:108cdf03e4e:-1ee8
COLLECTIONID COL8143
ITEMID dj-22741-15
UPDATEDIR C:\DOCUME~1\Larry\LOCALS~1\Temp\rad53754.tmp
TOOLPATH /C:\Program%20Files\HP\HP%20Software%20Update\install.htm
HMSERVER https://wwss1proa.cc...let/WUSSServlet
SWUTVER 1.0.22.20030804
OSVER winXPH
LANG 1033
TIMEOUT 0
CLASSPATH .;C:\Program Files\Java\jre7\lib\ext\QTJava.zip
QTJAVA C:\Program Files\Java\jre7\lib\ext\QTJava.zip
Battery
AC line Online
Battery full time Unknown
Battery Charge % Unknown
Battery State No Battery
Amount of time remaining (sec) Unknown
Power Profile
Active power scheme Home/Office Desk
Hibernation Disabled
Power Shutdown Enabled
Power Suspend Enabled
Turn Off Monitor after: (On AC Power) 20 min
Turn Off Monitor after: (On Battery Power) 5 min
Turn Off Hard Disk after: (On AC Power) 60 min
Turn Off Hard Disk after: (On Battery Power) 10 min
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) 5 min
Screen saver Enabled
Uptime
Current Session
Current Time 4/21/2012 10:10:33 AM
Current Uptime 1518 sec (0 d, 00 h, 25 m, 18 s)
Last Boot Time 4/21/2012 9:45:15 AM
Last ShutDown Time 4/21/2012 9:44:47 AM
Uptime Statistics
First Boot Time 4/21/2012 9:46:02 AM
First Shutdown Time 4/21/2012 9:44:47 AM
Total Uptime 1477 sec (0 d, 00 h, 24 m, 37 s)
Total Downtime 75 sec (0 d, 00 h, 01 m, 15 s)
Longest Uptime 1477 sec (0 d, 00 h, 24 m, 37 s)
Longest Downtime 75 sec (0 d, 00 h, 01 m, 15 s)
Total Reboots 1
System Availability 95.17%
TimeZone
TimeZone GMT -6 Hours
Language English
Country United States
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
4/21/2012 10:10 AM;Every 1 hour(s) from 12:10 AM for 24 hour(s) every day, starting 1/1/2000 Adobe Flash Player Updater
4/21/2012 10:36 AM;Every 1 hour(s) from 11:36 PM for 24 hour(s) every day, starting 3/22/2012 GoogleUpdateTaskMachineUA
4/21/2012 11:36 PM;Run at user logon GoogleUpdateTaskMachineCore
4/22/2012 2:11 AM;At 2:11 AM every day, starting 4/21/2012 MP Scheduled Scan
4/27/2012 7:58 AM;At 7:58 AM every Fri of every week, starting 12/12/2011 AppleSoftwareUpdate
4/27/2012 11:10 PM;At 11:10 PM every 7 days, starting 3/9/2012 RealUpgradeScheduledTaskS-1-5-21-2740297282-3233457664-774040315-1006
Run at user logon RealUpgradeLogonTaskS-1-5-21-2740297282-3233457664-774040315-1006
Process List
alg.exe
Process ID 2060
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\System32\alg.exe
Memory Usage 3.71 MB
Peak Memory Usage 3.71 MB
apdproxy.exe
Process ID 168
User Larry
Domain DGJ2NV51
Path C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
Memory Usage 5.43 MB
Peak Memory Usage 5.84 MB
avastsvc.exe
Process ID 1644
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
Memory Usage 45 MB
Peak Memory Usage 66 MB
csrss.exe
Process ID 680
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\csrss.exe
Memory Usage 4.55 MB
Peak Memory Usage 4.63 MB
ctfmon.exe
Process ID 244
User Larry
Domain DGJ2NV51
Path C:\WINDOWS\system32\ctfmon.exe
Memory Usage 4.38 MB
Peak Memory Usage 4.39 MB
desktopweather.exe
Process ID 228
User Larry
Domain DGJ2NV51
Path C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
Memory Usage 16 MB
Peak Memory Usage 59 MB
dvdlauncher.exe
Process ID 140
User Larry
Domain DGJ2NV51
Path C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
Memory Usage 3.36 MB
Peak Memory Usage 3.36 MB
explorer.exe
Process ID 1652
User Larry
Domain DGJ2NV51
Path C:\WINDOWS\Explorer.EXE
Memory Usage 28 MB
Peak Memory Usage 32 MB
hkcmd.exe
Process ID 2044
User Larry
Domain DGJ2NV51
Path C:\WINDOWS\system32\hkcmd.exe
Memory Usage 3.08 MB
Peak Memory Usage 3.09 MB
hpqbam08.exe
Process ID 4040
User Larry
Domain DGJ2NV51
Path C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
Memory Usage 4.72 MB
Peak Memory Usage 4.72 MB
hpqgpc01.exe
Process ID 4044
User Larry
Domain DGJ2NV51
Path C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
Memory Usage 7.86 MB
Peak Memory Usage 7.88 MB
hpqste08.exe
Process ID 3808
User Larry
Domain DGJ2NV51
Path C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
Memory Usage 9.44 MB
Peak Memory Usage 9.46 MB
hpqste08.exe
Process ID 1984
User Larry
Domain DGJ2NV51
Path C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
Memory Usage 8.71 MB
Peak Memory Usage 8.72 MB
hpqtra08.exe
Process ID 348
User Larry
Domain DGJ2NV51
Path C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
igfxpers.exe
Process ID 2032
User Larry
Domain DGJ2NV51
Path C:\WINDOWS\system32\igfxpers.exe
Memory Usage 3.91 MB
Peak Memory Usage 3.92 MB
lsass.exe
Process ID 760
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\lsass.exe
Memory Usage 1.93 MB
Peak Memory Usage 7.10 MB
mbamgui.exe
Process ID 196
User Larry
Domain DGJ2NV51
Path C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Memory Usage 6.84 MB
Peak Memory Usage 6.91 MB
mbamservice.exe
Process ID 1940
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
Memory Usage 122 MB
Peak Memory Usage 197 MB
mcsacore.exe
Process ID 2224
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
Memory Usage 4.67 MB
Peak Memory Usage 12 MB
mmtask.exe
Process ID 2016
User Larry
Domain DGJ2NV51
Path C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
Memory Usage 3.09 MB
Peak Memory Usage 3.10 MB
msmpeng.exe
Process ID 1120
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Windows Defender\MsMpEng.exe
Memory Usage 47 MB
Peak Memory Usage 53 MB
pcmservice.exe
Process ID 2008
User Larry
Domain DGJ2NV51
Path C:\Program Files\Dell\Media Experience\PCMService.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
realsched.exe
Process ID 208
User Larry
Domain DGJ2NV51
Path C:\Program Files\Real\RealPlayer\update\realsched.exe
Memory Usage 612 KB
Peak Memory Usage 3.30 MB
rundll32.exe
Process ID 3332
User Larry
Domain DGJ2NV51
Path C:\WINDOWS\system32\rundll32.exe
Memory Usage 4.24 MB
Peak Memory Usage 4.25 MB
searchfilterhost.exe
Process ID 856
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchFilterHost.exe
Memory Usage 4.69 MB
Peak Memory Usage 4.69 MB
searchindexer.exe
Process ID 2908
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchIndexer.exe
Memory Usage 11 MB
Peak Memory Usage 15 MB
searchprotocolhost.exe
Process ID 808
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchProtocolHost.exe
Memory Usage 5.99 MB
Peak Memory Usage 5.99 MB
services.exe
Process ID 748
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\services.exe
Memory Usage 4.34 MB
Peak Memory Usage 4.75 MB
smss.exe
Process ID 624
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 424 KB
Peak Memory Usage 696 KB
speccy.exe
Process ID 2408
User Larry
Domain DGJ2NV51
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 18 MB
Peak Memory Usage 26 MB
spoolsv.exe
Process ID 1720
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\spoolsv.exe
Memory Usage 6.00 MB
Peak Memory Usage 6.13 MB
sprtcmd.exe
Process ID 1968
User Larry
Domain DGJ2NV51
Path C:\Program Files\Dell Support Center\bin\sprtcmd.exe
Memory Usage 1.32 MB
Peak Memory Usage 9.69 MB
sprtsvc.exe
Process ID 2612
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Dell Support Center\bin\sprtsvc.exe
Memory Usage 1.17 MB
Peak Memory Usage 5.61 MB
svchost.exe
Process ID 960
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.26 MB
Peak Memory Usage 4.27 MB
svchost.exe
Process ID 1864
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 8.73 MB
Peak Memory Usage 8.82 MB
svchost.exe
Process ID 2528
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 3.43 MB
Peak Memory Usage 3.43 MB
svchost.exe
Process ID 2576
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 3.41 MB
Peak Memory Usage 3.41 MB
svchost.exe
Process ID 2720
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.85 MB
Peak Memory Usage 4.88 MB
svchost.exe
Process ID 1316
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.34 MB
Peak Memory Usage 4.47 MB
svchost.exe
Process ID 952
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.78 MB
Peak Memory Usage 5.83 MB
svchost.exe
Process ID 1164
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 33 MB
Peak Memory Usage 189 MB
svchost.exe
Process ID 1028
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.11 MB
Peak Memory Usage 5.16 MB
system
Process ID 4
Memory Usage 228 KB
Peak Memory Usage 2.00 MB
system idle process
Process ID 0
tfswctrl.exe
Process ID 160
User Larry
Domain DGJ2NV51
Path C:\WINDOWS\system32\dla\tfswctrl.exe
Memory Usage 3.93 MB
Peak Memory Usage 3.94 MB
updatechecker.exe
Process ID 224
User Larry
Domain DGJ2NV51
Path C:\Program Files\FileHippo.com\UpdateChecker.exe
Memory Usage 24 MB
Peak Memory Usage 24 MB
winlogon.exe
Process ID 704
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\winlogon.exe
Memory Usage 4.47 MB
Peak Memory Usage 14 MB
wlidsvc.exe
Process ID 2748
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 8.81 MB
Peak Memory Usage 9.00 MB
wlidsvcm.exe
Process ID 3444
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 2.55 MB
Peak Memory Usage 2.55 MB
wmiprvse.exe
Process ID 2108
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 5.31 MB
Peak Memory Usage 5.38 MB
wmiprvse.exe
Process ID 3468
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 6.89 MB
Peak Memory Usage 6.89 MB
wscntfy.exe
Process ID 2312
User Larry
Domain DGJ2NV51
Path C:\WINDOWS\system32\wscntfy.exe
Memory Usage 3.02 MB
Peak Memory Usage 3.02 MB
wuauclt.exe
Process ID 2668
User Larry
Domain DGJ2NV51
Path C:\WINDOWS\system32\wuauclt.exe
Memory Usage 4.84 MB
Peak Memory Usage 4.85 MB
ybrwicon.exe
Process ID 1992
User Larry
Domain DGJ2NV51
Path C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
Memory Usage 4.26 MB
Peak Memory Usage 4.27 MB
ycommon.exe
Process ID 396
User Larry
Domain DGJ2NV51
Path C:\PROGRA~1\Yahoo!\browser\ycommon.exe
Memory Usage 8.55 MB
Peak Memory Usage 8.80 MB
ymsgr_tray.exe
Process ID 4012
User Larry
Domain DGJ2NV51
Path C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
Memory Usage 6.29 MB
Peak Memory Usage 6.30 MB
Hotfixes
4/20/2012 Definition Update for Windows Defender - KB915597 (Definition 1.125.146.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/17/2012 Definition Update for Windows Defender - KB915597 (Definition 1.123.1936.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/17/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2675157)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/17/2012 Windows Malicious Software Removal Tool - April 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/17/2012 Security Update for Windows XP (KB2653956)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2012 Definition Update for Windows Defender - KB915597 (Definition 1.123.1683.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/7/2012 Definition Update for Windows Defender - KB915597 (Definition 1.123.1222.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/5/2012 Definition Update for Windows Defender - KB915597 (Definition 1.123.978.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/1/2012 Bing Bar 7.1 (KB2673773)
Bing Bar 7.1 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
3/31/2012 Definition Update for Windows Defender - KB915597 (Definition 1.123.738.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/29/2012 Definition Update for Windows Defender - KB915597 (Definition 1.123.449.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/23/2012 Definition Update for Windows Defender - KB915597 (Definition 1.123.212.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/20/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.1871.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/17/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.1660.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/14/2012 Security Update for Windows XP (KB2621440)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/14/2012 Security Update for Windows XP (KB2641653)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/14/2012 Windows Malicious Software Removal Tool - March 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/14/2012 Update Rollup for ActiveX Killbits for Windows XP (KB2647518)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
3/14/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.1421.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/13/2012 Security Update for Windows XP (KB2621440)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/10/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.1200.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/7/2012 Microsoft Office Compatibility Pack Service Pack 3 (SP3)
Service Pack 3 provides the latest updates to the Microsoft Office
Compatibility Pack.
3/6/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.966.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/3/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.737.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/29/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.548.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/24/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.303.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/21/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.61.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/18/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2633880)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/18/2012 Windows Malicious Software Removal Tool - February 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/18/2012 Security Update for Windows XP (KB2660465)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/18/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2647516)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/18/2012 Security Update for Microsoft Silverlight (KB2668562)
This security update to Silverlight includes fixes outlined in
KBs 2651026 and 2668562. This update is backward compatible with
web applications built using previous versions of Silverlight.
2/18/2012 Security Update for Windows XP (KB2661637)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/18/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.2141.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/14/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.1924.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/10/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.1683.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/7/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.1449.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/5/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.1249.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/31/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.978.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/27/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.772.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/24/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.477.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/21/2012 Definition Update for Windows Defender - KB915597 (Definition 1.119.236.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/17/2012 Definition Update for Windows Defender - KB915597 (Definition 1.117.3022.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/14/2012 Security Update for Windows XP (KB2585542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
1/14/2012 Definition Update for Windows Defender - KB915597 (Definition 1.117.2807.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/10/2012 Security Update for Windows XP (KB2646524)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/10/2012 Security Update for Windows XP (KB2631813)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/10/2012 Windows Malicious Software Removal Tool - January 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
1/10/2012 Security Update for Windows XP (KB2598479)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/10/2012 Security Update for Windows XP (KB2603381)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/10/2012 Security Update for Windows XP (KB2584146)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/10/2012 Definition Update for Windows Defender - KB915597 (Definition 1.117.2549.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/8/2012 Definition Update for Windows Defender - KB915597 (Definition 1.117.2358.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/4/2012 Definition Update for Windows Defender - KB915597 (Definition 1.117.2154.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/31/2011 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2657424)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/31/2011 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/31/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656352)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/30/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.1973.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/29/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.1787.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/23/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.1627.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/20/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.1411.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.1189.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/14/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2596843)
A security vulnerability exists in Microsoft Office PowerPoint
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/14/2011 Security Update for Windows XP (KB2639417)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/14/2011 Security Update for Windows XP (KB2624667)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/14/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2618444)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/14/2011 Windows Malicious Software Removal Tool - December 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/14/2011 Security Update for Microsoft Office 2007 suites (KB2596785)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/14/2011 Update for Windows XP (KB2633952)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
12/14/2011 Security Update for Windows XP (KB2619339)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/14/2011 Cumulative Security Update for ActiveX Killbits for Windows XP (KB2618451)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
12/14/2011 Update for Microsoft Office 2007 suites (KB2596789)
Microsoft has released an update for Microsoft Office 2007 suites
. This update provides the latest fixes to Microsoft Office 2007
suites . Additionally, this update contains stability and performance
improvements.
12/14/2011 Security Update for Windows XP (KB2620712)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/14/2011 Security Update for Windows XP (KB2633171)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/14/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.953.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/9/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.692.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/6/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.433.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/3/2011 Definition Update for Windows Defender - KB915597 (Definition 1.117.154.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/30/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.2785.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/26/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.2571.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/22/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.2351.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/21/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.2100.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.1923.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/11/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.1674.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/11/2011 Update for Windows XP (KB2641690)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
11/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.1462.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/9/2011 Security Update for Windows XP (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
11/9/2011 Windows Malicious Software Removal Tool - November 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/9/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.1462.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/5/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.1237.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.998.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/28/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.766.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/25/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.502.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/21/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.250.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.1886.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.1652.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/14/2011 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2572067)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2011 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2572067)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/12/2011 Security Update for Microsoft Silverlight (KB2617986)
This security update to Silverlight includes fixes outlined in
KBs 2604930 and 2617986. This update is backward compatible with
web applications built using previous versions of Silverlight.
10/12/2011 Security Update for Windows XP (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/12/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2572073)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/12/2011 Windows Malicious Software Removal Tool - October 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/12/2011 Security Update for Windows XP (KB2567053)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/12/2011 Security Update for Windows XP (KB2592799)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/12/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2586448)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/12/2011 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2572067)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/12/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.1466.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/11/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.1394.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/9/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.1136.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/4/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.874.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/30/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.631.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/28/2011 Windows Malicious Software Removal Tool - September 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/28/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.359.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/24/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.126.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/21/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.2630.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.2389.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/15/2011 Security Update for Microsoft Office 2007 System (KB2584063)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Security Update for Microsoft Office 2007 System (KB2553090)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Update for Windows XP (KB2616676)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
9/14/2011 Windows Malicious Software Removal Tool - September 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/14/2011 Security Update for Windows XP (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/14/2011 Security Update for the 2007 Microsoft Office System (KB2553074)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
9/14/2011 Security Update for Microsoft Office 2007 System (KB2584063)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.2089.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1823.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/8/2011 Update for Windows XP (KB2607712)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
9/6/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1554.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/2/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1301.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/31/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1045.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/26/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.775.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/26/2011 Update for Windows XP (KB2570791)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
8/23/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.490.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/19/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.216.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.35.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1918.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/12/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1657.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/12/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2539631)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/12/2011 Security Update for Windows XP (KB2567680)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/12/2011 Security Update for Windows XP (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/12/2011 Security Update for Windows XP (KB2570222)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
8/12/2011 Windows Malicious Software Removal Tool - August 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/12/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2559049)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/12/2011 Security Update for Windows XP (KB2566454)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/12/2011 Update Rollup for ActiveX Killbits for Windows XP (KB2562937)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/12/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1371.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/10/2011 Security Update for Windows XP (KB2567680)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/10/2011 Security Update for Windows XP (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/10/2011 Security Update for Windows XP (KB2570222)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
8/10/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2559049)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/10/2011 Security Update for Windows XP (KB2566454)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/10/2011 Update Rollup for ActiveX Killbits for Windows XP (KB2562937)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/10/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2539631)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1371.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/10/2011 Windows Malicious Software Removal Tool - August 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/6/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1136.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/2/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.869.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/30/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.625.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/27/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.351.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/22/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.116.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/19/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.2067.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1837.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/13/2011 Security Update for Windows XP (KB2507938)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/13/2011 Windows Malicious Software Removal Tool - July 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
7/13/2011 Security Update for Windows XP (KB2555917)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/12/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1567.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/9/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1308.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/5/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1036.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.834.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/29/2011 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
6/29/2011 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2478658)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
6/29/2011 Update for Windows XP (KB2541763)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/29/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.553.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/26/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.328.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/22/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.49.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.2171.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/17/2011 Security Update for Windows XP (KB2476490)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Security Update for Microsoft Excel 2002 (KB2541003)
A security vulnerability exists in Microsoft Excel 2002 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
6/17/2011 Windows Malicious Software Removal Tool - June 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
6/17/2011 Update for Microsoft Office 2007 System (KB2539530)
Microsoft has released an update for Microsoft Office 2007 System.
This update provides the latest fixes to Microsoft Office 2007
System. Additionally, this update adds support for the new Indian
rupee currency symbol.
6/17/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/17/2011 Security Update for Microsoft Silverlight (KB2512827)
This security update to Silverlight includes fixes outlined in
KBs 2514842 and 2512827. This update is backward compatible with
web applications built using previous versions of Silverlight.
6/17/2011 Security Update for Windows XP (KB2503665)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Security Update for Windows XP (KB2535512)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
6/17/2011 Security Update for Windows XP (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2530548)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/17/2011 Security Update for Windows XP (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
6/17/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/17/2011 Security Update for Internet Explorer 8 for Windows XP (KB2544521)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1913.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/17/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1913.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1687.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/8/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1413.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/5/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2467175)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/4/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1184.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.929.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/28/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2467174)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
5/28/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.646.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/24/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.365.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/21/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.124.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1875.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/13/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1631.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/12/2011 Windows Malicious Software Removal Tool - May 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/12/2011 Security Update for Microsoft PowerPoint 2002 (KB2535802)
A security vulnerability exists in Microsoft PowerPoint 2002
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/12/2011 Security Update for Microsoft Office 2007 System (KB2540162)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
5/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1349.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/7/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1139.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/3/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.900.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/2/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
5/1/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
5/1/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/30/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.682.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/29/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/27/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/27/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/27/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.468.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/25/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/24/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/23/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.286.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/21/2011 Update for Microsoft Silverlight (KB2526954)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
4/20/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/19/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.42.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/17/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.1523.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/15/2011 Security Update for Windows XP (KB2485663)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Security Update for Microsoft Excel 2002 (KB2466169)
A security vulnerability exists in Microsoft Excel 2002 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
4/15/2011 Security Update for Windows XP (KB2506223)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2497640)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/15/2011 Security Update for Windows XP (KB2412687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2446704)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/15/2011 Cumulative Security Update for ActiveX Killbits for Windows XP (KB2508272)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
4/15/2011 Security Update for Microsoft Office 2007 System (KB2464635)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
4/15/2011 Security Update for Windows XP (KB2503658)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/15/2011 Security Update for Microsoft Office 2007 System (KB2509488)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
4/15/2011 Security Update for Windows XP (KB2507618)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Security Update for Windows XP (KB2508429)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Security Update for Windows XP (KB2511455)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Security Update for the 2007 Microsoft Office System (KB2466156)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
4/15/2011 Security Update for Windows XP (KB2506212)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/15/2011 Security Update for Microsoft PowerPoint 2002 (KB2464617)
A security vulnerability exists in Microsoft PowerPoint 2002
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
4/15/2011 Security Update for Microsoft Office XP (KB2509461)
A security vulnerability exists in Microsoft Office XP that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
4/15/2011 Security Update for Windows XP (KB2509553)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Security Update for Windows XP (KB2510531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.1291.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.1291.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/13/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/11/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/11/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/10/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/10/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/9/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/9/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/9/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/9/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.1074.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/8/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/7/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/6/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/6/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/6/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/5/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/5/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.822.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/4/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/2/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/2/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/2/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/2/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/2/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/1/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/1/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
4/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.609.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/1/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
3/31/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
3/31/2011 Update for Microsoft Silverlight (KB2495644)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
3/31/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
3/31/2011 Update for Microsoft Silverlight (KB2477244)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
3/31/2011 Update for Windows XP (KB2524375)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
3/31/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.352.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/29/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.352.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/25/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.118.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/23/2011 Update for Windows XP (KB2524375)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
3/23/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.1684.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/23/2011 Update for Windows XP (KB2524375)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
3/22/2011 Bing Bar 7.0 (KB2505591)
Bing Bar 7.0 (formerly branded MSN Toolbar) is an Internet Explorer
toolbar. This Bing Bar upgrade delivers new Bing search capabilities,
improves performance, and enhances stability.
3/21/2011 Update for Windows XP (KB971029)
Install this update to restrict AutoRun entries in the AutoPlay
dialog to only CD and DVD drives. After you install this item,
you may have to restart your computer.
3/21/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.1460.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/18/2011 Update for Microsoft Silverlight (KB2495644)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
3/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.1226.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/12/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.1034.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/8/2011 Security Update for Windows XP (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/8/2011 Windows Malicious Software Removal Tool - March 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/8/2011 Security Update for Windows XP (KB2481109)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/8/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.800.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/5/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.567.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.322.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/26/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.94.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/23/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.2292.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/19/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.2020.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.1752.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/12/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.1491.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/9/2011 Security Update for Windows XP (KB2478971)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/9/2011 Security Update for Windows XP (KB2485376)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/9/2011 Security Update for Windows XP (KB2479628)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/9/2011 Security Update for Windows XP (KB2483185)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/9/2011 Windows Malicious Software Removal Tool - February 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/9/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2482017)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/9/2011 Security Update for Windows XP (KB2476687)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain access to information.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
2/9/2011 Security Update for Windows XP (KB2478960)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/9/2011 Security Update for Windows XP (KB2393802)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/9/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.1233.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/5/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.984.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.757.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/29/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.544.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/25/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.286.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/21/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.22.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/19/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.4180.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.3914.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/12/2011 Windows Malicious Software Removal Tool - January 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
1/12/2011 Security Update for Windows XP (KB2419632)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/12/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.3662.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/8/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.3426.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/6/2011 Update for Microsoft Silverlight (KB2477244)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
1/5/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.3177.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/31/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.2986.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/29/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.2722.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/26/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.2533.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/22/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.2197.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/17/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1996.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/17/2010 Security Update for Windows XP (KB2296199)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/17/2010 Security Update for Windows XP (KB2443105)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/17/2010 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2416400)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/17/2010 Security Update for Windows XP (KB2440591)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/17/2010 Update for Windows XP (KB2443685)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
12/17/2010 Security Update for Windows XP (KB2436673)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/17/2010 Windows Malicious Software Removal Tool - December 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/16/2010 Security Update for Microsoft Publisher 2002 (KB2284692)
A security vulnerability exists in Microsoft Publisher 2002 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/16/2010 Update for Internet Explorer for Windows XP (KB2467659)
Install this update to resolve issues in Internet Explorer. For
a complete listing of the issues that are included in this update,
see the associated Microsoft Knowledge Base article for more
information. After you install this item, you may have to restart
your computer.
12/16/2010 Security Update for Microsoft Office XP (KB2289162)
A security vulnerability exists in Microsoft Office XP that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
12/16/2010 Security Update for Windows XP (KB2423089)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1764.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/11/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1522.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/8/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1304.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/3/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1100.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/1/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.861.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/27/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.656.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/24/2010 Update for Microsoft Search Enhancement Pack
This update improves performance and reliability of Microsoft
Search Enhancement Pack.
11/24/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.422.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/23/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.191.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/17/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1985.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/13/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1733.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/10/2010 Security Update for Microsoft Office 2007 System (KB2289158)
A security vulnerability exists in the 2007 Microsoft Office
System and the Compatibility Pack for the 2007 Office system
that could allow remote code execution. This update resolves
that vulnerability.
11/10/2010 Security Update for Microsoft Office XP (KB2289169)
A security vulnerability exists in Microsoft Office XP that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
11/10/2010 Windows Malicious Software Removal Tool - November 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/10/2010 Security Update for Microsoft PowerPoint 2002 (KB2413272)
A security vulnerability exists in Microsoft PowerPoint 2002
that could allow arbitrary code to run when a maliciously modified
document is opened. This update resolves that vulnerability.
11/10/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1456.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/5/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1238.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/4/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1130.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/2/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.948.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/30/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.695.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/26/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.468.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/23/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.284.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/19/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.26.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.1817.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/14/2010 Security Update for Windows XP (KB2387149)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/14/2010 Security Update for Windows XP (KB2279986)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/14/2010 Update for Windows XP (KB2345886)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
10/14/2010 Security Update for Windows XP (KB2296011)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/14/2010 Security Update for Windows XP (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/14/2010 Security Update for Windows XP (KB982132)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/14/2010 Security Update for the 2007 Microsoft Office System (KB2344875)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
10/14/2010 Security Update for the 2007 Microsoft Office System (KB2345043)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
10/14/2010 Security Update for Windows XP (KB979687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/14/2010 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2360131)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/14/2010 Windows Malicious Software Removal Tool - October 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/14/2010 Security Update for Windows XP (KB981957)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/14/2010 Security Update for Microsoft Word 2002 (KB2328360)
A security vulnerability exists in Microsoft Word 2002 that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
10/14/2010 Security Update for Microsoft Excel 2002 (KB2345017)
A security vulnerability exists in Microsoft Excel 2002 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/14/2010 Security Update for Windows XP (KB2360937)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/14/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.1591.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/14/2010 Security Update for Windows XP (KB2360937)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/9/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.1370.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/6/2010 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
10/6/2010 Security Update for Microsoft .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2418241)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
10/6/2010 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
10/5/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.1122.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/1/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.961.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/29/2010 Update for Microsoft Silverlight (KB2416427)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
9/29/2010 Update for Windows XP (KB2158563)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
9/28/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.724.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/25/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.452.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/22/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.253.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/17/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.14.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/17/2010 Security Update for Microsoft Office XP (KB2288608)
A security vulnerability exists in Microsoft Office XP that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
9/17/2010 Security Update for Microsoft Outlook 2002 (KB2293422)
A security vulnerability exists in Microsoft Outlook 2002 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/17/2010 Windows Malicious Software Removal Tool - September 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/16/2010 Security Update for Windows XP (KB2259922)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Security Update for Windows XP (KB975558)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Security Update for Windows XP (KB2347290)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Security Update for Windows XP (KB2121546)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Security Update for Windows XP (KB982802)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Security Update for Windows XP (KB981322)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Update for Windows XP (KB2141007)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
9/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.1620.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.1620.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/11/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.1411.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/8/2010 Update for Microsoft Silverlight (KB2164913)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
9/7/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.1145.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/4/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.901.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/1/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.660.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/28/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.471.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/25/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.207.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/24/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.175.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/20/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.2231.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.1998.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/14/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.1828.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/13/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.1764.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
System Folders
Path for burning CD C:\Documents and Settings\Larry\Local Settings\Application Data\Microsoft\CD Burning
Application Data C:\Documents and Settings\All Users\Application Data
Public Desktop C:\Documents and Settings\All Users\Desktop
Documents C:\Documents and Settings\All Users\Documents
Global Favorites C:\Documents and Settings\All Users\Favorites
Music C:\Documents and Settings\All Users\Documents\My Music
Pictures C:\Documents and Settings\All Users\Documents\My Pictures
Start Menu Programs C:\Documents and Settings\All Users\Start Menu\Programs
Start Menu C:\Documents and Settings\All Users\Start Menu
Startup C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Templates C:\Documents and Settings\All Users\Templates
Videos C:\Documents and Settings\All Users\Documents\My Videos
Cookies C:\Documents and Settings\Larry\Cookies
Desktop C:\Documents and Settings\Larry\Desktop
Physical Desktop C:\Documents and Settings\Larry\Desktop
User Favorites C:\Documents and Settings\Larry\Favorites
Fonts C:\WINDOWS\Fonts
Internet History C:\Documents and Settings\Larry\Local Settings\History
Temporary Internet Files C:\Documents and Settings\Larry\Local Settings\Temporary Internet Files
Local Application Data C:\Documents and Settings\Larry\Local Settings\Application Data
Windows directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Program Files C:\Program Files
Device Tree
ACPI Uniprocessor PC
Microsoft ACPI-Compliant System
ACPI Power Button
Intel® Pentium® 4 CPU 2.80GHz
System board
ACPI Fixed Feature Button
PCI bus
Intel® 82865G\PE\P Processor to I/O Controller - 2570
Intel® 82801EB SMBus Controller - 24D3
SoundMAX Integrated Digital Audio
Intel® 82865G Graphics Controller
Default Monitor
Intel® 82801EB USB Universal Host Controller - 24D2
USB Root Hub
USB Composite Device
USB Human Interface Device
HID-compliant mouse
USB Human Interface Device
HID-compliant consumer control device
HID-compliant device
HID-compliant device
Intel® 82801EB USB Universal Host Controller - 24D4
USB Root Hub
Intel® 82801EB USB Universal Host Controller - 24DE
USB Root Hub
Intel® 82801EB USB2 Enhanced Host Controller - 24DD
USB Root Hub
Intel® 82801EB PCI Bridge - 244E
Intel® PRO/100 VE Network Connection
Intel® 536EP Modem
Unimodem Half-Duplex Audio Device
Intel® 82801EB LPC Interface Controller - 24D0
ISAPNP Read Data Port
Direct memory access controller
Numeric data processor
Programmable interrupt controller
System speaker
System CMOS/real time clock
System timer
Standard floppy disk controller
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PS/2 Compatible Mouse
Communications Port (COM1)
System board
ECP Printer Port (LPT1)
Printer Port Logical Interface
Intel® 82801EB Ultra ATA Storage Controllers
Primary IDE Channel
ST380011A
Secondary IDE Channel
HL-DT-ST DVD-ROM GDR8163B
TEAC DVD+RW DV-W58E
Services
Running Application Layer Gateway Service
Running Automatic Updates
Running avast! Antivirus
Running Background Intelligent Transfer Service
Running COM+ Event System
Running Computer Browser
Running CryptSvc
Running DCOM Server Process Launcher
Running DHCP Client
Running Distributed Link Tracking Client
Running Error Reporting Service
Running Event Log
Running Fast User Switching Compatibility
Running Help and Support
Running HID Input Service
Running HP CUE DeviceDiscovery Service
Running hpqcxs08
Running IPSEC Services
Running MBAMService
Running McAfee SiteAdvisor Service
Running Net Driver HPZ12
Running Network Connections
Running Network Location Awareness (NLA)
Running Plug and Play
Running Pml Driver HPZ12
Running Print Spooler
Running Protected Storage
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Secondary Logon
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery Service
Running SupportSoft Sprocket Service (dellsupportcenter)
Running System Event Notification
Running System Restore Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Themes
Running WebClient
Running Windows Audio
Running Windows Defender
Running Windows Firewall/Internet Connection Sharing (ICS)
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Search
Running Windows Time
Running Wireless Zero Configuration
Running Workstation
Stopped .NET Runtime Optimization Service v2.0.50727_X86
Stopped Adobe Flash Player Update Service
Stopped Alerter
Stopped Application Management
Stopped ASP.NET State Service
Stopped Automatic LiveUpdate Scheduler
Stopped ClipBook
Stopped COM+ System Application
Stopped Distributed Transaction Coordinator
Stopped DNS Client
Stopped DSBrokerService
Stopped Extensible Authentication Protocol Service
Stopped Google Update Service (gupdate1cac2de67bcfd4c)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management Service
Stopped HTTP SSL
Stopped IMAPI CD-Burning COM Service
Stopped Indexing Service
Stopped Intel NCS NetService
Stopped LiveUpdate
Stopped Logical Disk Manager
Stopped Logical Disk Manager Administrative Service
Stopped Messenger
Stopped MS Software Shadow Copy Provider
Stopped Net Logon
Stopped Net.Tcp Port Sharing Service
Stopped NetMeeting Remote Desktop Sharing
Stopped Network Access Protection Agent
Stopped Network DDE
Stopped Network DDE DSDM
Stopped Network Provisioning Service
Stopped NT LM Security Support Provider
Stopped Performance Logs and Alerts
Stopped Portable Media Serial Number Service
Stopped QoS RSVP
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Help Session Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Removable Storage
Stopped Routing and Remote Access
Stopped SeaPort
Stopped Smart Card
Stopped Uninterruptible Power Supply
Stopped Universal Plug and Play Device Host
Stopped Volume Shadow Copy
Stopped Windows CardSpace
Stopped Windows Driver Foundation - User-mode Driver Framework
Stopped Windows Installer
Stopped Windows Media Player Network Sharing Service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
CPU
Intel Pentium 4
Cores 1
Threads 1
Name Intel Pentium 4
Code Name Prescott
Package Socket 478 mPGA
Technology 90nm
Specification Intel® Pentium® 4 CPU 2.80GHz
Family F
Extended Family F
Model 3
Extended Model 3
Stepping 4
Revision D0
Instructions MMX, SSE, SSE2, SSE3
Virtualization Unsupported
Hyperthreading Not supported
Bus Speed 133.0 MHz
Rated Bus Speed 532.0 MHz
Stock Core Speed 2800 MHz
Stock Bus Speed 133 MHz
Caches
L1 Data Cache Size 16 KBytes
L1 trace cache 12 Kµops
L2 Unified Cache Size 1024 KBytes
Core 0
Core Speed 2793.0 MHz
Multiplier x 21.0
Bus Speed 133.0 MHz
Rated Bus Speed 532.0 MHz
Thread 1
APIC ID 0
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR
Size 1024 MBytes
Channels # Dual
DRAM Frequency 166.2 MHz
CAS# Latency (CL) 2.5 clocks
RAS# to CAS# Delay (tRCD) 3 clocks
RAS# Precharge (tRP) 3 clocks
Cycle Time (tRAS) 7 clocks
Physical Memory
Memory Usage 71 %
Total Physical MB
Available Physical 292 MB
Total Virtual 2.85 GB
Available Virtual 2.22 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR
Size 512 MBytes
Manufacturer Corsair
Max Bandwidth PC3200 (200 MHz)
Part Number VS512MB400
SPD Ext. EPP
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 2.5
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
Voltage 2.500 V
Slot #2
Type DDR
Size 512 MBytes
Manufacturer Corsair
Max Bandwidth PC3200 (200 MHz)
Part Number VS512MB400
SPD Ext. EPP
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 2.5
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
Voltage 2.500 V
Motherboard
Manufacturer Dell Computer Corp.
Model 0N6381 (Microprocessor)
Chipset Vendor Intel
Chipset Model i865P/PE/G/i848P
Chipset Revision A2
Southbridge Vendor Intel
Southbridge Model 82801EB (ICH5)
Southbridge Revision 02
BIOS
Brand Dell Computer Corporation
Version A01
Date 08/24/2004
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI1
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation PCI2
Slot Number 1
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI3
Slot Number 2
Graphics
Monitor
Name Default Monitor on Intel 82865G Graphics Controller
Current Resolution 1024x768 pixels
Work Resolution 1024x740 pixels
State enabled, primary
Monitor Width 1024
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Intel® 82865G Graphics Controller
Memory 96 MB
Memory type 2
Driver version 6.14.10.4396
OpenGL
Version 1.3.0 - Build 4.14.10.4396
Vendor Intel
Renderer Intel 865G
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 16
GL_MAX_TEXTURE_SIZE 2048
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_ARB_multitexture
GL_ARB_point_parameters
GL_ARB_texture_border_clamp
GL_ARB_texture_compression
GL_ARB_texture_cube_map
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_dot3
GL_ARB_texture_env_crossbar
GL_ARB_transpose_matrix
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_window_pos
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_blend_color
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_clip_volume_hint
GL_EXT_compiled_vertex_array
GL_EXT_cull_vertex
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_multi_draw_arrays
GL_EXT_packed_pixels
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_specular_color
GL_EXT_stencil_wrap
GL_EXT_texture_compression_s3tc
GL_EXT_texture_env_add
GL_EXT_texture_env_combine
GL_EXT_texture_filter_anisotropic
GL_3DFX_texture_compression_FXT1
GL_IBM_texture_mirrored_repeat
GL_NV_blend_square
GL_NV_texgen_reflection
GL_SGIS_generate_mipmap
GL_WIN_swap_hint
GL_EXT_bgra
Hard Drives
ST380011A
Manufacturer Seagate
Form Factor 3.5"
Heads 16
Cylinders 16383
Device type Fixed
ATA Standard ATA/ATAPI-6
LBA Size 48-bit LBA
Power On Count 5147 times
Power On Time 407.7 days
Features S.M.A.R.T., AAM
Transfer Mode Ultra DMA/100
Interface PATA
Capacity 78GB
Real size 80,000,000,000 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 062 (061 worst) Data 0000D8D6E5
03 Spin-Up Time 098 (098) Data 0000000000
04 Start/Stop Count 100 (100) Data 0000000009
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 089 (060) Data 00312739A3
09 Power-On Hours (POH) 089 (089) Data 0000002639
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 095 (095) Data 000000141B
C2 Temperature 031 (046) Data 000000001F
C3 Hardware ECC Recovered 062 (061) Data 0000D8D6E5
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 100 (253) Data 0000000000
CA Data Address Mark errors 100 (253) Data 0000000000
Temperature 31 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 47.0 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 78C06FBF
Size 71GB
Used Space 29.5GB (42%)
Free Space 41GB (58%)
Partition 2
Partition ID Disk #0, Partition #2
Size 3.50 GB
Optical Drives
HL-DT-ST DVD-ROM GDR8163B
Media Type CD-ROM
Name HL-DT-ST DVD-ROM GDR8163B
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 0
Status OK
TEAC DVD+RW DV-W58E
Media Type CD-ROM
Name TEAC DVD+RW DV-W58E
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
DriveIntegrity FALSE
Media Loaded TRUE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 1
Size 7.22 GB
Status OK
Transfer Rate 2156 KB/S
Volume Name ADVENTURES_OF_DR_G_3
Volume Serial Number E7E8E8F6
Audio
Sound Cards
Unimodem Half-Duplex Audio Device
SoundMAX Integrated Digital Audio
Playback Devices
SoundMAX Digital Audio
Modem #0 Line Record
Recording Devices
SoundMAX Digital Audio
Modem #0 Line Playback
Peripherals
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device Kind Keyboard
Device Name Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Location plugged into keyboard port
Driver
Date 7-1-2001
Version 5.1.2600.2180
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
PS/2 Compatible Mouse
Device Kind Mouse
Device Name PS/2 Compatible Mouse
Location plugged into PS/2 mouse port
Driver
Date 7-1-2001
Version 5.1.2600.0
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location Location 0
Driver
Date 7-1-2001
Version 5.1.2600.0
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
File C:\WINDOWS\system32\DRIVERS\mouhid.sys
Printers
HP Photosmart C5500 series (Default Printer)
Share Name HP Photosmart C5500 series
Printer Port USB001
Print Processor hpzpp692
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Photosmart C5500 series (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
HP Photosmart C5500 series (Copy 1)
Printer Port USB002
Print Processor hpzpp692
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Photosmart C5500 series (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
Network
You are connected to the internet
Connected through Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
IP Address 192.168.1.162
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 67.176.148.157
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name DGJ2NV51
DNS Name DGJ2NV51
Domain Name DGJ2NV51
Remote Desktop
Console
State Active
Domain DGJ2NV51
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect Yes
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Adapters List
Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
IP Address 192.168.1.162
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
HP Photosmart C5500 series HP Photosmart C5500 series,LocalsplOnly
Current TCP Connections
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1644)
Local 127.0.0.1:12025 LISTEN
Local 127.0.0.1:12080 LISTEN
Local 127.0.0.1:12110 LISTEN
Local 127.0.0.1:12119 LISTEN
Local 127.0.0.1:12143 LISTEN
Local 127.0.0.1:12563 LISTEN
Local 127.0.0.1:12993 LISTEN
Local 127.0.0.1:12995 LISTEN
Local 127.0.0.1:27275 LISTEN
Local 127.0.0.1:12080 ESTABLISHED Remote 127.0.0.1:1216 (Querying... )
Local 127.0.0.1:12465 LISTEN
Local 192.168.1.162:1107 ESTABLISHED Remote 195.39.12.52:80 (Querying... ) (HTTP)
Local 192.168.1.162:1217 ESTABLISHED Remote 96.8.81.123:80 (Querying... ) (HTTP)
C:\Program Files\Dell\Media Experience\PCMService.exe (2008)
Local 127.0.0.1:1040 CLOSE-WAIT Remote 127.0.0.1:12080 (Querying... )
C:\Program Files\FileHippo.com\UpdateChecker.exe (224)
Local 127.0.0.1:1025 LISTEN
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (228)
Local 127.0.0.1:1216 ESTABLISHED Remote 127.0.0.1:12080 (Querying... )
System Process
Local 127.0.0.1:12080 TIME-WAIT Remote 127.0.0.1:1297 (Querying... )
Local 192.168.1.162:1275 TIME-WAIT Remote 184.85.95.139:80 (Querying... ) (HTTP)
Local 192.168.1.162:1279 TIME-WAIT Remote 184.28.75.55:80 (Querying... ) (HTTP)
Local 192.168.1.162:1282 TIME-WAIT Remote 184.85.92.20:80 (Querying... ) (HTTP)
Local 192.168.1.162:1284 TIME-WAIT Remote 184.85.92.20:80 (Querying... ) (HTTP)
Local 192.168.1.162:1285 TIME-WAIT Remote 69.171.234.32:80 (Querying... ) (HTTP)
Local 192.168.1.162:1289 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.162:1290 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.162:1245 TIME-WAIT Remote 74.125.225.132:80 (Querying... ) (HTTP)
Local 192.168.1.162:1300 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.162:1302 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.162:1304 TIME-WAIT Remote 216.191.247.139:80 (Querying... ) (HTTP)
Local 192.168.1.162:1311 TIME-WAIT Remote 74.125.225.70:80 (Querying... ) (HTTP)
Local 127.0.0.1:12080 TIME-WAIT Remote 127.0.0.1:1241 (Querying... )
Local 192.168.1.162:1312 TIME-WAIT Remote 74.125.225.57:443 (Querying... ) (HTTPS)
Local 192.168.1.162:1314 TIME-WAIT Remote 8.18.45.81:80 (Querying... ) (HTTP)
Local 192.168.1.162:1316 TIME-WAIT Remote 8.18.45.81:80 (Querying... ) (HTTP)
Local 127.0.0.1:12080 TIME-WAIT Remote 127.0.0.1:1250 (Querying... )
Local 192.168.1.162:1318 TIME-WAIT Remote 96.17.77.32:80 (Querying... ) (HTTP)
Local 127.0.0.1:1237 TIME-WAIT Remote 127.0.0.1:12080 (Querying... )
Local 127.0.0.1:1276 TIME-WAIT Remote 127.0.0.1:12080 (Querying... )
Local 127.0.0.1:1319 TIME-WAIT Remote 127.0.0.1:12080 (Querying... )
Local 192.168.1.162:1323 TIME-WAIT Remote 75.125.156.34:80 (Querying... ) (HTTP)
Local 192.168.1.162:1329 TIME-WAIT Remote 75.125.17.69:80 (Querying... ) (HTTP)
Local 192.168.1.162:1330 TIME-WAIT Remote 72.5.58.118:80 (Querying... ) (HTTP)
Local 192.168.1.162:1221 TIME-WAIT Remote 96.17.77.11:80 (Querying... ) (HTTP)
Local 192.168.1.162:1225 TIME-WAIT Remote 199.7.48.190:80 (Querying... ) (HTTP)
Local 192.168.1.162:1226 TIME-WAIT Remote 199.7.51.190:80 (Querying... ) (HTTP)
Local 192.168.1.162:1227 TIME-WAIT Remote 199.7.59.190:80 (Querying... ) (HTTP)
Local 192.168.1.162:1229 TIME-WAIT Remote 96.17.77.11:80 (Querying... ) (HTTP)
Local 192.168.1.162:1231 TIME-WAIT Remote 199.7.59.190:80 (Querying... ) (HTTP)
Local 192.168.1.162:1240 TIME-WAIT Remote 96.17.77.18:80 (Querying... ) (HTTP)
Local 192.168.1.162:1243 TIME-WAIT Remote 74.125.225.1:443 (Querying... ) (HTTPS)
Local 192.168.1.162:1306 TIME-WAIT Remote 74.125.225.13:80 (Querying... ) (HTTP)
Local 192.168.1.162:1247 TIME-WAIT Remote 74.54.247.132:80 (Querying... ) (HTTP)
Local 192.168.1.162:1249 TIME-WAIT Remote 74.54.247.132:80 (Querying... ) (HTTP)
Local 192.168.1.162:1254 TIME-WAIT Remote 74.54.247.132:80 (Querying... ) (HTTP)
Local 192.168.1.162:1255 TIME-WAIT Remote 74.54.247.132:80 (Querying... ) (HTTP)
Local 192.168.1.162:1257 TIME-WAIT Remote 74.125.225.13:80 (Querying... ) (HTTP)
Local 192.168.1.162:1260 TIME-WAIT Remote 205.251.253.217:80 (Querying... ) (HTTP)
Local 192.168.1.162:1262 TIME-WAIT Remote 184.28.75.55:80 (Querying... ) (HTTP)
Local 192.168.1.162:1264 TIME-WAIT Remote 205.251.253.217:80 (Querying... ) (HTTP)
Local 192.168.1.162:1269 TIME-WAIT Remote 205.251.253.217:80 (Querying... ) (HTTP)
Local 192.168.1.162:1270 TIME-WAIT Remote 184.85.92.20:80 (Querying... ) (HTTP)
Local 192.168.1.162:1271 TIME-WAIT Remote 205.251.253.217:80 (Querying... ) (HTTP)
Local 192.168.1.162:1272 TIME-WAIT Remote 205.251.253.217:80 (Querying... ) (HTTP)
Local 192.168.1.162:1273 TIME-WAIT Remote 205.251.253.217:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.1.162:139 (NetBIOS session service) LISTEN
svchost.exe (1028)
Local 0.0.0.0:135 (DCE) LISTEN
  • 0

#6
RKinner
Posted 21 April 2012 - 11:19 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Don't see much. You have two services which are not starting so they should be disabled:

Log: 'System' Date/Time: 21/04/2012 9:48:41 AM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The HP CUE DeviceDiscovery Service service hung on starting.

Log: 'System' Date/Time: 21/04/2012 9:46:30 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The SeaPort service failed to start due to the following error: The system cannot find the file specified.

Right click on (My) Computer and select Manage then Services and Applications then Services. In the right pane find

HP CUE DeviceDiscovery Service and right click on it and select Properties then change the Startup Type: to Disabled then OK.



The second one I'm not so sure of the exact name. See if you can find Seaport or one that starts with Search and disable it the same way.

Download the Installer Cleanup Tool from http://majorgeeks.co...ad.php?det=4459
(You do not need to fill out the form that shows up during the download), Save it and Run it.

Find the HP Photosmart Essential 2.5 entry and remove it.

IF it still shows up in Add/Remove then try to uninstall it. Uninstall HP Photosmart Essential 3.0

This should improve the start up time somewhat. If it is still slow starting up:
Start Run, msconfig, OK
Go to Services tab and click on the box to hide Microsoft Services then uncheck
everything that remains. Go to Startup tab and uncheck everything. OK and
reboot. If it doesn't run faster then go back into msconfig and recheck the
things you turned off. If it helps then go back and turn on a few items each
time until you find the culprit.


I don't see any sign of it running slow once it's up. Process Explorer looks like it should be fairly quick to respond. If it's slow try the msconfig stuff above.

Is browsing slow? How long does it take for Firefox to come up? We can probably speed it up a bit:
Download, Save and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit. Now how long does it take to start now?
  • 0

#7
rockitout
Posted 24 April 2012 - 07:07 AM

rockitout

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
I completed your instructions. I ended up having to uninstall HP Photosmart Essential 3.0, using the add/remove. It did speed up the startup. It still takes a while to start up, but I think it is because of the weather program and Yahoo instant messenger. I'm willing to live with that though. I initially took your advice on using msconfig, however it prevented my Avast from starting up. So I reverted it back to normal startup, using msconfig again. That for some reason did not fix my Avast problem, so I had to run a repair installation, and that worked. I also ran the Speedyfox, and that helped speed up the browser. Thank you for the suggestions, please let me know if there is anything else I need to do.
  • 0

#8
RKinner
Posted 24 April 2012 - 10:46 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Your PC is too old to have the sensors that tell how hot the CPU is so I can't see how warm it gets but a warm CPU is a slow CPU so turn it off, leave it plugged in, open it up and inspect the CPU's heatsink. If it is full of dust, vacuum it out and use a small brush to dislodge the dust. Sometimes you need to remove the fan which is usually held in place by four screws but I think on a Dell it will be on the back with a shroud to direct the air flow. Turn it on and make sure the fan runs promptly. Some of them will stop after a bit if they are not hot - others will run all the time (but slow down a bit after the initial fan test) and possible speed up if they get hot.

Otherwise since you think it's good enough:

We need to clean up System Restore.

Copy the following:


:Commands
[CLEARALLRESTOREPOINTS]
[Reboot]
Run OTL. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.

To hide hidden files again (If you do not run OTL cleanup):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.


Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas. If you don't use MSN Messenger I would not upgdate it. MS installs a bunch of stuff when you do. You can tell the program to not show you that update.)
If you use Firefox or Chome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP