Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Possible infection - non responsive for a couple minutes [Solved]

Started by stagepuppy , Sep 23 2012 04:41 PM

  • This topic is locked This topic is locked

#1
stagepuppy
Posted 23 September 2012 - 04:41 PM

stagepuppy

    Member

  • Member
  • PipPip
  • 12 posts
Hello Geeks2Go,

I suspect a Dell Inspiron 1721 laptop PC that belongs to a friend may have an infection. When he first gave it to me, it appeared to hang right after booting to the desktop with the hard disk LED solidly on. OS is Vista 32bit Home Premium SP1 running the factory setup with recovery partition. It only had 1GB RAM so I suspected that swap file activity was making things worse so we upgraded to 4GB RAM. After scanning/cleaning with Kaspersky Rescue Disk, it was scanned with latest MBAM which found and removed the Trojan Vundo among other things. This cleared up most of the busy disk activity however there still seems to be a period of heavy disk activity and unresponsiveness just after booting to the desktop, and after full scans with MSE and SuperAntiSpyware with only minimal detections (tracking cookies, etc) as well as installing Vista SP2, it still behaves this way. Vista does not seem to behave this way when booted to Safe Mode, and there is no extended disk activity seen or being explained in Task Manager.

Furthermore, here are some strange things that I've noticed:

1. There is an entry in the registry that I'm not familiar with that keeps reappearing even after I deleted it:
"%PROVIDERID%"="\"bin\\sprtcmd.exe\" /P %PROVIDERID%". Attempts to search for this are unsuccessful.

2. Adobe Reader v9.x keeps launching reader_sl.exe even though its registry entry has been deleted from the HKLM...Current Version\Run location.

3. User has used Limewire toolbar and Vuze in the past, some software is still present.

Please Help...
Thanks,
Jay


Here is the OTL file:

OTL Extras logfile created on: 9/23/2012 1:23:23 PM - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = C:\tools
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.37 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 60.67% Memory free
6.26 Gb Paging File | 5.10 Gb Available in Paging File | 81.49% Paging File free
Paging file location(s): c:\pagefile.sys 3071 3071 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.22 Gb Total Space | 29.47 Gb Free Space | 29.71% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.06 Gb Free Space | 50.60% Space Free | Partition Type: NTFS

Computer Name: JOHNVERO-PC | User Name: JohnVero | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08DB9E6E-26A7-4DFB-8CFF-398E9BE56F02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{09C26420-E925-4847-AC9C-4574D150C19E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B62AFB9-1720-4A5E-BA3F-61BE5A162F1D}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{0CF32968-4FAF-4FEE-AB43-C31063590F9E}" = lport=10244 | protocol=6 | dir=in | app=system |
"{1294169D-56F6-458A-A051-440F5E883F36}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15411080-C4DC-4347-B224-298CCB0A623B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{16433106-DF2C-4845-8CF5-331FE64E811B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{21F1B881-18A1-4F7A-9BDD-7AB741AE51FE}" = lport=3390 | protocol=6 | dir=in | app=system |
"{2F6AB023-366D-4C71-AC1D-1E90A6A6AF49}" = rport=10244 | protocol=6 | dir=out | app=system |
"{30019836-1289-498D-AE43-05133A23CD5F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44F9F14C-94F9-4959-9B58-70A173197365}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{478B8AB0-16B8-4792-9E9E-A2F524ED798A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5AE52322-77D6-4869-8050-C4C3FBB62AB9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{66CBDB77-23E1-402D-9072-8C4B7F633A05}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6BD3DA1E-F10F-44D4-B552-9BBA97F48C87}" = lport=3390 | protocol=6 | dir=in | app=system |
"{81D4C0C3-950C-4A29-9FB7-00EBA9283CB5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BDBD0925-BDE5-42E5-9847-8DB5794C3F01}" = lport=10244 | protocol=6 | dir=in | app=system |
"{D146336E-377D-42B3-B7A7-6A3D7A4E3798}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB1A8FC1-46A9-4D0E-82FE-18A807EAFF1D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F78053A0-D2BB-4E67-A667-A387DAF01031}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F97A0F16-E645-4F9F-932C-1109D0B3E427}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC8E3D46-9F5F-4DD2-9C32-929746F37AF7}" = rport=10244 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{107B5A53-CBC3-44A8-9EF9-9CC5F4561CAA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{280F429F-E66B-4F2F-A5DF-A96F0D1FFE5F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2A1CCE11-AE56-4FDA-BB6A-6B333880CB9C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{40B413EA-4441-43AF-BF90-B22575FF3652}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{56C2BF1F-1004-4B5C-8886-566A97CFEB73}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5FCA2367-2BEC-48FF-8B2E-EF4FA96405C6}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{67B4079B-C07B-4F35-B201-2EF03BBD4892}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{6C899833-AC7C-4BB9-AC24-0B302BB030A5}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{6F588EDE-1124-431B-A59D-15D7E9E4DA20}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{703174ED-E884-4B00-8B28-3A286533375B}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{72CD0D50-98DF-42EF-A8F0-F431531EDB23}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{81C88695-EE5C-43CE-B707-24EDD81B50C3}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{86BEF7D3-8DA4-41E5-8003-2E116C3F3BDC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8FCC64E1-8DD4-4533-B5EC-9A43D7FBE335}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{97292801-F92D-455A-98C8-7595B80807A2}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{99BFABAC-B01A-42E1-8E01-556EC0FA3D29}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A759A3D5-1C59-4E49-8466-8E952876421A}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{AA3A040C-D6DA-404F-BE93-1632B3C36DFC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3166996-B589-44F5-AD48-CCCDFB46E9ED}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{C502A3D1-9C03-4EB2-A7CF-DD63E226A0BD}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{C9ABFC17-67A6-4C0B-A3D8-A85C341C8C05}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{D47B441F-4C40-4F20-B5FA-A59F8ED851BC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D67E3620-155B-4A92-BE11-8DB660CC114D}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{DD408540-61B1-4B64-B991-F60A030764EF}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E5C2228F-3B72-46B9-B8C2-3D9B05FAAF4B}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{E6E17B79-2E2C-40E5-BF0C-E36BD9D88763}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{EDC18B07-151F-429D-95AF-A6A3D5BDE389}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{F2415763-E2CF-4AB6-9EA7-C5913F584F80}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F5311C53-0C20-4160-B760-E352D1F9792A}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{F894C982-F437-4777-B801-146D73E49B61}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"TCP Query User{397AFE5F-94B9-4CC3-8EFB-DF91420F4E88}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{4BEFF2F7-A23B-4F6D-B65C-2349A6609D35}C:\program files\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare\bearshare.exe |
"TCP Query User{62977F0E-9B34-4945-8151-0BF326A6BA00}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{6786F229-3162-4593-95B3-38BD1F3FFF8F}C:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"TCP Query User{D926C06E-C9BA-4DD1-86CB-578481BF61B4}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{F42D4D66-1C15-4895-B512-45276B52056D}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{33BFA42D-F8C4-43AE-AC9E-E53478E49F23}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{42A2EA26-5B50-4BD5-95D8-BA994F682CE2}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{5F9FD809-42DF-4090-B6B1-556A4283BEF6}C:\program files\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare\bearshare.exe |
"UDP Query User{8F0EBB6A-0F29-4A22-871F-3D260434BF36}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{9A087399-52DE-4225-A9FC-4AFF16B44B16}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{CA9B0EBB-F8E2-41E5-8589-24B97487A1C1}C:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C85D5D-77CA-7173-5775-AFB9CC835F33}" = CCC Help Finnish
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{085FE193-B676-11D4-82BC-00A0C993905F}" = Thomas Bros. Street Guide Digital Edition
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A331B03-B20D-D63E-7CFA-6DE03CD85972}" = CCC Help Chinese Traditional
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}" = ArcSoft Print Creations
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series" = Canon MP470 series
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{179950A7-026A-3F96-9540-3C528A96C5C0}" = Catalyst Control Center Localization Danish
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1882BDBB-0DFD-FAE6-77FA-E3445D821F18}" = CCC Help Norwegian
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{2452E3E3-B627-7371-F43F-68149C528556}" = CCC Help French
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java™ 6 Update 35
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{310A99AD-E8DD-CF60-CDD3-ED197E106A80}" = Catalyst Control Center Localization Russian
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36D252B0-6856-4395-4BBE-DEC2E56DCB24}" = Catalyst Control Center Localization Dutch
"{3736E75B-0FD7-F5A3-15F1-EE07B633AEE5}" = Catalyst Control Center Localization Finnish
"{393AAD92-9760-9B0D-43C1-C6C5E89EFA67}" = Catalyst Control Center Localization Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4248C264-C1BF-8414-4B16-F61FF0BC49A7}" = Catalyst Control Center Localization Spanish
"{48FC3614-221A-4272-5AFC-50EC406606FE}" = Catalyst Control Center Localization Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A2BD145-6614-B0A5-0E1A-5367A3451691}" = CCC Help Chinese Standard
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}" = Adobe Setup
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55D070A2-9EA5-8C26-5F74-835BAC086523}" = Catalyst Control Center Localization German
"{59361F9F-A413-83EC-E269-6D34CC697878}" = CCC Help Portuguese
"{5B35C417-2649-11D6-83D1-0050FC01225C}" = FirstClass® Client
"{5B9A8ECB-A06B-A5AF-A7AD-B2E1A9B09AE8}" = CCC Help Korean
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BAFE5C7-FAAE-7F8C-39C0-BA8BD7A6786F}" = Catalyst Control Center Localization Chinese Standard
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72BBAAE1-61A5-5F40-9BF3-95992B29F8A7}" = Catalyst Control Center Graphics Full Existing
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A97828F-C89C-C290-E11D-57A33DD523CB}" = Catalyst Control Center Localization Portuguese
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D3A926D-D61E-6063-1C0D-18A4365D5033}" = ccc-core-static
"{7E532356-3BAE-4832-A253-2F1094FE5C40}" = Catalyst Control Center Localization Norwegian
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{88937F68-8C7A-A5DC-4004-2A2E0ECCC2DB}" = Catalyst Control Center Localization Japanese
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C454737-22A5-43F6-B09F-A4B3F7BD3468}" = CCC Help Spanish
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9C769AD0-00EE-8A6A-8C2A-F51BAABCCE02}" = CCC Help Dutch
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E3DCAB8-285C-464F-DBCB-0052F92FEEF2}" = Catalyst Control Center Graphics Light
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A8B9FBF8-7986-6CF7-C31C-20A19E7D1717}" = ccc-utility
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACB4C93A-594E-E76A-3349-EEF2D6A723D6}" = Catalyst Control Center Localization Italian
"{ACDF5DEF-413F-A546-6F35-66CE215BDCCB}" = Skins
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2BFD108-1E93-06C5-F34E-48B92C358EDD}" = CCC Help Swedish
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{B970E87C-274D-5ADC-41BB-8C81926AF300}" = CCC Help Russian
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C6CC1EA6-12E2-219A-F8A1-1058AB678E08}" = CCC Help Italian
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF8BA296-55D7-8B51-6C4E-4789A1D003BE}" = Catalyst Control Center Localization French
"{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6
"{D0DDF9EE-C67F-368B-EB42-ECB44FD7556D}" = Adobe Photoshop.com Inspiration Browser
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D62A9D43-39A4-337B-A432-1C6DB13087B8}" = CCC Help English
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D8210D47-2F24-99C7-9183-E093FBF14D92}" = CCC Help Japanese
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DCDCFE99-36A7-6B89-8329-BAB033D99577}" = CCC Help German
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE623944-11D0-4CD3-17BE-FDF0F5309FD5}" = CCC Help Danish
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E194308F-9718-7425-BCC1-FAAF46A188CB}" = Catalyst Control Center Core Implementation
"{E314D889-0C82-9F5F-A9EE-699109226856}" = Catalyst Control Center Graphics Full New
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{EDC5E937-F707-4241-BB2F-111C4B83FF2C}" = WebPAM
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFBE2318-89B7-4A5F-8912-23DB04761C31}" = Catalyst Control Center - Branding
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FC516A10-B335-4FB5-8EA2-0DB8E57E044C}" = Sprint SmartView
"{FF61246F-8BD1-165A-5F50-B6DFECE53025}" = Catalyst Control Center Localization Korean
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop CS4_is1" = Adobe Photoshop CS4
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_a04a925a57548091300ada368235fc6" = Adobe Illustrator CS3
"Canon MP470 series User Registration" = Canon MP470 series User Registration
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"DTCLookup" = DTCLookup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{EDC5E937-F707-4241-BB2F-111C4B83FF2C}" = WebPAM
"legacyqcam_10.51" = Logitech Legacy USB Camera Driver Package
"lvdrivers_11.90" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MyPublisher" = MyPublisher
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"Vuze" = Vuze
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/23/2012 9:24:09 AM | Computer Name = JohnVero-PC | Source = ESENT | ID = 215
Description = WinMail (4076) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 9/23/2012 9:25:04 AM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/23/2012 9:28:21 AM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/23/2012 9:28:23 AM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/23/2012 12:46:01 PM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/23/2012 12:46:34 PM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/23/2012 12:46:41 PM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/23/2012 12:47:36 PM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/23/2012 12:47:36 PM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/23/2012 12:48:52 PM | Computer Name = JohnVero-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ Broadcom Wireless LAN Events ]
Error - 11/25/2007 11:16:27 AM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 07:16:27, Sun, Nov 25, 07 Error - Unable to gain access to user store


Error - 11/30/2007 7:50:46 PM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 15:50:46, Fri, Nov 30, 07 Error - Unable to gain access to user store


Error - 12/15/2007 6:57:42 PM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 14:57:42, Sat, Dec 15, 07 Error - Unable to gain access to user store


Error - 2/4/2008 3:36:29 PM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 11:36:29, Mon, Feb 04, 08 Error - Unable to gain access to user store


Error - 2/12/2008 8:51:49 PM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 16:51:42, Tue, Feb 12, 08 Error - Unable to gain access to user store


Error - 2/12/2008 9:20:10 PM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 17:20:09, Tue, Feb 12, 08 Error - Unable to gain access to user store


Error - 4/3/2008 12:21:55 AM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 21:21:55, Wed, Apr 02, 08 Error - Unable to gain access to user store


Error - 5/21/2008 8:18:16 PM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 17:18:15, Wed, May 21, 08 Error - Unable to gain access to user store


Error - 6/3/2008 10:03:22 PM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 19:03:22, Tue, Jun 03, 08 Error - Unable to gain access to user store


Error - 6/9/2008 9:57:45 PM | Computer Name = JohnVero-PC | Source = WLAN-Tray | ID = 0
Description = 18:57:38, Mon, Jun 09, 08 Error - Unable to gain access to user store


[ Media Center Events ]
Error - 5/22/2008 8:24:19 PM | Computer Name = JohnVero-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/31/2008 8:00:09 PM | Computer Name = JohnVero-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/2/2008 12:37:10 AM | Computer Name = JohnVero-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 4/29/2009 11:01:26 PM | Computer Name = JohnVero-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/7/2009 1:29:10 PM | Computer Name = JohnVero-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/9/2009 1:46:35 PM | Computer Name = JohnVero-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 9/23/2012 12:48:51 PM | Computer Name = JohnVero-PC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\Windows\System32\rasppp.dll
returned an error while initializing. The specified module could not be found.

Error - 9/23/2012 12:48:51 PM | Computer Name = JohnVero-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. The specified module could not be found.


Error - 9/23/2012 12:48:51 PM | Computer Name = JohnVero-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 9/23/2012 12:48:55 PM | Computer Name = JohnVero-PC | Source = RemoteAccess | ID = 20070
Description = Point to Point Protocol engine was unable to load the C:\Program Files\Cingular\Communication
Manager\EapTtls.dll module. The specified module could not be found.

Error - 9/23/2012 12:48:55 PM | Computer Name = JohnVero-PC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\Windows\System32\rasppp.dll
returned an error while initializing. The specified module could not be found.

Error - 9/23/2012 12:48:55 PM | Computer Name = JohnVero-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. The specified module could not be found.


Error - 9/23/2012 12:48:55 PM | Computer Name = JohnVero-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 9/23/2012 12:48:58 PM | Computer Name = JohnVero-PC | Source = RemoteAccess | ID = 20070
Description = Point to Point Protocol engine was unable to load the C:\Program Files\Cingular\Communication
Manager\EapTtls.dll module. The specified module could not be found.

Error - 9/23/2012 12:48:58 PM | Computer Name = JohnVero-PC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\Windows\System32\rasppp.dll
returned an error while initializing. The specified module could not be found.

Error - 9/23/2012 12:48:58 PM | Computer Name = JohnVero-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. The specified module could not be found.



< End of report >
  • 0

Advertisements

#2
Amlak
Posted 23 September 2012 - 06:00 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, stagepuppy. Welcome to GTG. Let's help you out with your computer issue.

In the same location where that log you posted is, there should be another log called OTL.txt. Please also post its contents here.

Also:

Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#3
stagepuppy
Posted 23 September 2012 - 06:24 PM

stagepuppy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hello Amlak, thanks for the quick reply...

Here is the OTL.txt file:

OTL logfile created on: 9/23/2012 1:23:23 PM - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = C:\tools
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.37 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 60.67% Memory free
6.26 Gb Paging File | 5.10 Gb Available in Paging File | 81.49% Paging File free
Paging file location(s): c:\pagefile.sys 3071 3071 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.22 Gb Total Space | 29.47 Gb Free Space | 29.71% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.06 Gb Free Space | 50.60% Space Free | Partition Type: NTFS

Computer Name: JOHNVERO-PC | User Name: JohnVero | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/23 13:21:49 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\tools\OTL.exe
PRC - [2012/09/06 13:05:46 | 004,780,928 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/07/11 11:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2009/09/18 05:54:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/16 22:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/09/27 21:54:54 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/09/27 21:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/27 21:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/07/11 07:15:58 | 000,202,800 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2007/04/17 21:48:18 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/04/17 20:31:58 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/04/16 15:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/12/14 16:04:04 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\ATI\WebPAM\_jvm\bin\java.exe
PRC - [2006/09/14 08:56:06 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
PRC - [2006/09/08 16:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2006/09/08 16:06:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2003/09/29 07:30:08 | 000,110,592 | ---- | M] () -- C:\Program Files\ATI\WebPAM\jetty\extra\win32\Wrapper.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/23 09:46:38 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/09/23 09:46:37 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/09/23 03:00:40 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/09/23 03:00:40 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/08/14 01:40:54 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll


========== Services (SafeList) ==========

SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/11 11:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/12/04 17:29:17 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/18 05:54:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2008/12/16 22:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/03/05 15:45:28 | 000,106,496 | ---- | M] (PCTEL) [On_Demand | Stopped] -- C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe -- (SprintRcAppSvc)
SRV - [2008/03/05 15:45:26 | 000,118,784 | ---- | M] (PCTEL) [On_Demand | Stopped] -- C:\Program Files\Sprint\Sprint SmartView\ConAppsSvc.exe -- (CASprint)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/27 21:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/09/27 21:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/07/11 07:15:58 | 000,202,800 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/03/14 08:49:00 | 000,101,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/09/14 08:56:06 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
SRV - [2003/09/29 07:30:08 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Program Files\ATI\WebPAM\jetty\extra\win32\Wrapper.exe -- (ATIWebPAM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302AV.SYS -- (PID_08A0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/09/23 09:47:59 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A2E83088-881A-4694-B8DF-5FA4F637E9EE}\MpKslc4823cce.sys -- (MpKslc4823cce)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/12/16 23:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/12/16 23:00:12 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/12/16 22:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/12/16 22:53:44 | 002,686,104 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2008/12/16 22:53:22 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008/03/05 15:41:58 | 000,164,480 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWNC5E00.sys -- (SWNC5E00)
DRV - [2008/03/05 15:41:58 | 000,149,000 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmx00.sys -- (swmx00)
DRV - [2008/03/05 15:41:58 | 000,024,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/03/05 15:41:48 | 000,038,680 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctnullport.sys -- (Nmea)
DRV - [2007/10/12 17:04:40 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2007/09/27 21:54:56 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/25 22:34:20 | 000,122,880 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2007/09/06 16:30:24 | 000,194,048 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2007/08/14 01:40:52 | 002,593,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/08/14 01:40:52 | 002,593,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/04/12 17:02:56 | 000,157,184 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/23 12:16:22 | 000,122,240 | ---- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Gtm51Irp.sys -- (GTMNDISIRPXP)
DRV - [2007/02/23 12:16:22 | 000,036,992 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtuqbus.sys -- (GTUQBUS)
DRV - [2007/02/23 12:16:22 | 000,017,152 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtffbus.sys -- (GTFFBUS)
DRV - [2007/02/23 12:16:22 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2006/11/21 05:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 01:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 20:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 18:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 00:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/10/30 09:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 17:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80119
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...aspx?tbid=80119
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=6071112
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...s}&locale=en_US
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.c...rms}&tbid=60345
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80119&lng=en
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...m=1&toolbar=FRW
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2010/01/09 12:44:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JohnVero\AppData\Roaming\mozilla\Extensions
[2010/01/09 12:44:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JohnVero\AppData\Roaming\mozilla\Extensions\[email protected]

O1 HOSTS File: ([2009/01/08 20:01:43 | 000,000,707 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID% File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Sprint SmartView] C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe (Sprint)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: inchargefoundation.org ([wbt] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{809CBCF9-886C-462F-BD14-7B797505FC51}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D167B62E-4505-4E4A-B906-565F7401AFBE}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\JohnVero\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\JohnVero\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{64c18400-f583-11e1-b617-cd21c65509d1}\Shell - "" = AutoRun
O33 - MountPoints2\{64c18400-f583-11e1-b617-cd21c65509d1}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AppLaunch.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/23 06:07:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012/09/23 06:07:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012/09/23 06:07:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012/09/23 05:17:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/09/23 03:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/09/23 03:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/09/23 02:59:35 | 000,000,000 | ---D | C] -- C:\Users\JohnVero\AppData\Roaming\SUPERAntiSpyware.com
[2012/09/23 02:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/09/23 02:57:19 | 000,000,000 | ---D | C] -- C:\tools
[2012/09/22 04:45:43 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware
[2012/09/20 20:23:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/20 20:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/20 19:42:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/09/20 19:14:46 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\JohnVero\Desktop\tdsskiller.exe
[2012/09/20 08:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/09/20 02:15:11 | 000,000,000 | ---D | C] -- C:\Users\JohnVero\AppData\Roaming\Malwarebytes
[2012/09/20 02:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/20 02:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/20 02:14:40 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/20 02:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/20 02:12:08 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\JohnVero\Desktop\mbam-setup-1.65.0.1400.exe
[2012/09/03 00:37:17 | 000,027,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\drivers\PCASp50.sys
[2012/09/03 00:27:53 | 000,000,000 | ---D | C] -- C:\Users\JohnVero\AppData\Local\Sprint
[2012/09/03 00:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sprint
[2012/09/03 00:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2012/09/03 00:14:21 | 000,000,000 | ---D | C] -- C:\Research in Motion
[2012/09/03 00:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research in Motion
[2012/09/03 00:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra Wireless
[2012/09/03 00:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PctelEapPeer Authentication
[2012/09/03 00:12:57 | 000,000,000 | ---D | C] -- C:\Program Files\Novatel Wireless
[2012/09/03 00:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sprint
[2012/09/03 00:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sprint
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/23 11:43:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/23 11:43:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/23 09:52:51 | 000,606,602 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/23 09:52:51 | 000,105,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/23 09:43:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/23 06:13:43 | 001,666,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/23 03:01:49 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/09/21 07:56:17 | 000,007,944 | ---- | M] () -- C:\Users\JohnVero\AppData\Local\d3d9caps.dat
[2012/09/20 23:53:02 | 000,958,331 | ---- | M] () -- C:\Users\JohnVero\Desktop\A07_1721.EXE
[2012/09/20 20:23:53 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/20 20:12:50 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/09/20 19:14:50 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\JohnVero\Desktop\tdsskiller.exe
[2012/09/20 12:01:25 | 000,049,152 | ---- | M] () -- C:\Users\JohnVero\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/20 08:24:37 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/09/20 02:14:52 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/20 02:12:30 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\JohnVero\Desktop\mbam-setup-1.65.0.1400.exe
[2012/09/17 13:13:25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\null
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/03 00:14:30 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\Sprint SmartView.lnk
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/23 03:01:49 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/09/20 23:52:45 | 000,958,331 | ---- | C] () -- C:\Users\JohnVero\Desktop\A07_1721.EXE
[2012/09/20 20:23:53 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/20 20:09:10 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/09/20 20:09:09 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/09/20 08:24:37 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/09/20 08:23:36 | 000,001,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/09/20 02:14:52 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/03 00:14:30 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\Sprint SmartView.lnk
[2011/03/30 16:43:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/11 19:19:40 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Enhance Tuning
[2008/09/11 19:19:40 | 000,000,268 | RH-- | C] () -- C:\Users\JohnVero\AppData\Roaming\Effects
[2008/09/11 19:19:40 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2008/09/11 19:11:06 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Electric Piano
[2008/09/11 19:11:06 | 000,000,268 | RH-- | C] () -- C:\Users\JohnVero\AppData\Roaming\Dynamic Library
[2008/09/11 19:11:06 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2007/11/25 12:45:04 | 000,061,224 | ---- | C] () -- C:\Users\JohnVero\GoToAssistDownloadHelper.exe
[2007/11/23 16:12:55 | 000,007,944 | ---- | C] () -- C:\Users\JohnVero\AppData\Local\d3d9caps.dat
[2007/11/19 15:49:33 | 000,049,152 | ---- | C] () -- C:\Users\JohnVero\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 09:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/02/28 22:17:34 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\Azureus
[2008/11/03 18:04:08 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\Canon
[2007/11/19 16:01:24 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\Cingular
[2008/11/06 12:12:13 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\Costco Photo Viewer US
[2008/12/04 23:01:47 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\FrostWire
[2007/11/19 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\MusicNet
[2009/09/04 12:17:55 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\MyPublisher
[2010/10/20 22:07:46 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\Nikon
[2008/02/10 12:36:00 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\Opera
[2008/02/05 19:45:11 | 000,000,000 | ---D | M] -- C:\Users\JohnVero\AppData\Roaming\ScanSoft

========== Purity Check ==========



< End of report >




And here is the aswMBR.txt file:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-23 17:18:40
-----------------------------
17:18:40.716 OS Version: Windows 6.0.6002 Service Pack 2
17:18:40.716 Number of processors: 2 586 0x6801
17:18:40.716 ComputerName: JOHNVERO-PC UserName: JohnVero
17:19:14.382 Initialize success
17:19:47.508 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000145
17:19:47.508 Disk 0 Vendor: WDC_WD12 1.10 Size: 114473MB BusType: 6
17:19:47.570 Disk 0 MBR read successfully
17:19:47.586 Disk 0 MBR scan
17:19:47.586 Disk 0 Windows VISTA default MBR code
17:19:47.601 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
17:19:47.617 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 145408
17:19:47.648 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 101601 MB offset 21116928
17:19:47.648 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 229195776
17:19:47.695 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 229197824
17:19:47.726 Disk 0 scanning sectors +234438656
17:19:47.835 Disk 0 scanning C:\Windows\system32\drivers
17:20:05.650 Service scanning
17:20:13.373 Service MpKsl3de47ac7 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A2E83088-881A-4694-B8DF-5FA4F637E9EE}\MpKsl3de47ac7.sys **LOCKED** 32
17:20:23.280 Modules scanning
17:20:30.379 Disk 0 trace - called modules:
17:20:30.426 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys ahcix86s.sys tcpip.sys NETIO.SYS ndis.sys bcmwl6.sys
17:20:30.457 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f8bac8]
17:20:30.489 3 CLASSPNP.SYS[8bda08b3] -> nt!IofCallDriver -> [0x864ef6f0]
17:20:30.520 5 acpi.sys[8060d6bc] -> nt!IofCallDriver -> \Device\00000145[0x864f7738]
17:20:30.551 Scan finished successfully
17:21:05.383 Disk 0 MBR has been saved successfully to "C:\tools\MBR.dat"
17:21:05.477 The log file has been saved successfully to "C:\tools\aswMBR.txt"




Cheers,
Jay
  • 0

#4
Amlak
Posted 24 September 2012 - 07:48 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, stagepuppy. You've mentioned some speed issue. And a couple of unwanted startup entries. Any other issue? Does the following mean anything to you?

Description = Point to Point Protocol engine was unable to load the C:\Program Files\Cingular\Communication
Manager\EapTtls.dll module. The specified module could not be found.


Upon Googling it, it seems related to some AT&T wireless product. Please let me know if this is an issue for you that needs to be resolved or if it's of no significance.

According to the Extras log, you still have Vuze installed. If you don't need it, just uninstall it. I'll get rid of the Limewire Toolbar and other similar entries below (along with the unwanted Registry entry you mentioned).

Now download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

******
NEXT
******

  • Open Malwarebytes' Anti-Malware.
  • Select the Update tab.
  • Click Check for Updates.
  • After the update has been completed, select the Scanner tab.
  • Select Perform quick scan, then click on the Scan button.
  • When done, you will be prompted. Click OK, then click on Show Results.
  • Make sure all items are checked and click on Remove Selected.
  • If asked to restart the computer, please do so immediately.
  • Post the contents of the resultant log in your next reply. You can access the log in the Logs tab.

******
NEXT
******

Warning This fix is only relevant for this system and no other, using it on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.

Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
O4 - HKLM..\Run: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID% File not found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...s}&locale=en_US
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.c...rms}&tbid=60345
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...m=1&toolbar=FRW
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80119
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...aspx?tbid=80119
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80119&lng=en
O33 - MountPoints2\{64c18400-f583-11e1-b617-cd21c65509d1}\Shell - "" = AutoRun
O33 - MountPoints2\{64c18400-f583-11e1-b617-cd21c65509d1}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AppLaunch.exe AUTORUN=1

:COMMANDS
[emptytemp]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post the log it produces in your next reply.

******
NEXT
******

Download AutoRuns here
  • Extract the Autoruns Zip file contents to a folder.
  • Double-click "Autoruns.exe".
  • Click on the "Everything" tab
  • Go to File then click Save...
  • Make sure the Save as type: is set to Text (*.txt) and save to a known location.
  • Attach the newly created text file AutoRuns.txt to your next reply.

  • 0

#5
stagepuppy
Posted 25 September 2012 - 09:43 AM

stagepuppy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hello Amlak,

The AT&T wireless you mentioned in your last post can be removed, and Vuze remove manually prior to running the listed actions as instructed:

Adwcleaner log:

# AdwCleaner v2.003 - Logfile created 09/24/2012 at 17:53:16
# Updated 23/09/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : JohnVero - JOHNVERO-PC
# Boot Mode : Normal
# Running from : C:\Users\JohnVero\Desktop\adwcleaner.exe
# Option [Delete]




***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
File Deleted : C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Users\JohnVero\AppData\Local\AskToolbar
Folder Deleted : C:\Users\JohnVero\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\JohnVero\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19088

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - SearchAssistant] = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80119 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - CustomizeSearch] = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80119 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80119 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80119 --> hxxp://www.google.com

*************************

AdwCleaner[S1].txt - [7645 octets] - [24/09/2012 17:53:16]

########## EOF - C:\AdwCleaner[S1].txt - [7705 octets] ##########






MBAM log:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19088
JohnVero :: JOHNVERO-PC [administrator]

9/24/2012 6:05:42 PM
mbam-log-2012-09-24 (18-05-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227154
Time elapsed: 23 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




OTL Run Fix log:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\%PROVIDERID% deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64c18400-f583-11e1-b617-cd21c65509d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64c18400-f583-11e1-b617-cd21c65509d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64c18400-f583-11e1-b617-cd21c65509d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64c18400-f583-11e1-b617-cd21c65509d1}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AppLaunch.exe AUTORUN=1 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: JohnVero
->Temp folder emptied: 697793 bytes
->Temporary Internet Files folder emptied: 1558180687 bytes
->Java cache emptied: 47465 bytes
->Apple Safari cache emptied: 16384 bytes
->Flash cache emptied: 1527567 bytes

User: Mcx1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 551424 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 674427303 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,132.00 mb


OTL by OldTimer - Version 3.2.66.0 log created on 09242012_185247

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\logishrd\LVPrcInj12.dll not found!
C:\Windows\temp\Jetty__25902__ati\webapp\WEB-INF\lib\activation.jar moved successfully.
C:\Windows\temp\Jetty__25902__ati\webapp\WEB-INF\lib\j2ee.jar moved successfully.
C:\Windows\temp\Jetty__25902__ati\webapp\WEB-INF\lib\jdom.jar moved successfully.
C:\Windows\temp\Jetty__25902__ati\webapp\WEB-INF\lib\junit.jar moved successfully.
C:\Windows\temp\Jetty__25902__ati\webapp\WEB-INF\lib\mail.jar moved successfully.
C:\Windows\temp\Jetty__25902__ati\webapp\WEB-INF\lib\unittest.jar moved successfully.
C:\Windows\temp\Jetty__25902__ati\webapp\WEB-INF\lib\xerces.jar moved successfully.
File\Folder C:\Windows\temp\hsperfdata_SYSTEM\2572 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...




Autoruns log:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "%PROVIDERID%" "" "" "File not found: bin\sprtcmd.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "PCMService" "CyberLink PowerCinema Resident Program" "CyberLink Corp." "c:\program files\dell\mediadirect\pcmservice.exe"
+ "SigmatelSysTrayApp" "Sigmatel Audio system tray application" "IDT, Inc." "c:\program files\sigmatel\c-major audio\wdm\sttray.exe"
+ "Sprint SmartView" "Sprint SmartView" "Sprint" "c:\program files\sprint\sprint smartview\sprintsv.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Digital Line Detect.lnk" "Digital Line Detection" "Avanquest Software " "c:\program files\digital line detect\dlg.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "skype-ie-addon-data" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "ACE Context Menu" "" "c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CBrowserHelperObject Object" "BAE.dll" "Dell Inc." "c:\program files\dell\bae\bae.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnie.dll"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Signature Update" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\{1151B00B-BA9D-4CC1-9D2B-7AAF1B422DC7}" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
+ "\{59058C98-B1D0-4FCA-978D-41B6E3D6E97E}" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe"
+ "\{8BC6F132-472D-4343-9874-B39094F0F1F9}" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe"
+ "\{AB1B93B6-07CE-4A81-B363-93CBE6E51F41}" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "AdobeActiveFileMonitor5.0" "Tracks files that are managed by Adobe Photoshop Elements" "" "c:\program files\adobe\photoshop elements 5.0\photoshopelementsfileagent.exe"
+ "AdobeActiveFileMonitor8.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\photoshopelementsfileagent.exe"
+ "AESTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\aestsrv.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Ati External Event Utility" "ATI External Event Utility EXE Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.exe"
+ "ATIWebPAM" "ATI WebPAM Server Service" "" "c:\program files\ati\webpam\jetty\extra\win32\wrapper.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CASprint" "ConAppsSvc" "PCTEL" "c:\program files\sprint\sprint smartview\conappssvc.exe"
+ "DSBrokerService" "Gteko BrkrSvc Application" "" "c:\program files\dellsupport\brkrsvc.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GoogleDesktopManager" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktop.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files\canon\ijplm\ijplmsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LVPrcSrv" "Injector service" "Logitech Inc." "c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "SprintRcAppSvc" "RcAppSvc, Service Helper" "PCTEL" "c:\program files\sprint\sprint smartview\rcappsvc.exe"
+ "sprtsvc_dellsupportcenter" "SupportSoft Sprocket Service" "SupportSoft, Inc." "c:\program files\dell support center\bin\sprtsvc.exe"
+ "STacSV" "Manages SigmaTel Audio Universal Jack configurations." "IDT, Inc." "c:\windows\system32\stacsv.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WLSetupSvc" "Windows Live Setup Service" "Microsoft Corporation" "c:\program files\windows live\installer\wlsetupsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XAudioService" "User-mode gate for Modem Speakephone" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Afc" "Arcsoft® ASPI Shell" "Arcsoft, Inc." "c:\windows\system32\drivers\afc.sys"
+ "ahcix86s" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\ahcix86s.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "AtiPcie" "ATI PCIE Driver for ATI PCIE chipset" "ATI Technologies Inc." "c:\windows\system32\drivers\atipcie.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl6.sys"
+ "bcm4sbxp" "Broadcom Corporation NDIS 5.1 ethernet driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm4sbxp.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "DSproct" "Process Trigger Driver" "Gteko Ltd." "c:\program files\dellsupport\gtaction\triggers\dsproct.sys"
+ "dsunidrv" "GUniDriver" "Gteko Ltd." "c:\windows\system32\drivers\dsunidrv.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "GTFFBUS" "" "Option N.V." "c:\windows\system32\drivers\gtffbus.sys"
+ "GTMNDISIRPXP" "NDIS driver" "Option NV" "c:\windows\system32\drivers\gtm51irp.sys"
+ "GTPTSER" "" "Option N.V." "c:\windows\system32\drivers\gtptser.sys"
+ "GTUQBUS" "" "Option N.V." "c:\windows\system32\drivers\gtuqbus.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dpv.sys"
+ "HSXHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwazl.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "LVPr2Mon" "Logitech ProcMon Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2mon.sys"
+ "LVRS" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs.sys"
+ "LVUSBSta" "USB Statistic Driver" "Logitech Inc." "c:\windows\system32\drivers\lvusbsta.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "MpKslbaab812d" "KSLDriver" "Microsoft Corporation" "c:\programdata\microsoft\microsoft antimalware\definition updates\{5e445754-1b1c-4738-a063-c97cb908185f}\mpkslbaab812d.sys"
+ "Nmea" "Null-modem emulator" "PCTEL Inc." "c:\windows\system32\drivers\pctnullport.sys"
+ "NWADI" "NWADI Interface Bus Enumerator" "Novatel Wireless Inc" "c:\windows\system32\drivers\nwadienum.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PCASp50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\windows\system32\drivers\pcasp50.sys"
+ "pepifilter" "Audio filter for Express Plus" "Logitech Inc." "c:\windows\system32\drivers\lv302af.sys"
+ "PID_08A0" "" "" "File not found: system32\DRIVERS\LV302AV.SYS"
+ "PID_PEPI" "Logitech QuickCam Driver" "Logitech Inc." "c:\windows\system32\drivers\lv302v32.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "rimmptsk" "RICOH MMC Driver" "REDC" "c:\windows\system32\drivers\rimmptsk.sys"
+ "RimSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimsptsk.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial.sys"
+ "rismxdp" "RICOH XD SM Driver" "REDC" "c:\windows\system32\drivers\rixdptsk.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "STHDA" "NDHF" "IDT, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "swmsflt" "Sierra Wireless USB Mass Storage Filter Driver" "" "c:\windows\system32\drivers\swmsflt.sys"
+ "swmx00" "Sierra Wireless USB MUX Driver" "Sierra Wireless Inc." "c:\windows\system32\drivers\swmx00.sys"
+ "SWNC5E00" "Sierra Wireless NDIS Driver" "Sierra Wireless Inc." "c:\windows\system32\drivers\swnc5e00.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.I420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcodec2.dll"
+ "vidc.iv31" "" "Intel® Corporation" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "Intel® Corporation" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ArcGetDataSample" "ArcGetDataSample" "arcsoft" "c:\program files\common files\arcsoft\mpeg engine\arcgetdatasample.ax"
+ "ArcPutDataSample" "ArcGetDataSample" "arcsoft" "c:\program files\common files\arcsoft\mpeg engine\arcputdatasample.ax"
+ "ArcSoft Deinterlace" "deinterlace" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\deinterlace.ax"
+ "Arcsoft DV Transition" "DV Transition Buffer" "Arcsoft" "c:\program files\common files\arcsoft\mpeg engine\dvtransition.ax"
+ "ArcSoft MPEG Audio Decoder" "ArcSoft Audio Decoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mpgaudio.ax"
+ "ArcSoft Mpeg Encoder Filter" "" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\arcmpegcodec.ax"
+ "ArcSoft Mpeg Mplex Filter" "MplexFilter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\arcmplexfilter.ax"
+ "Arcsoft Mpeg Mplex Filter" "MplexFilter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mplexfilter.ax"
+ "ArcSoft MPEG Splitter" "MPGSplitter Filter" "ArcSoft, Inc." "c:\program files\common files\arcsoft\mpeg engine\arcspl.ax"
+ "ArcSoft MPEG Video Decoder" "ArcSoft Mpeg Video Decoder Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mpgvideo.ax"
+ "Arcsoft Mpeg2Audio Encoder" "Mpeg2AudioEncoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mpeg2audioencoder.ax"
+ "ArcSoft Realtime Capture Encoder Filter" "Arc Real time Capture Encoder Filter" "Arcsoft" "c:\program files\common files\arcsoft\mpeg engine\arccaptureencoder.ax"
+ "Arcsoft Source Buffer Filter" "Device Source Buffer Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\srcbuffer.ax"
+ "ArcSoft TS Stream" "MPGSplitter Filter" "ArcSoft, Inc." "c:\program files\common files\arcsoft\mpeg engine\arctsspl.ax"
+ "ArcSoft VideoEffect" "Arcsoft Video Effect Filter 1.0" "Arcsoft Corporation" "c:\program files\common files\arcsoft\mpeg engine\arcvideoeffect.ax"
+ "Arcsoft WMV/ASF Splitter" "ArcWmvSpl" "Arcsoft, Inc." "c:\program files\common files\arcsoft\mpeg engine\arcwmvspl.ax"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CyberLink Audio Decoder (MD3)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\claud.ax"
+ "CyberLink Audio Effect (MD3)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\dell\mediadirect\kernel\movie\claudfx.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter (MD3)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer (MD3)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator (MD3)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter (MD3)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\clline21.ax"
+ "CyberLink MP3 Wrapper-PCM" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\music\clmp3wrap.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\video\clm1splter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\video\clm2splter.ax"
+ "Cyberlink SubTitle Importor (MD3)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (MD3)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\clauts.ax"
+ "CyberLink Video Effect (MD3)" "CLVidFx" "CyberLink" "c:\program files\dell\mediadirect\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder (MD3)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\movie\clvsd.ax"
+ "CyberLink Video/SP Decoder (ShEX)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\dell\mediadirect\kernel\video\climagevsd.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel Indeo® video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\system32\ivfsrc.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmwriter.ax"
+ "MainConcept (Adobe2) AAC Decoder" "AAC audio decoder filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2daac.ax"
+ "MainConcept (Adobe2) AAC Encoder" "AAC audio encoder filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2eaac.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2avcvd.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Nikon) MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG (Nikon)" "c:\program files\common files\nikon\mpeg\nikondsmpeg.ax"
+ "MainConcept (Nikon) MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG (Nikon)" "c:\program files\common files\nikon\mpeg\nikonesmpeg.ax"
+ "MainConcept (Nikon) MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG (Nikon)" "c:\program files\common files\nikon\mpeg\nikonspmpeg.ax"
+ "MainConcept (Nikon) MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG (Nikon)" "c:\program files\common files\nikon\mpeg\nikondsmpeg.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mediaanalyser.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee WAV Encoder" "mvWavEncoder Filter (Sample)" "Microsoft Corporation" "c:\program files\common files\muvee technologies\030625\mvwavenc.ax"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "PSI Parser" "" "" "c:\program files\roxio\videocore 9\psiparser.ax"
+ "QuickTime Source Filter" "QuickTimeSource Module" "" "c:\program files\common files\muvee technologies\030625\quicktimesource.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Roxio Audio Decoder (DVD)" "ROXIO Audio Decoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"
+ "ROXIO Audio Source 3.0" "VW Audio Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\audiosrc.ax"
+ "ROXIO Audio VCFChunker 3.0" "Chunker Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\chunker.ax"
+ "ROXIO Audio VCFLooper 3.0" "Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\looper.ax"
+ "ROXIO AudioConvert 3.0" "AudioConvert Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audconv.ax"
+ "ROXIO AudioGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO ColorSpace Converter 3.0" "ROXIO Color Space Converter" "Sonic Solutions" "c:\program files\roxio\videocore 9\colorspconv.dll"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "roxio DCFilters Audio Sync Filter 2" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Dragons Lair" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVD Muxer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Reader" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Splitter" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Mpeg I/II Decoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Smart Resizer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Subpicture Mixer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "ROXIO Deinterlace 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\deinter.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO Image/Colour Source 3.0" "Colour Frame Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\imagesource.ax"
+ "ROXIO ListImage Source 3.0" "ListFrameSource" "Sonic Solutions" "c:\program files\roxio\videocore 9\listimagesource.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\panzoom.ax"
+ "ROXIO Pin Tee" "" "" "c:\program files\roxio\videocore 9\roxioinftee.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "ROXIO QT Source" "QuickTime Loader" "Sonic Solutions" "c:\program files\roxio\videocore 9\qtsource.ax"
+ "ROXIO QuickGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenedetector.ax"
+ "ROXIO SceneRecorder 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"
+ "ROXIO Simple Dump 3.0" "Simple Dump Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\rxsimpledump.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAudioMixer 3.0" "AudioFlt Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audmf.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"
+ "ROXIO VCFLatency 3.0" "Latency Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\latency.ax"
+ "ROXIO VCFpeakmeter 3.0" "Peakmeter Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\peakmeter.ax"
+ "ROXIO VCFVideoCutList 3.0" "Video CutList Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vcutlist.ax"
+ "ROXIO VCFWaveform 1.0" "Waveform Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\waveform.ax"
+ "ROXIO Video Resampler 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vresamfilt.ax"
+ "ROXIO Video VCFLooper 3.0" "Video Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\vlooper.ax"
+ "ROXIO VideoCombine 3.0" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\videocombine.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "MGI Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\wavhead.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 9\mvwcdsutil.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Snapshot" "Arcsoft Snapshot Filter 1.0" "Arcsoft Corporation" "c:\program files\common files\arcsoft\mpeg engine\arcsnap.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MPEG Audio Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG Video Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc" "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"
+ "Sonic MPEG-4 Video Decoder" "Sonic Mpeg-4 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicm4vd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"
+ "Track1Filter" "" "" "c:\program files\adobe\photoshop elements 5.0\track1filter.dll"
+ "Track1Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files\adobe\elements organizer 8.0\track2filter.dll"
+ "Track2Filter" "" "" "c:\program files\adobe\photoshop elements 5.0\track2filter.dll"
+ "VCG Null Renderer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCG Video Mixer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCGImageSource" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VW Input Selector" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Input Selector 2" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}" "Roxio MP3 Encoder Dynamic Link Library" "Roxio" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}" "Roxio Audio Source Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiosource.ax"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}" "Roxio Audio Stream Reader Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamreader.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktopnetwork3.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP470 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm8u.dll"
+ "EPSON Stylus CX7400 Series 32MonitorBA" "EPSON Bi-directional Monitor" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_flbcda.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "Dell Wireless WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"







Cheers,
Jay

Edited by stagepuppy, 25 September 2012 - 09:44 AM.

  • 0

#6
stagepuppy
Posted 25 September 2012 - 11:57 AM

stagepuppy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I restarted the PC and the %providerid% reg entry was still there, so poking around I discovered that msconfig was set for a custom boot, and the reg entry for that included the %providerid% and reader_sl.exe files. After setting msconfig to boot normally, the I was able to remove the %proiderid% and reader_sl.exe from the startup hkeys.

None of the scans have indicated anything so far, and I was going to uninstall Super AntiSpyware to keep it from conflicting with MSE.

Does this alter what we have already done? Other than some unresponsiveness that is reduced from before, the system seems like it behaving better, MS updates seems to run now.
  • 0

#7
Amlak
Posted 25 September 2012 - 05:42 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, stagepuppy. As this is Vista we're talking about, I'm not really surprised that the unresponsiveness persists. Sometimes, there just isn't anything much to do about the lag other than to format and reinstall. How long is the unresponsiveness period? I'll see what else can be done about it. Also, any other issues?
  • 0

#8
stagepuppy
Posted 28 September 2012 - 11:09 AM

stagepuppy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hi Amlak,

Sorry about the delay replying, I'm in the midst of tech week for a show...

The PC's unresponsive period usually goes for about 3-4 minutes, but does die down afterwards. I was concerned because it was preventing network services from starting and the last time I saw that was on a PC infected with a rootkit. As of now, there have been no detections, and the %PROVIDERID% command that reappeared in the registry is due to the Dell Solutions Manager. I'm going to uninstall all of those types of programs in addition to Print Managers (I think 3 different types of printer imaging software) and report back.

Thanks,
Jay
  • 0

#9
Amlak
Posted 28 September 2012 - 05:39 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Yeah, 3-4 minutes is still a lot of time that needs to be reduced. Will await your next response.
  • 0

#10
stagepuppy
Posted 01 October 2012 - 12:22 PM

stagepuppy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hi Amlak,

I uninstalled the Dell Solutions Center as well a host of other non-essential services and it's still exhibiting the delay. I've even removed Adobe Reader, Java, and removed the PhotoshopElementsFileAgent.exe function to speed things up but it didn't have any effect. I'm guessing that this system is so screwed up after the infections, haphazard installations, and registry errors that it should be cleaned and reinstalled from scratch. I'll recommend to my friend that the files be backed up and then to install a fresh OS.

Jay
  • 0

#11
Amlak
Posted 01 October 2012 - 05:55 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, Jay. Thanks for responding. I think it's a fair decision. Let me know if you ever need any help with format and reinstall.

And if your friend insists that you not format and reinstall, I'll continue looking further into this. There might be something simple to fix this but can't be too sure.
  • 0

#12
Essexboy
Posted 12 October 2012 - 02:42 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP