Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

high pings, slow internet & slow pc, Java/Exploit?


  • Please log in to reply

#1
richclan

richclan

    Member

  • Member
  • PipPipPip
  • 180 posts
my isp tech support thinks i have a virus causing issues. my son brought back from college my laptop that was very infected and maybe it infected all of the other pc's here at home. i ran ESET and found some bad stuff, see below and thanks.

C:\Documents and Settings\Charles Carey\Local Settings\Temp\jar_cache7680937477751737118.tmp Java/Exploit.CVE-2012-1723.DT trojan
C:\Documents and Settings\Charles Carey\My Documents\Downloads\asc-setup(1).exe a variant of Win32/Toolbar.Widgi application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\asc-setup.exe a variant of Win32/Toolbar.Widgi application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\Brothersoft_downloader_For_KM_Software_DirectX_10.exe a variant of Win32/BSDownloader application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\cnet_Setup_FreeBurner_exe.exe a variant of Win32/InstallCore.D application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\gamebooster(1).exe a variant of Win32/Toolbar.Widgi application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\gamebooster(2).exe a variant of Win32/Toolbar.Widgi application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\gb3-setup(1).exe a variant of Win32/ELEX application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\gb3-setup.exe a variant of Win32/Toolbar.Widgi application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\KeyFinderInstaller.exe Win32/OpenCandy application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\sd2-setup220.exe a variant of Win32/Toolbar.Widgi application
C:\Documents and Settings\Charles Carey\My Documents\Downloads\Setup_FreeBurner.exe Win32/Toolbar.SearchSuite application
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Toolbar.Widgi application
C:\RECYCLER\S-1-5-21-3162243025-2914418921-482965129-1007\Dc56.exe a variant of Win32/AdInstaller application


otl

OTL logfile created on: 1/26/2013 2:25:06 PM - Run 7
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Charles Carey\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.42% Memory free
3.85 Gb Paging File | 3.36 Gb Available in Paging File | 87.18% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 43.99 Gb Free Space | 29.52% Space Free | Partition Type: NTFS
Drive F: | 39.10 Mb Total Space | 32.45 Mb Free Space | 83.00% Space Free | Partition Type: FAT
Drive G: | 966.72 Mb Total Space | 947.38 Mb Free Space | 98.00% Space Free | Partition Type: FAT32

Computer Name: DADSDELL | User Name: Charles Carey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/26 14:24:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Charles Carey\Desktop\OTL.exe
PRC - [2012/03/26 16:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/07/20 11:19:46 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/05/28 13:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2008/11/13 15:18:56 | 002,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
PRC - [2008/11/13 15:18:56 | 000,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\acs.exe
PRC - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () -- C:\CyberPower\ppped.exe


========== Modules (No Company Name) ==========

MOD - [2011/05/28 13:46:58 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\madexcept_.bpl
MOD - [2011/05/28 13:46:58 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\madbasic_.bpl
MOD - [2011/05/28 13:46:58 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\maddisAsm_.bpl
MOD - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\acs.exe
MOD - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () -- C:\CyberPower\ppped.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/03/26 16:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/07/20 11:19:46 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/05/28 13:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010/01/25 10:02:20 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009/04/26 13:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2008/11/13 15:18:56 | 002,405,776 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\acs.exe -- (ACS)
SRV - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () [Auto | Running] -- C:\CyberPower\ppped.exe -- (ppped)
SRV - [2003/03/03 13:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbVM31b.sys -- (ZSMC301b)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klif.sys -- (TSP)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\tpcdrdrv.sys -- (tpcdrdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\LHidFlt2.sys -- (LHidFlt2)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\lanscsiminiport.sys -- (lanscsiminiport)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\LanscsiBus.sys -- (LanscsiBus)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\CHARLE~1\LOCALS~1\Temp\hSONYPVh.sys -- (hSONYPVh)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\bcmwl5.sys -- (BCM43XX)
DRV - [2011/09/21 09:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cpuz135_x32.sys -- (cpuz135)
DRV - [2011/07/11 13:40:46 | 000,239,600 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/03/23 00:00:08 | 000,016,080 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 00:00:06 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2010/11/26 17:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/06 22:24:30 | 000,019,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/08/22 13:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\RivaTuner v2.24\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009/08/11 13:43:50 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nchssvad.sys -- (NCHSSVAD)
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 11:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042mou.Sys -- (L8042mou)
DRV - [2009/05/01 16:03:38 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/05/01 16:03:38 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2008/11/13 15:19:00 | 000,353,680 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\vsdatant.sys -- (vsdatant)
DRV - [2008/04/21 07:19:58 | 000,051,648 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2007/01/23 15:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006/05/10 08:56:26 | 000,036,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006/04/25 17:30:40 | 000,469,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311T13.sys -- (AR5211)
DRV - [2005/03/02 14:26:02 | 000,018,560 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\x10ufx2.sys -- (XUIF)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2004/08/04 00:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 00:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 00:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 00:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 00:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 00:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 00:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 00:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 00:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 00:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/10/28 15:17:52 | 000,005,273 | ---- | M] (Arrowkey) [Kernel | Auto | Running] -- C:\Program Files\321Studios\Shared\CDRPDACC.SYS -- (CDRPDACC)
DRV - [2003/03/18 14:55:04 | 000,046,248 | ---- | M] (Crescentec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CsMini20.sys -- (DCamUSB20)
DRV - [2003/02/27 17:36:04 | 000,090,852 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/01/17 20:36:02 | 000,424,127 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\snyucam4.sys -- (DCamUSBSony4)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/11/11 16:52:58 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/11/05 15:56:48 | 000,012,692 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cresscan.sys -- (Usb20Scan)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://www.searchqu....q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/421
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{06A26EB0-0041-46FC-85F4-B733CE0570CD}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{74EA43EB-373B-48C9-A2D3-B1EB32CD68C3}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.jeepforum.com/"
FF - prefs.js..extensions.enabledAddons: %7BC0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51%7D:2.3.54
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.3.54
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.yahoo....type=382950&p="
FF - prefs.js..network.proxy.no_proxies_on: "localhost"
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPCShowPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/03/07 19:27:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 10:52:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 00:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/19 00:22:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/03/07 19:27:20 | 000,000,000 | ---D | M]

[2012/10/25 10:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Extensions
[2009/08/04 12:29:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Extensions\[email protected]
[2013/01/26 00:22:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions
[2010/02/11 10:08:51 | 000,000,000 | ---D | M] (Answers) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2008/02/07 11:18:38 | 000,000,000 | ---D | M] (Game-Monitor Extension) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{DEDDA510-573D-44d9-BF81-F85C3FA1FE54}(2)
[2010/02/11 15:59:35 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2008/02/07 11:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\temp
[2010/09/19 12:45:23 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\[email protected]
[2013/01/26 00:22:45 | 000,242,136 | ---- | M] () (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011/09/13 12:35:45 | 000,002,503 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\searchplugins\SearchResults.xml
[2013/01/19 00:22:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/01/19 00:22:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/01/19 00:22:01 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\[email protected](2).org
[2012/01/11 10:52:44 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/01/19 00:22:16 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2002/09/27 07:59:00 | 000,090,112 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NpPopup.dll
[2012/08/29 10:58:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/13 12:35:45 | 000,002,503 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012/10/12 23:04:23 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: AmericanGreetings.com Popup Plugin 1.0.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpPopup.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16260 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2010/03/16 13:19:08 | 000,610,419 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 data2.activshopper.com #[Trackware.ActivShopper]
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 127.0.0.1 ads.ad2games.com
O1 - Hosts: 16151 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: cars.com ([siy] https in Trusted sites)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zon...ry/msgrchkr.cab (Checkers Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.us.de...iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab28578.cab (MessengerStatsClient Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....204&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://pcpitstop.com...cpConnCheck.cab (iCC Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} http://207.188.7.150...ip/RdxIE601.cab (RdxIE Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1262649780406 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1262649770265 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zon...StatsClient.cab (MessengerStatsClient Class)
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} http://toolbar.googl...gleActivate.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://messenger.zon...ry/ZAxRcMgr.cab (ZoneAxRcMgr Class)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcp...ols/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} http://www.microsoft.../20/SassCln.CAB (SassCln Object)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab28578.cab (ZoneIntro Class)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://www.imgag.com...tall/AxCtp2.cab (Create & Print ActiveX Plug-in)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zon...ot.cab28578.cab (CBreakshotControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave...aploader_v5.cab (Reg Error: Value error.)
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} http://www.shockwave...ownloadCtrl.cab (BTDownloadCtrl Control)
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zon...ireShowdown.cab (Solitaire Showdown Class)
O16 - DPF: DirectAnimation Java Classes file://c:\I386\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://c:\I386\xmldso.cab (Reg Error: Key error.)
O16 - DPF: PackageCab http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://www2.verizon....vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A541BE98-85DC-437C-82E2-3EBAF83AD596}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Eudora mail\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 08:59:58 | 000,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/04/15 15:49:10 | 000,000,398 | ---- | M] () - F:\AUTOEXEC.UP -- [ FAT ]
O32 - AutoRun File - [2003/04/15 15:49:10 | 000,000,398 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/26 14:24:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Charles Carey\Desktop\OTL.exe
[2013/01/23 15:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Application Data\wsInspector
[2013/01/23 15:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\My Documents\wsInspector
[2013/01/23 15:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Startup Inspector for Windows
[2013/01/23 15:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup Inspector for Windows
[2013/01/19 00:22:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/16 12:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/15 21:47:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/15 21:47:41 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/15 21:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/15 21:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\Revo Uninstaller
[2013/01/15 21:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Start Menu\Programs\Revo Uninstaller

========== Files - Modified Within 30 Days ==========

[2013/01/26 14:24:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Charles Carey\Desktop\OTL.exe
[2013/01/26 14:20:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/26 14:11:01 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA.job
[2013/01/26 13:58:49 | 000,138,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013/01/26 12:52:18 | 000,348,373 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2013/01/26 12:51:59 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1caf3eebc635d38.job
[2013/01/26 12:51:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2013/01/26 12:51:39 | 2146,488,320 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/26 00:11:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core.job
[2013/01/24 12:18:04 | 000,002,367 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/23 15:24:48 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\Startup Inspector for Windows.lnk
[2013/01/23 00:17:11 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Charles Carey\My Documents\resume1.pub
[2013/01/23 00:17:11 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\resume1.pub
[2013/01/15 21:47:43 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/15 21:27:57 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/15 21:23:33 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\Revo Uninstaller.lnk
[2013/01/14 11:42:28 | 013,462,931 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\mbar-1.01.0.1016.zip
[2013/01/12 21:35:34 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/12/30 12:04:49 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Application Data\AVSMediaPlayer.m3u

========== Files Created - No Company Name ==========

[2013/01/23 15:24:48 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\Startup Inspector for Windows.lnk
[2013/01/23 00:20:30 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\resume1.pub
[2013/01/15 21:47:43 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/15 21:27:57 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/15 21:27:57 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/15 21:23:33 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\Revo Uninstaller.lnk
[2013/01/14 11:42:20 | 013,462,931 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\mbar-1.01.0.1016.zip
[2012/08/07 18:04:05 | 000,000,236 | ---- | C] () -- C:\Program Files\Common Files\dx.reg
[2012/08/07 18:04:03 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2012/08/07 18:04:03 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll
[2012/08/07 18:04:03 | 000,716,153 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2012/08/07 18:04:03 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll
[2012/08/07 18:04:03 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll
[2012/08/07 18:04:03 | 000,002,937 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2011/09/13 12:35:41 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011/09/13 09:36:54 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/09/13 09:36:53 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/08/13 12:55:53 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/17 08:40:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\{A9519275-C8CC-4D3F-B470-52419ACD6894}
[2011/02/13 22:46:54 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/02/13 22:46:49 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/02/13 22:46:49 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/02/13 22:46:38 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/06/11 11:46:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\AVSMediaPlayer.m3u
[2009/01/08 10:44:56 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\PFP110JPR.{PB
[2009/01/08 10:44:56 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\PFP110JCM.{PB
[2006/08/22 19:24:23 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2004/12/05 07:49:59 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\fusioncache.dat
[2004/05/05 17:51:29 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2003/08/08 12:10:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A14D0C2
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D158BAF9

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
Download the adwCleaner

  • Run the Tool
    Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select the option
    Posted Image
  • Select the Delete button.
  • When the scan completes, it will open a notepad windows.
  • Please, copy the content of this file in your next reply.


Download aswMBR.exe to your desktop.
Double click aswMBR.exe
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Double click on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe and to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Go to http://www.speedtest.net/ and click on Begin Test

When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v

Ron
  • 0

#3
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
thanks ron
here are all the results / logs

# AdwCleaner v2.109 - Logfile created 02/01/2013 at 20:26:13
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Charles Carey - DADSDELL
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Charles Carey\Desktop\Removal tools\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\searchplugins\SearchResults.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
Folder Deleted : C:\DOCUME~1\CHARLE~1\LOCALS~1\Temp\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Charles Carey\Application Data\searchquband
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Program Files\Windows Searchqu Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchqu.com/421 --> hxxp://www.google.com

-\\ Mozilla Firefox v5.0 (en-US)

File : C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\prefs.js

C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\user.js ... Deleted !

Deleted : user_pref("vshare.install.date", "1284854400000");
Deleted : user_pref("vshare.install.finished", "1.0.0");
Deleted : user_pref("vshare.install.guid", "{357ab83e-8b79-4d41-aaa0-dd4a1b785efc}");
Deleted : user_pref("vshare.install.isHidden", true);
Deleted : user_pref("vshare.install.laststatreq", "1305676800000");
Deleted : user_pref("vshare.install.newtab", false);

File : C:\Documents and Settings\Cin\Application Data\Mozilla\Firefox\Profiles\oqq1y7zf.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Administrator.DELL\Application Data\Mozilla\Firefox\Profiles\rs52iq1h.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4263 octets] - [01/02/2013 20:26:13]

########## EOF - C:\AdwCleaner[S1].txt - [4323 octets] ##########


111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-01 20:35:18
-----------------------------
20:35:18.609 OS Version: Windows 5.1.2600 Service Pack 3
20:35:18.609 Number of processors: 1 586 0x209
20:35:18.609 ComputerName: DADSDELL UserName:
20:35:22.765 Initialize success
20:41:17.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:41:17.203 Disk 0 Vendor: WDC_WD1600AAJB-00PVA0 00.07H00 Size: 152627MB BusType: 3
20:41:17.234 Disk 0 MBR read successfully
20:41:17.234 Disk 0 MBR scan
20:41:17.234 Disk 0 unknown MBR code
20:41:17.234 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 39 MB offset 63
20:41:17.234 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152586 MB offset 80325
20:41:17.250 Disk 0 scanning sectors +312576642
20:41:17.328 Disk 0 scanning C:\WINDOWS\system32\drivers
20:41:34.109 Service scanning
20:41:56.703 Service vsdatant C:\WINDOWS\System32\vsdatant.sys **LOCKED** 32
20:41:58.156 Modules scanning
20:42:07.156 Scan finished successfully
20:42:41.140 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Charles Carey\Desktop\Removal tools\MBR.dat"
20:42:41.140 The log file has been saved successfully to "C:\Documents and Settings\Charles Carey\Desktop\Removal tools\aswMBR.txt"


2222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222



ComboFix 13-02-01.04 - Charles Carey 02/01/2013 21:02:01.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1629 [GMT -5:00]
Running from: c:\documents and settings\Charles Carey\Desktop\Removal tools\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {804E5358-FFA4-00FB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00DB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00FE-0D24-347CA8A3377C}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator.DELL\WINDOWS
c:\documents and settings\All Users\Application Data\DragToDiscUserNameE.txt
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Charles Carey\Application Data\.#
c:\documents and settings\Charles Carey\WINDOWS
c:\documents and settings\Cin\WINDOWS
c:\documents and settings\Default User\WINDOWS
C:\install.exe
C:\SETUP.EXE
c:\windows\cres1100.exe
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\dwmapi.dllllllllllllll
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-01-02 to 2013-02-02 )))))))))))))))))))))))))))))))
.
.
2013-01-28 15:39 . 2012-05-08 23:35 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-01-28 15:39 . 2010-11-26 23:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-01-27 03:20 . 2013-01-27 03:20 -------- d-----w- c:\documents and settings\Charles Carey\Local Settings\Application Data\Sun
2013-01-27 03:16 . 2013-01-27 03:16 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit
2013-01-26 21:49 . 2013-01-26 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-01-26 21:49 . 2013-01-26 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-01-26 21:47 . 2013-01-26 21:46 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-26 21:47 . 2013-01-26 21:46 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-23 20:29 . 2013-01-26 17:53 -------- d-----w- c:\documents and settings\Charles Carey\Application Data\wsInspector
2013-01-23 20:24 . 2013-01-23 20:25 -------- d-----w- c:\program files\Startup Inspector for Windows
2013-01-16 17:50 . 2013-01-16 17:50 -------- d-----w- c:\program files\ESET
2013-01-16 02:47 . 2013-01-16 02:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-16 02:47 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 02:23 . 2013-01-26 21:35 -------- d-----w- c:\program files\Revo Uninstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-31 04:08 . 2007-07-26 21:39 138376 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-01-31 04:08 . 2007-07-26 21:38 202448 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-26 21:46 . 2010-04-28 15:43 780192 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2008-03-09 11:25 . 2012-08-07 23:04 236 ----a-w- c:\program files\Common Files\dx.reg
2013-01-19 05:22 . 2013-01-19 05:22 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
2007-06-13 14:26 73728 ----a-w- c:\windows\SYSTEM32\VirtualExpander\VEShellExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-12-25 4474832]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\eudora mail\EuShlExt.dll" [2005-08-09 86016]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Charles Carey^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Charles Carey\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD_SRT]
c:\program files\Western Digital Technologies\WD Win98 SE USB Disk Driver [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2003-02-27 11:04 114688 ------w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2012-11-30 02:06 1263512 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry]
2002-08-14 23:22 28672 ----a-w- c:\windows\SYSTEM32\DSentry.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 04:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 21:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2004-04-14 19:04 40960 ------w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2009-06-01 18:51 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-08 00:56 13880424 ----a-w- c:\windows\SYSTEM32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-08 00:56 111208 ----a-w- c:\windows\SYSTEM32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2004-04-14 18:46 57393 ------w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
2003-01-09 14:21 253952 ------w- c:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2003-01-13 15:19 757760 ------w- c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
2004-01-02 00:09 65536 ------w- c:\program files\Common Files\Roxio Shared\System\EngUtil.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmaTel StacMon]
2003-03-26 22:19 45056 ------w- c:\program files\SigmaTel\C-Major Audio\stacmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-10-14 14:22 155648 ------r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 14:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]
2009-03-25 16:31 339968 ----a-w- c:\windows\SYSTEM32\WDBtnMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNUtil.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNTray.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNCfg.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNUpdate.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\SmartFTP Client 2.0\\SmartFTP.exe"=
"c:\\Battlefield 2\\BF2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqdstcp.exe"=
"c:\\Program Files\\321Studios\\Platinum\\BugTool.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{FA0F0A01-4631-4161-A6C2-948BF694382E}\\setup\\hpznui01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9220:TCP"= 9220:TCP:9220
"161:UDP"= 161:UDP:161
"427:UDP"= 427:UDP:427
"9500:TCP"= 9500:TCP:9500
"9290:TCP"= 9290:TCP:9290
"139:UDP"= 139:UDP:139
"137:TCP"= 137:TCP:137
"9100:TCP"= 9100:TCP:9100
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\SYSTEM32\DRIVERS\SmartDefragDriver.sys [1/28/2013 10:39 AM 14776]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [1/26/2013 4:49 PM 465216]
R2 cpuz135;cpuz135;c:\windows\SYSTEM32\DRIVERS\cpuz135_x32.sys [3/27/2012 12:36 PM 21992]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [1/28/2013 10:38 AM 821592]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\SYSTEM32\DRIVERS\Pcouffin.sys [2/22/2004 6:34 AM 34528]
S0 tpcdrdrv;tpcdrdrv;c:\windows\system32\DRIVERS\tpcdrdrv.sys --> c:\windows\system32\DRIVERS\tpcdrdrv.sys [?]
S3 DCamUSB20;AVerDVD EZMaker USB 2.0 Video Capture;c:\windows\SYSTEM32\DRIVERS\CsMini20.sys [3/18/2003 2:55 PM 46248]
S3 DCamUSBSony4;Sony Visual Communication Camera;c:\windows\SYSTEM32\DRIVERS\snyucam4.sys [6/2/2004 3:36 PM 424127]
S3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [1/28/2013 10:38 AM 246816]
S3 LanscsiBus;Lanscsi Bus Enumerator;c:\windows\system32\DRIVERS\LanscsiBus.sys --> c:\windows\system32\DRIVERS\LanscsiBus.sys [?]
S3 lanscsiminiport;Lanscsi SCSI Miniport Driver for NetDisk;c:\windows\system32\DRIVERS\lanscsiminiport.sys --> c:\windows\system32\DRIVERS\lanscsiminiport.sys [?]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [1/29/2011 5:39 PM 19056]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [1/28/2013 10:38 AM 30408]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [1/28/2013 10:38 AM 16248]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [5/27/2010 8:26 AM 90352]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
getPlusHelper REG_MULTI_SZ getPlusHelper
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1caf3eebc635d38.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 17:17]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 17:17]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core.job
- c:\documents and settings\Charles Carey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-07 19:51]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA.job
- c:\documents and settings\Charles Carey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-07 19:51]
.
2013-02-02 c:\windows\Tasks\SmartDefragUpdate.job
- c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-01-28 16:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.dellnet.com/
uInternet Settings,ProxyOverride = localhost
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
Trusted Zone: cars.com\siy
TCP: DhcpNameServer = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\i386\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\i386\xmldso.cab
DPF: PackageCab - hxxp://ak.imgag.com/imgag/cp/install/AxCtp2.cab
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/dsl_settings/include/vzTCPConfig.CAB
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
FF - ProfilePath - c:\documents and settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.jeepforum.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-01-29 12:47; {45d8ff86-d909-11db-9705-005056c00008}; c:\documents and settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF - ExtSQL: !HIDDEN! 2010-03-07 19:27; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Notify-AtiExtEvent - (no file)
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
MSConfigStartUp-wltray - (no file)
MSConfigStartUp-zBrowser Launcher - c:\logitech\Keyboard\iTouch\iTouch.exe
AddRemove-Adobe Acrobat Reader 3.01 - c:\acrobat3\Reader\DeIsL1.isu
AddRemove-HyperLoad - c:\program files\Nabisco\HyperLoad\Uninst.isu
.
.
.
**************************************************************************
.
disk not found C:\
.
please note that you need administrator rights to perform deep scan
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
Completion time: 2013-02-01 21:12:20
ComboFix-quarantined-files.txt 2013-02-02 02:12
.
Pre-Run: 49,551,638,528 bytes free
Post-Run: 49,859,649,536 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 953C616EA805FFE9ACD07874A01AF4FD


33333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.26.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Charles Carey :: DADSDELL [administrator]

2/1/2013 9:22:49 PM
mbam-log-2013-02-01 (21-22-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 277824
Time elapsed: 4 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


44444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444

21:16:44.0859 0920 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:16:45.0031 0920 ============================================================
21:16:45.0031 0920 Current date / time: 2013/02/01 21:16:45.0031
21:16:45.0031 0920 SystemInfo:
21:16:45.0031 0920
21:16:45.0031 0920 OS Version: 5.1.2600 ServicePack: 3.0
21:16:45.0031 0920 Product type: Workstation
21:16:45.0031 0920 ComputerName: DADSDELL
21:16:45.0031 0920 UserName: Charles Carey
21:16:45.0031 0920 Windows directory: C:\WINDOWS
21:16:45.0031 0920 System windows directory: C:\WINDOWS
21:16:45.0031 0920 Processor architecture: Intel x86
21:16:45.0031 0920 Number of processors: 1
21:16:45.0031 0920 Page size: 0x1000
21:16:45.0031 0920 Boot type: Normal boot
21:16:45.0031 0920 ============================================================
21:16:46.0937 0920 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:16:47.0046 0920 Drive \Device\Harddisk1\DR3 - Size: 0x3C8C0000 (0.95 Gb), SectorSize: 0x200, Cylinders: 0x7B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:16:47.0046 0920 ============================================================
21:16:47.0046 0920 \Device\Harddisk0\DR0:
21:16:47.0093 0920 MBR partitions:
21:16:47.0093 0920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x12A050BD
21:16:47.0093 0920 \Device\Harddisk1\DR3:
21:16:47.0093 0920 MBR partitions:
21:16:47.0093 0920 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0xF9, BlocksNum 0x1E4507
21:16:47.0093 0920 ============================================================
21:16:47.0093 0920 Initialize success
21:16:47.0093 0920 ============================================================
21:17:00.0812 1500 ============================================================
21:17:00.0812 1500 Scan started
21:17:00.0812 1500 Mode: Manual;
21:17:00.0812 1500 ============================================================
21:17:00.0812 1500 ================ Scan system memory ========================
21:17:00.0812 1500 System memory - ok
21:17:00.0812 1500 ================ Scan services =============================
21:17:00.0843 1500 Abiosdsk - ok
21:17:00.0843 1500 abp480n5 - ok
21:17:00.0859 1500 ACPI - ok
21:17:00.0875 1500 ACPIEC - ok
21:17:00.0875 1500 ACS - ok
21:17:00.0890 1500 adpu160m - ok
21:17:00.0906 1500 AdvancedSystemCareService6 - ok
21:17:00.0906 1500 aeaudio - ok
21:17:00.0921 1500 aec - ok
21:17:00.0937 1500 AegisP - ok
21:17:00.0937 1500 Afc - ok
21:17:00.0953 1500 AFD - ok
21:17:00.0953 1500 agp440 - ok
21:17:00.0968 1500 agpCPQ - ok
21:17:00.0984 1500 Aha154x - ok
21:17:00.0984 1500 aic78u2 - ok
21:17:01.0000 1500 aic78xx - ok
21:17:01.0015 1500 Alerter - ok
21:17:01.0015 1500 ALG - ok
21:17:01.0031 1500 AliIde - ok
21:17:01.0046 1500 alim1541 - ok
21:17:01.0046 1500 amdagp - ok
21:17:01.0062 1500 amsint - ok
21:17:01.0078 1500 ApfiltrService - ok
21:17:01.0078 1500 AppMgmt - ok
21:17:01.0093 1500 AR5211 - ok
21:17:01.0109 1500 asc - ok
21:17:01.0109 1500 asc3350p - ok
21:17:01.0125 1500 asc3550 - ok
21:17:01.0156 1500 aspnet_state - ok
21:17:01.0156 1500 AsyncMac - ok
21:17:01.0171 1500 atapi - ok
21:17:01.0187 1500 Atdisk - ok
21:17:01.0203 1500 Atmarpc - ok
21:17:01.0203 1500 AudioSrv - ok
21:17:01.0218 1500 audstub - ok
21:17:01.0234 1500 BCM43XX - ok
21:17:01.0234 1500 BCMModem - ok
21:17:01.0250 1500 Beep - ok
21:17:01.0265 1500 BITS - ok
21:17:01.0265 1500 Brother XP spl Service - ok
21:17:01.0281 1500 Browser - ok
21:17:01.0296 1500 catchme - ok
21:17:01.0312 1500 cbidf - ok
21:17:01.0312 1500 cbidf2k - ok
21:17:01.0328 1500 CCDECODE - ok
21:17:01.0328 1500 cd20xrnt - ok
21:17:01.0343 1500 Cdaudio - ok
21:17:01.0359 1500 Cdfs - ok
21:17:01.0375 1500 Cdr4_xp - ok
21:17:01.0375 1500 Cdralw2k - ok
21:17:01.0390 1500 Cdrom - ok
21:17:01.0406 1500 CDRPDACC - ok
21:17:01.0406 1500 cdudf_xp - ok
21:17:01.0421 1500 Changer - ok
21:17:01.0421 1500 CiSvc - ok
21:17:01.0437 1500 ClipSrv - ok
21:17:01.0453 1500 clr_optimization_v2.0.50727_32 - ok
21:17:01.0453 1500 CmdIde - ok
21:17:01.0468 1500 Compbatt - ok
21:17:01.0484 1500 COMSysApp - ok
21:17:01.0500 1500 Cpqarray - ok
21:17:01.0515 1500 cpuz135 - ok
21:17:01.0515 1500 Creative Service for CDROM Access - ok
21:17:01.0546 1500 CryptSvc - ok
21:17:01.0546 1500 dac2w2k - ok
21:17:01.0562 1500 dac960nt - ok
21:17:01.0578 1500 DCamUSB20 - ok
21:17:01.0578 1500 DCamUSBSony4 - ok
21:17:01.0593 1500 DcomLaunch - ok
21:17:01.0609 1500 Dhcp - ok
21:17:01.0609 1500 Disk - ok
21:17:01.0625 1500 dmadmin - ok
21:17:01.0640 1500 dmboot - ok
21:17:01.0640 1500 dmio - ok
21:17:01.0656 1500 dmload - ok
21:17:01.0671 1500 dmserver - ok
21:17:01.0671 1500 DMusic - ok
21:17:01.0687 1500 Dnscache - ok
21:17:01.0703 1500 Dot3svc - ok
21:17:01.0703 1500 dpti2o - ok
21:17:01.0718 1500 drmkaud - ok
21:17:01.0734 1500 dvd_2K - ok
21:17:01.0734 1500 E100B - ok
21:17:01.0750 1500 EapHost - ok
21:17:01.0781 1500 EL90XBC - ok
21:17:01.0781 1500 ERSvc - ok
21:17:01.0796 1500 Eventlog - ok
21:17:01.0812 1500 EventSystem - ok
21:17:01.0828 1500 Fastfat - ok
21:17:01.0843 1500 FastUserSwitchingCompatibility - ok
21:17:01.0843 1500 Fax - ok
21:17:01.0859 1500 Fdc - ok
21:17:01.0875 1500 FileMonitor - ok
21:17:01.0875 1500 Fips - ok
21:17:01.0890 1500 Flpydisk - ok
21:17:01.0906 1500 FltMgr - ok
21:17:01.0921 1500 Fs_Rec - ok
21:17:01.0921 1500 Ftdisk - ok
21:17:01.0937 1500 getPlusHelper - ok
21:17:01.0953 1500 Gpc - ok
21:17:01.0953 1500 gupdate - ok
21:17:01.0968 1500 gupdatem - ok
21:17:01.0984 1500 helpsvc - ok
21:17:02.0000 1500 HidServ - ok
21:17:02.0000 1500 HidUsb - ok
21:17:02.0015 1500 hkmsvc - ok
21:17:02.0031 1500 hpn - ok
21:17:02.0031 1500 hpqcxs08 - ok
21:17:02.0046 1500 hpqddsvc - ok
21:17:02.0062 1500 HPSLPSVC - ok
21:17:02.0078 1500 HPZid412 - ok
21:17:02.0078 1500 HPZipr12 - ok
21:17:02.0093 1500 HPZius12 - ok
21:17:02.0109 1500 hSONYPVh - ok
21:17:02.0109 1500 HTTP - ok
21:17:02.0125 1500 HTTPFilter - ok
21:17:02.0140 1500 i2omgmt - ok
21:17:02.0140 1500 i2omp - ok
21:17:02.0156 1500 i8042prt - ok
21:17:02.0171 1500 i81x - ok
21:17:02.0171 1500 iAimFP0 - ok
21:17:02.0187 1500 iAimFP1 - ok
21:17:02.0203 1500 iAimFP2 - ok
21:17:02.0203 1500 iAimFP3 - ok
21:17:02.0218 1500 iAimFP4 - ok
21:17:02.0234 1500 iAimTV0 - ok
21:17:02.0234 1500 iAimTV1 - ok
21:17:02.0250 1500 iAimTV2 - ok
21:17:02.0265 1500 iAimTV3 - ok
21:17:02.0265 1500 iAimTV4 - ok
21:17:02.0281 1500 Imapi - ok
21:17:02.0296 1500 ImapiService - ok
21:17:02.0312 1500 IMFservice - ok
21:17:02.0328 1500 ini910u - ok
21:17:02.0343 1500 IntelIde - ok
21:17:02.0343 1500 intelppm - ok
21:17:02.0359 1500 Ip6Fw - ok
21:17:02.0375 1500 IpFilterDriver - ok
21:17:02.0375 1500 IpInIp - ok
21:17:02.0390 1500 IpNat - ok
21:17:02.0406 1500 IPSec - ok
21:17:02.0406 1500 IRENUM - ok
21:17:02.0421 1500 isapnp - ok
21:17:02.0437 1500 JavaQuickStarterService - ok
21:17:02.0437 1500 Kbdclass - ok
21:17:02.0453 1500 KLIF - ok
21:17:02.0468 1500 kmixer - ok
21:17:02.0468 1500 KSecDD - ok
21:17:02.0484 1500 L8042Kbd - ok
21:17:02.0500 1500 L8042mou - ok
21:17:02.0500 1500 lanmanserver - ok
21:17:02.0515 1500 lanmanworkstation - ok
21:17:02.0531 1500 LanscsiBus - ok
21:17:02.0531 1500 lanscsiminiport - ok
21:17:02.0546 1500 lbrtfdc - ok
21:17:02.0562 1500 LHidFilt - ok
21:17:02.0578 1500 LHidFlt2 - ok
21:17:02.0578 1500 LHidUsbK - ok
21:17:02.0593 1500 LmHosts - ok
21:17:02.0609 1500 LMouFilt - ok
21:17:02.0625 1500 LMouKE - ok
21:17:02.0625 1500 LUsbFilt - ok
21:17:02.0640 1500 MDM - ok
21:17:02.0656 1500 Messenger - ok
21:17:02.0656 1500 Microsoft Office Groove Audit Service - ok
21:17:02.0671 1500 mmc_2K - ok
21:17:02.0687 1500 mnmdd - ok
21:17:02.0687 1500 mnmsrvc - ok
21:17:02.0703 1500 Modem - ok
21:17:02.0718 1500 MODEMCSA - ok
21:17:02.0718 1500 Mouclass - ok
21:17:02.0734 1500 mouhid - ok
21:17:02.0734 1500 MountMgr - ok
21:17:02.0750 1500 mraid35x - ok
21:17:02.0765 1500 MRxDAV - ok
21:17:02.0765 1500 MRxSmb - ok
21:17:02.0781 1500 MSDTC - ok
21:17:02.0796 1500 Msfs - ok
21:17:02.0812 1500 MSIServer - ok
21:17:02.0812 1500 MSKSSRV - ok
21:17:02.0828 1500 MSPCLOCK - ok
21:17:02.0843 1500 MSPQM - ok
21:17:02.0843 1500 mssmbios - ok
21:17:02.0859 1500 MSTEE - ok
21:17:02.0875 1500 Mup - ok
21:17:02.0875 1500 NABTSFEC - ok
21:17:02.0906 1500 napagent - ok
21:17:02.0921 1500 NCHSSVAD - ok
21:17:02.0937 1500 NDIS - ok
21:17:02.0937 1500 NdisIP - ok
21:17:02.0953 1500 NdisTapi - ok
21:17:02.0968 1500 Ndisuio - ok
21:17:02.0968 1500 NdisWan - ok
21:17:02.0984 1500 NDProxy - ok
21:17:03.0000 1500 Net Driver HPZ12 - ok
21:17:03.0000 1500 NetBIOS - ok
21:17:03.0015 1500 NetBT - ok
21:17:03.0031 1500 NetDDE - ok
21:17:03.0031 1500 NetDDEdsdm - ok
21:17:03.0046 1500 Netlogon - ok
21:17:03.0062 1500 Netman - ok
21:17:03.0062 1500 NetSvc - ok
21:17:03.0078 1500 Nla - ok
21:17:03.0093 1500 Npfs - ok
21:17:03.0093 1500 Ntfs - ok
21:17:03.0109 1500 NtLmSsp - ok
21:17:03.0125 1500 NtmsSvc - ok
21:17:03.0125 1500 Null - ok
21:17:03.0140 1500 nv - ok
21:17:03.0156 1500 nvsvc - ok
21:17:03.0156 1500 NwlnkFlt - ok
21:17:03.0171 1500 NwlnkFwd - ok
21:17:03.0187 1500 odserv - ok
21:17:03.0187 1500 omci - ok
21:17:03.0203 1500 ose - ok
21:17:03.0218 1500 P3 - ok
21:17:03.0234 1500 Parport - ok
21:17:03.0234 1500 PartMgr - ok
21:17:03.0250 1500 ParVdm - ok
21:17:03.0265 1500 pbfilter - ok
21:17:03.0265 1500 PCI - ok
21:17:03.0281 1500 PCIDump - ok
21:17:03.0281 1500 PCIIde - ok
21:17:03.0296 1500 Pcmcia - ok
21:17:03.0312 1500 Pcouffin - ok
21:17:03.0328 1500 PCPitstop Scheduling - ok
21:17:03.0328 1500 PDCOMP - ok
21:17:03.0343 1500 PDFRAME - ok
21:17:03.0359 1500 PDRELI - ok
21:17:03.0359 1500 PDRFRAME - ok
21:17:03.0375 1500 perc2 - ok
21:17:03.0390 1500 perc2hib - ok
21:17:03.0421 1500 pfc - ok
21:17:03.0421 1500 PlugPlay - ok
21:17:03.0437 1500 Pml Driver HPZ12 - ok
21:17:03.0453 1500 PnkBstrA - ok
21:17:03.0453 1500 PnkBstrB - ok
21:17:03.0468 1500 Point32 - ok
21:17:03.0468 1500 PolicyAgent - ok
21:17:03.0484 1500 ppped - ok
21:17:03.0500 1500 PptpMiniport - ok
21:17:03.0500 1500 Processor - ok
21:17:03.0515 1500 ProtectedStorage - ok
21:17:03.0531 1500 PSched - ok
21:17:03.0531 1500 Ptilink - ok
21:17:03.0546 1500 pwd_2k - ok
21:17:03.0562 1500 PxHelp20 - ok
21:17:03.0562 1500 ql1080 - ok
21:17:03.0578 1500 Ql10wnt - ok
21:17:03.0593 1500 ql12160 - ok
21:17:03.0609 1500 ql1240 - ok
21:17:03.0609 1500 ql1280 - ok
21:17:03.0625 1500 RasAcd - ok
21:17:03.0640 1500 RasAuto - ok
21:17:03.0640 1500 Rasl2tp - ok
21:17:03.0656 1500 RasMan - ok
21:17:03.0671 1500 RasPppoe - ok
21:17:03.0671 1500 Raspti - ok
21:17:03.0687 1500 Rdbss - ok
21:17:03.0703 1500 RDPCDD - ok
21:17:03.0718 1500 rdpdr - ok
21:17:03.0734 1500 RDPWD - ok
21:17:03.0734 1500 RDSessMgr - ok
21:17:03.0750 1500 redbook - ok
21:17:03.0765 1500 RegFilter - ok
21:17:03.0765 1500 RemoteAccess - ok
21:17:03.0781 1500 RivaTuner32 - ok
21:17:03.0796 1500 RpcLocator - ok
21:17:03.0812 1500 RpcSs - ok
21:17:03.0812 1500 RSVP - ok
21:17:03.0828 1500 SamSs - ok
21:17:03.0843 1500 SCardSvr - ok
21:17:03.0843 1500 Schedule - ok
21:17:03.0859 1500 Secdrv - ok
21:17:03.0875 1500 seclogon - ok
21:17:03.0890 1500 SENS - ok
21:17:03.0890 1500 serenum - ok
21:17:03.0906 1500 Serial - ok
21:17:03.0921 1500 Sfloppy - ok
21:17:03.0921 1500 SharedAccess - ok
21:17:03.0937 1500 ShellHWDetection - ok
21:17:03.0953 1500 Simbad - ok
21:17:03.0953 1500 sisagp - ok
21:17:03.0968 1500 SLIP - ok
21:17:03.0984 1500 SmartDefragDriver - ok
21:17:04.0000 1500 smwdm - ok
21:17:04.0015 1500 Sparrow - ok
21:17:04.0015 1500 splitter - ok
21:17:04.0031 1500 Spooler - ok
21:17:04.0046 1500 sr - ok
21:17:04.0046 1500 srescan - ok
21:17:04.0062 1500 srservice - ok
21:17:04.0078 1500 Srv - ok
21:17:04.0078 1500 SSDPSRV - ok
21:17:04.0093 1500 StillCam - ok
21:17:04.0109 1500 stisvc - ok
21:17:04.0125 1500 streamip - ok
21:17:04.0125 1500 swenum - ok
21:17:04.0140 1500 swmidi - ok
21:17:04.0156 1500 SwPrv - ok
21:17:04.0171 1500 symc810 - ok
21:17:04.0171 1500 symc8xx - ok
21:17:04.0187 1500 sym_hi - ok
21:17:04.0203 1500 sym_u3 - ok
21:17:04.0203 1500 sysaudio - ok
21:17:04.0218 1500 SysmonLog - ok
21:17:04.0234 1500 TapiSrv - ok
21:17:04.0234 1500 Tcpip - ok
21:17:04.0250 1500 TDPIPE - ok
21:17:04.0265 1500 TDTCP - ok
21:17:04.0281 1500 TermDD - ok
21:17:04.0281 1500 TermService - ok
21:17:04.0296 1500 Themes - ok
21:17:04.0312 1500 TosIde - ok
21:17:04.0328 1500 tpcdrdrv - ok
21:17:04.0328 1500 TrkWks - ok
21:17:04.0359 1500 TSP - ok
21:17:04.0359 1500 TVICHW32 - ok
21:17:04.0375 1500 UdfReadr_xp - ok
21:17:04.0390 1500 Udfs - ok
21:17:04.0390 1500 ultra - ok
21:17:04.0406 1500 Update - ok
21:17:04.0421 1500 upnphost - ok
21:17:04.0421 1500 UPS - ok
21:17:04.0437 1500 UrlFilter - ok
21:17:04.0453 1500 Usb20Scan - ok
21:17:04.0468 1500 usbaudio - ok
21:17:04.0468 1500 usbbus - ok
21:17:04.0484 1500 usbccgp - ok
21:17:04.0500 1500 UsbDiag - ok
21:17:04.0500 1500 usbehci - ok
21:17:04.0515 1500 usbhub - ok
21:17:04.0531 1500 USBModem - ok
21:17:04.0531 1500 usbohci - ok
21:17:04.0546 1500 usbprint - ok
21:17:04.0562 1500 usbscan - ok
21:17:04.0562 1500 usbser - ok
21:17:04.0578 1500 USBSTOR - ok
21:17:04.0593 1500 usbuhci - ok
21:17:04.0609 1500 VgaSave - ok
21:17:04.0609 1500 viaagp - ok
21:17:04.0625 1500 ViaIde - ok
21:17:04.0640 1500 VolSnap - ok
21:17:04.0640 1500 vsdatant - ok
21:17:04.0656 1500 vsmon - ok
21:17:04.0671 1500 VSS - ok
21:17:04.0687 1500 w32time - ok
21:17:04.0703 1500 Wanarp - ok
21:17:04.0703 1500 wanatw - ok
21:17:04.0718 1500 Wdf01000 - ok
21:17:04.0734 1500 WDICA - ok
21:17:04.0734 1500 wdmaud - ok
21:17:04.0750 1500 WebClient - ok
21:17:04.0765 1500 winmgmt - ok
21:17:04.0781 1500 WmdmPmSN - ok
21:17:04.0812 1500 WmiApSrv - ok
21:17:04.0812 1500 WpdUsb - ok
21:17:04.0828 1500 WS2IFSL - ok
21:17:04.0843 1500 wscsvc - ok
21:17:04.0859 1500 WSTCODEC - ok
21:17:04.0859 1500 wuauserv - ok
21:17:04.0875 1500 WudfPf - ok
21:17:04.0890 1500 WudfRd - ok
21:17:04.0890 1500 WudfSvc - ok
21:17:04.0906 1500 WZCSVC - ok
21:17:04.0921 1500 x10nets - ok
21:17:04.0921 1500 xmlprov - ok
21:17:04.0937 1500 XUIF - ok
21:17:04.0953 1500 ZSMC301b - ok
21:17:04.0968 1500 ================ Scan global ===============================
21:17:04.0968 1500 [Global] - ok
21:17:04.0984 1500 ================ Scan MBR ==================================
21:17:04.0984 1500 [ 35C6B2FCDE68FACBEFE0A4A7200BAE58 ] \Device\Harddisk0\DR0
21:17:05.0171 1500 \Device\Harddisk0\DR0 - ok
21:17:05.0187 1500 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR3
21:17:19.0468 1500 \Device\Harddisk1\DR3 - ok
21:17:19.0468 1500 ================ Scan VBR ==================================
21:17:19.0703 1500 [ 962BDD4EC0D216D6DA15FDC9F46EDBD4 ] \Device\Harddisk0\DR0\Partition1
21:17:19.0703 1500 \Device\Harddisk0\DR0\Partition1 - ok
21:17:19.0718 1500 [ EE5FDADF4959B72952B9B127955DD738 ] \Device\Harddisk1\DR3\Partition1
21:17:19.0718 1500 \Device\Harddisk1\DR3\Partition1 - ok
21:17:19.0718 1500 ============================================================
21:17:19.0718 1500 Scan finished
21:17:19.0718 1500 ============================================================
21:17:19.0734 1092 Detected object count: 0
21:17:19.0734 1092 Actual detected object count: 0
21:19:10.0796 3580 ============================================================
21:19:10.0796 3580 Scan started
21:19:10.0796 3580 Mode: Manual; SigCheck; TDLFS;
21:19:10.0796 3580 ============================================================
21:19:10.0796 3580 ================ Scan system memory ========================
21:19:10.0796 3580 System memory - ok
21:19:10.0812 3580 ================ Scan services =============================
21:19:10.0843 3580 Abiosdsk - ok
21:19:10.0843 3580 abp480n5 - ok
21:19:10.0859 3580 ACPI - ok
21:19:10.0859 3580 ACPIEC - ok
21:19:10.0875 3580 ACS - ok
21:19:10.0890 3580 adpu160m - ok
21:19:10.0890 3580 AdvancedSystemCareService6 - ok
21:19:10.0906 3580 aeaudio - ok
21:19:10.0921 3580 aec - ok
21:19:10.0921 3580 AegisP - ok
21:19:10.0937 3580 Afc - ok
21:19:10.0953 3580 AFD - ok
21:19:10.0953 3580 agp440 - ok
21:19:10.0968 3580 agpCPQ - ok
21:19:10.0968 3580 Aha154x - ok
21:19:10.0984 3580 aic78u2 - ok
21:19:11.0000 3580 aic78xx - ok
21:19:11.0000 3580 Alerter - ok
21:19:11.0015 3580 ALG - ok
21:19:11.0031 3580 AliIde - ok
21:19:11.0031 3580 alim1541 - ok
21:19:11.0046 3580 amdagp - ok
21:19:11.0062 3580 amsint - ok
21:19:11.0062 3580 ApfiltrService - ok
21:19:11.0078 3580 AppMgmt - ok
21:19:11.0093 3580 AR5211 - ok
21:19:11.0093 3580 asc - ok
21:19:11.0109 3580 asc3350p - ok
21:19:11.0125 3580 asc3550 - ok
21:19:11.0156 3580 aspnet_state - ok
21:19:11.0156 3580 AsyncMac - ok
21:19:11.0171 3580 atapi - ok
21:19:11.0171 3580 Atdisk - ok
21:19:11.0187 3580 Atmarpc - ok
21:19:11.0203 3580 AudioSrv - ok
21:19:11.0218 3580 audstub - ok
21:19:11.0234 3580 BCM43XX - ok
21:19:11.0234 3580 BCMModem - ok
21:19:11.0250 3580 Beep - ok
21:19:11.0250 3580 BITS - ok
21:19:11.0265 3580 Brother XP spl Service - ok
21:19:11.0281 3580 Browser - ok
21:19:11.0281 3580 catchme - ok
21:19:11.0312 3580 cbidf - ok
21:19:11.0312 3580 cbidf2k - ok
21:19:11.0328 3580 CCDECODE - ok
21:19:11.0343 3580 cd20xrnt - ok
21:19:11.0343 3580 Cdaudio - ok
21:19:11.0359 3580 Cdfs - ok
21:19:11.0359 3580 Cdr4_xp - ok
21:19:11.0375 3580 Cdralw2k - ok
21:19:11.0390 3580 Cdrom - ok
21:19:11.0390 3580 CDRPDACC - ok
21:19:11.0406 3580 cdudf_xp - ok
21:19:11.0421 3580 Changer - ok
21:19:11.0421 3580 CiSvc - ok
21:19:11.0437 3580 ClipSrv - ok
21:19:11.0453 3580 clr_optimization_v2.0.50727_32 - ok
21:19:11.0453 3580 CmdIde - ok
21:19:11.0468 3580 Compbatt - ok
21:19:11.0468 3580 COMSysApp - ok
21:19:11.0500 3580 Cpqarray - ok
21:19:11.0500 3580 cpuz135 - ok
21:19:11.0515 3580 Creative Service for CDROM Access - ok
21:19:11.0531 3580 CryptSvc - ok
21:19:11.0531 3580 dac2w2k - ok
21:19:11.0546 3580 dac960nt - ok
21:19:11.0562 3580 DCamUSB20 - ok
21:19:11.0562 3580 DCamUSBSony4 - ok
21:19:11.0578 3580 DcomLaunch - ok
21:19:11.0593 3580 Dhcp - ok
21:19:11.0593 3580 Disk - ok
21:19:11.0609 3580 dmadmin - ok
21:19:11.0625 3580 dmboot - ok
21:19:11.0625 3580 dmio - ok
21:19:11.0640 3580 dmload - ok
21:19:11.0656 3580 dmserver - ok
21:19:11.0656 3580 DMusic - ok
21:19:11.0671 3580 Dnscache - ok
21:19:11.0687 3580 Dot3svc - ok
21:19:11.0687 3580 dpti2o - ok
21:19:11.0703 3580 drmkaud - ok
21:19:11.0703 3580 dvd_2K - ok
21:19:11.0718 3580 E100B - ok
21:19:11.0734 3580 EapHost - ok
21:19:11.0750 3580 EL90XBC - ok
21:19:11.0765 3580 ERSvc - ok
21:19:11.0765 3580 Eventlog - ok
21:19:11.0781 3580 EventSystem - ok
21:19:11.0796 3580 Fastfat - ok
21:19:11.0796 3580 FastUserSwitchingCompatibility - ok
21:19:11.0812 3580 Fax - ok
21:19:11.0828 3580 Fdc - ok
21:19:11.0828 3580 FileMonitor - ok
21:19:11.0843 3580 Fips - ok
21:19:11.0859 3580 Flpydisk - ok
21:19:11.0859 3580 FltMgr - ok
21:19:11.0875 3580 Fs_Rec - ok
21:19:11.0890 3580 Ftdisk - ok
21:19:11.0890 3580 getPlusHelper - ok
21:19:11.0906 3580 Gpc - ok
21:19:11.0921 3580 gupdate - ok
21:19:11.0921 3580 gupdatem - ok
21:19:11.0937 3580 helpsvc - ok
21:19:11.0937 3580 HidServ - ok
21:19:11.0953 3580 HidUsb - ok
21:19:11.0968 3580 hkmsvc - ok
21:19:11.0968 3580 hpn - ok
21:19:11.0984 3580 hpqcxs08 - ok
21:19:12.0000 3580 hpqddsvc - ok
21:19:12.0000 3580 HPSLPSVC - ok
21:19:12.0015 3580 HPZid412 - ok
21:19:12.0031 3580 HPZipr12 - ok
21:19:12.0031 3580 HPZius12 - ok
21:19:12.0046 3580 hSONYPVh - ok
21:19:12.0062 3580 HTTP - ok
21:19:12.0078 3580 HTTPFilter - ok
21:19:12.0078 3580 i2omgmt - ok
21:19:12.0093 3580 i2omp - ok
21:19:12.0109 3580 i8042prt - ok
21:19:12.0109 3580 i81x - ok
21:19:12.0125 3580 iAimFP0 - ok
21:19:12.0125 3580 iAimFP1 - ok
21:19:12.0140 3580 iAimFP2 - ok
21:19:12.0156 3580 iAimFP3 - ok
21:19:12.0171 3580 iAimFP4 - ok
21:19:12.0171 3580 iAimTV0 - ok
21:19:12.0187 3580 iAimTV1 - ok
21:19:12.0203 3580 iAimTV2 - ok
21:19:12.0203 3580 iAimTV3 - ok
21:19:12.0218 3580 iAimTV4 - ok
21:19:12.0234 3580 Imapi - ok
21:19:12.0250 3580 ImapiService - ok
21:19:12.0250 3580 IMFservice - ok
21:19:12.0265 3580 ini910u - ok
21:19:12.0281 3580 IntelIde - ok
21:19:12.0296 3580 intelppm - ok
21:19:12.0312 3580 Ip6Fw - ok
21:19:12.0328 3580 IpFilterDriver - ok
21:19:12.0328 3580 IpInIp - ok
21:19:12.0343 3580 IpNat - ok
21:19:12.0343 3580 IPSec - ok
21:19:12.0359 3580 IRENUM - ok
21:19:12.0375 3580 isapnp - ok
21:19:12.0390 3580 JavaQuickStarterService - ok
21:19:12.0390 3580 Kbdclass - ok
21:19:12.0406 3580 KLIF - ok
21:19:12.0421 3580 kmixer - ok
21:19:12.0421 3580 KSecDD - ok
21:19:12.0437 3580 L8042Kbd - ok
21:19:12.0453 3580 L8042mou - ok
21:19:12.0453 3580 lanmanserver - ok
21:19:12.0468 3580 lanmanworkstation - ok
21:19:12.0484 3580 LanscsiBus - ok
21:19:12.0484 3580 lanscsiminiport - ok
21:19:12.0500 3580 lbrtfdc - ok
21:19:12.0515 3580 LHidFilt - ok
21:19:12.0515 3580 LHidFlt2 - ok
21:19:12.0531 3580 LHidUsbK - ok
21:19:12.0546 3580 LmHosts - ok
21:19:12.0562 3580 LMouFilt - ok
21:19:12.0578 3580 LMouKE - ok
21:19:12.0578 3580 LUsbFilt - ok
21:19:12.0593 3580 MDM - ok
21:19:12.0609 3580 Messenger - ok
21:19:12.0609 3580 Microsoft Office Groove Audit Service - ok
21:19:12.0625 3580 mmc_2K - ok
21:19:12.0640 3580 mnmdd - ok
21:19:12.0640 3580 mnmsrvc - ok
21:19:12.0656 3580 Modem - ok
21:19:12.0671 3580 MODEMCSA - ok
21:19:12.0671 3580 Mouclass - ok
21:19:12.0687 3580 mouhid - ok
21:19:12.0703 3580 MountMgr - ok
21:19:12.0703 3580 mraid35x - ok
21:19:12.0718 3580 MRxDAV - ok
21:19:12.0718 3580 MRxSmb - ok
21:19:12.0734 3580 MSDTC - ok
21:19:12.0750 3580 Msfs - ok
21:19:12.0750 3580 MSIServer - ok
21:19:12.0765 3580 MSKSSRV - ok
21:19:12.0781 3580 MSPCLOCK - ok
21:19:12.0781 3580 MSPQM - ok
21:19:12.0796 3580 mssmbios - ok
21:19:12.0812 3580 MSTEE - ok
21:19:12.0828 3580 Mup - ok
21:19:12.0843 3580 NABTSFEC - ok
21:19:12.0843 3580 napagent - ok
21:19:12.0859 3580 NCHSSVAD - ok
21:19:12.0875 3580 NDIS - ok
21:19:12.0875 3580 NdisIP - ok
21:19:12.0890 3580 NdisTapi - ok
21:19:12.0906 3580 Ndisuio - ok
21:19:12.0906 3580 NdisWan - ok
21:19:12.0921 3580 NDProxy - ok
21:19:12.0921 3580 Net Driver HPZ12 - ok
21:19:12.0937 3580 NetBIOS - ok
21:19:12.0953 3580 NetBT - ok
21:19:12.0953 3580 NetDDE - ok
21:19:12.0968 3580 NetDDEdsdm - ok
21:19:12.0984 3580 Netlogon - ok
21:19:12.0984 3580 Netman - ok
21:19:13.0000 3580 NetSvc - ok
21:19:13.0015 3580 Nla - ok
21:19:13.0015 3580 Npfs - ok
21:19:13.0031 3580 Ntfs - ok
21:19:13.0046 3580 NtLmSsp - ok
21:19:13.0062 3580 NtmsSvc - ok
21:19:13.0062 3580 Null - ok
21:19:13.0078 3580 nv - ok
21:19:13.0093 3580 nvsvc - ok
21:19:13.0093 3580 NwlnkFlt - ok
21:19:13.0109 3580 NwlnkFwd - ok
21:19:13.0109 3580 odserv - ok
21:19:13.0125 3580 omci - ok
21:19:13.0140 3580 ose - ok
21:19:13.0156 3580 P3 - ok
21:19:13.0156 3580 Parport - ok
21:19:13.0171 3580 PartMgr - ok
21:19:13.0187 3580 ParVdm - ok
21:19:13.0187 3580 pbfilter - ok
21:19:13.0203 3580 PCI - ok
21:19:13.0218 3580 PCIDump - ok
21:19:13.0218 3580 PCIIde - ok
21:19:13.0234 3580 Pcmcia - ok
21:19:13.0250 3580 Pcouffin - ok
21:19:13.0250 3580 PCPitstop Scheduling - ok
21:19:13.0265 3580 PDCOMP - ok
21:19:13.0281 3580 PDFRAME - ok
21:19:13.0281 3580 PDRELI - ok
21:19:13.0296 3580 PDRFRAME - ok
21:19:13.0312 3580 perc2 - ok
21:19:13.0312 3580 perc2hib - ok
21:19:13.0359 3580 pfc - ok
21:19:13.0359 3580 PlugPlay - ok
21:19:13.0375 3580 Pml Driver HPZ12 - ok
21:19:13.0375 3580 PnkBstrA - ok
21:19:13.0390 3580 PnkBstrB - ok
21:19:13.0406 3580 Point32 - ok
21:19:13.0406 3580 PolicyAgent - ok
21:19:13.0421 3580 ppped - ok
21:19:13.0437 3580 PptpMiniport - ok
21:19:13.0437 3580 Processor - ok
21:19:13.0453 3580 ProtectedStorage - ok
21:19:13.0468 3580 PSched - ok
21:19:13.0468 3580 Ptilink - ok
21:19:13.0484 3580 pwd_2k - ok
21:19:13.0500 3580 PxHelp20 - ok
21:19:13.0500 3580 ql1080 - ok
21:19:13.0515 3580 Ql10wnt - ok
21:19:13.0531 3580 ql12160 - ok
21:19:13.0531 3580 ql1240 - ok
21:19:13.0546 3580 ql1280 - ok
21:19:13.0562 3580 RasAcd - ok
21:19:13.0562 3580 RasAuto - ok
21:19:13.0578 3580 Rasl2tp - ok
21:19:13.0593 3580 RasMan - ok
21:19:13.0609 3580 RasPppoe - ok
21:19:13.0609 3580 Raspti - ok
21:19:13.0625 3580 Rdbss - ok
21:19:13.0640 3580 RDPCDD - ok
21:19:13.0656 3580 rdpdr - ok
21:19:13.0671 3580 RDPWD - ok
21:19:13.0671 3580 RDSessMgr - ok
21:19:13.0687 3580 redbook - ok
21:19:13.0703 3580 RegFilter - ok
21:19:13.0703 3580 RemoteAccess - ok
21:19:13.0718 3580 RivaTuner32 - ok
21:19:13.0734 3580 RpcLocator - ok
21:19:13.0750 3580 RpcSs - ok
21:19:13.0765 3580 RSVP - ok
21:19:13.0765 3580 SamSs - ok
21:19:13.0781 3580 SCardSvr - ok
21:19:13.0796 3580 Schedule - ok
21:19:13.0812 3580 Secdrv - ok
21:19:13.0812 3580 seclogon - ok
21:19:13.0828 3580 SENS - ok
21:19:13.0843 3580 serenum - ok
21:19:13.0859 3580 Serial - ok
21:19:13.0859 3580 Sfloppy - ok
21:19:13.0875 3580 SharedAccess - ok
21:19:13.0890 3580 ShellHWDetection - ok
21:19:13.0890 3580 Simbad - ok
21:19:13.0906 3580 sisagp - ok
21:19:13.0921 3580 SLIP - ok
21:19:13.0937 3580 SmartDefragDriver - ok
21:19:13.0937 3580 smwdm - ok
21:19:13.0953 3580 Sparrow - ok
21:19:13.0953 3580 splitter - ok
21:19:13.0968 3580 Spooler - ok
21:19:13.0984 3580 sr - ok
21:19:13.0984 3580 srescan - ok
21:19:14.0000 3580 srservice - ok
21:19:14.0015 3580 Srv - ok
21:19:14.0015 3580 SSDPSRV - ok
21:19:14.0031 3580 StillCam - ok
21:19:14.0046 3580 stisvc - ok
21:19:14.0046 3580 streamip - ok
21:19:14.0062 3580 swenum - ok
21:19:14.0078 3580 swmidi - ok
21:19:14.0093 3580 SwPrv - ok
21:19:14.0109 3580 symc810 - ok
21:19:14.0125 3580 symc8xx - ok
21:19:14.0125 3580 sym_hi - ok
21:19:14.0140 3580 sym_u3 - ok
21:19:14.0156 3580 sysaudio - ok
21:19:14.0156 3580 SysmonLog - ok
21:19:14.0171 3580 TapiSrv - ok
21:19:14.0187 3580 Tcpip - ok
21:19:14.0203 3580 TDPIPE - ok
21:19:14.0203 3580 TDTCP - ok
21:19:14.0218 3580 TermDD - ok
21:19:14.0234 3580 TermService - ok
21:19:14.0234 3580 Themes - ok
21:19:14.0250 3580 TosIde - ok
21:19:14.0265 3580 tpcdrdrv - ok
21:19:14.0265 3580 TrkWks - ok
21:19:14.0281 3580 TSP - ok
21:19:14.0296 3580 TVICHW32 - ok
21:19:14.0312 3580 UdfReadr_xp - ok
21:19:14.0328 3580 Udfs - ok
21:19:14.0328 3580 ultra - ok
21:19:14.0343 3580 Update - ok
21:19:14.0359 3580 upnphost - ok
21:19:14.0375 3580 UPS - ok
21:19:14.0375 3580 UrlFilter - ok
21:19:14.0406 3580 Usb20Scan - ok
21:19:14.0406 3580 usbaudio - ok
21:19:14.0421 3580 usbbus - ok
21:19:14.0437 3580 usbccgp - ok
21:19:14.0437 3580 UsbDiag - ok
21:19:14.0453 3580 usbehci - ok
21:19:14.0453 3580 usbhub - ok
21:19:14.0468 3580 USBModem - ok
21:19:14.0484 3580 usbohci - ok
21:19:14.0484 3580 usbprint - ok
21:19:14.0500 3580 usbscan - ok
21:19:14.0515 3580 usbser - ok
21:19:14.0515 3580 USBSTOR - ok
21:19:14.0531 3580 usbuhci - ok
21:19:14.0546 3580 VgaSave - ok
21:19:14.0546 3580 viaagp - ok
21:19:14.0562 3580 ViaIde - ok
21:19:14.0578 3580 VolSnap - ok
21:19:14.0593 3580 vsdatant - ok
21:19:14.0593 3580 vsmon - ok
21:19:14.0609 3580 VSS - ok
21:19:14.0625 3580 w32time - ok
21:19:14.0640 3580 Wanarp - ok
21:19:14.0656 3580 wanatw - ok
21:19:14.0656 3580 Wdf01000 - ok
21:19:14.0671 3580 WDICA - ok
21:19:14.0687 3580 wdmaud - ok
21:19:14.0687 3580 WebClient - ok
21:19:14.0703 3580 winmgmt - ok
21:19:14.0734 3580 WmdmPmSN - ok
21:19:14.0750 3580 WmiApSrv - ok
21:19:14.0765 3580 WpdUsb - ok
21:19:14.0781 3580 WS2IFSL - ok
21:19:14.0781 3580 wscsvc - ok
21:19:14.0796 3580 WSTCODEC - ok
21:19:14.0812 3580 wuauserv - ok
21:19:14.0812 3580 WudfPf - ok
21:19:14.0828 3580 WudfRd - ok
21:19:14.0843 3580 WudfSvc - ok
21:19:14.0843 3580 WZCSVC - ok
21:19:14.0859 3580 x10nets - ok
21:19:14.0875 3580 xmlprov - ok
21:19:14.0875 3580 XUIF - ok
21:19:14.0890 3580 ZSMC301b - ok
21:19:14.0906 3580 ================ Scan global ===============================
21:19:14.0921 3580 [Global] - ok
21:19:14.0921 3580 ================ Scan MBR ==================================
21:19:14.0937 3580 [ 35C6B2FCDE68FACBEFE0A4A7200BAE58 ] \Device\Harddisk0\DR0
21:19:15.0203 3580 \Device\Harddisk0\DR0 - ok
21:19:15.0218 3580 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR3
21:19:29.0234 3580 \Device\Harddisk1\DR3 - ok
21:19:29.0234 3580 ================ Scan VBR ==================================
21:19:29.0234 3580 [ 962BDD4EC0D216D6DA15FDC9F46EDBD4 ] \Device\Harddisk0\DR0\Partition1
21:19:29.0234 3580 \Device\Harddisk0\DR0\Partition1 - ok
21:19:29.0250 3580 [ EE5FDADF4959B72952B9B127955DD738 ] \Device\Harddisk1\DR3\Partition1
21:19:29.0250 3580 \Device\Harddisk1\DR3\Partition1 - ok
21:19:29.0250 3580 ============================================================
21:19:29.0250 3580 Scan finished
21:19:29.0250 3580 ============================================================
21:19:29.0281 3488 Detected object count: 0
21:19:29.0281 3488 Actual detected object count: 0
21:20:47.0406 2368 Deinitialize success


5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555


Vino's Event Viewer v01c run on Windows XP in English
Report run at 01/02/2013 9:36:00 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/02/2013 9:33:13 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF

Log: 'System' Date/Time: 01/02/2013 9:32:56 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 01/02/2013 9:12:31 PM
Type: error Category: 0
Event: 15006 Source: HTTP
Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR is invalid. This could be because another user has already created the log file or the directory.

Log: 'System' Date/Time: 01/02/2013 9:02:14 PM
Type: error Category: 0
Event: 7016 Source: Service Control Manager
The BrSplService service has reported an invalid current state 0.

Log: 'System' Date/Time: 01/02/2013 9:01:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PowerPanel Personal Edition Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 01/02/2013 9:01:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Atheros Configuration Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 01/02/2013 9:00:49 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF

Log: 'System' Date/Time: 01/02/2013 9:00:47 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 01/02/2013 8:58:10 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PowerPanel Personal Edition Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 01/02/2013 8:58:10 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Atheros Configuration Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 01/02/2013 8:48:58 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 01/02/2013 8:32:35 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF

Log: 'System' Date/Time: 01/02/2013 8:30:39 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 01/02/2013 3:22:28 PM
Type: error Category: 0
Event: 15006 Source: HTTP
Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR is invalid. This could be because another user has already created the log file or the directory.

Log: 'System' Date/Time: 01/02/2013 3:18:13 PM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.

Log: 'System' Date/Time: 01/02/2013 3:16:49 PM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.

Log: 'System' Date/Time: 01/02/2013 9:52:57 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF

Log: 'System' Date/Time: 01/02/2013 9:51:05 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 31/01/2013 10:14:47 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF

Log: 'System' Date/Time: 31/01/2013 10:13:41 AM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/02/2013 9:01:56 PM
Type: warning Category: 0
Event: 263 Source: PlugPlayManager
The service "ACS" may not have unregistered for device event notifications before it was stopped.

Log: 'System' Date/Time: 01/02/2013 8:30:40 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 01/02/2013 3:22:21 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 01/02/2013 3:19:53 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 000FB54F40E4. The IP address being used is 169.254.137.234.

Log: 'System' Date/Time: 01/02/2013 3:16:03 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 01/02/2013 9:51:01 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 01/02/2013 9:50:49 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 31/01/2013 10:12:42 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 30/01/2013 2:06:34 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:29 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:19 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:14 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:14 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:09 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:04 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:05:59 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 10:26:11 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/01/2013 11:27:09 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 28/01/2013 11:24:14 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 28/01/2013 10:27:53 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.


66666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666


OTL logfile created on: 2/1/2013 9:37:57 PM - Run 8
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Charles Carey\Desktop\Removal tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 73.88% Memory free
3.85 Gb Paging File | 3.48 Gb Available in Paging File | 90.30% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 46.46 Gb Free Space | 31.18% Space Free | Partition Type: NTFS
Drive F: | 39.10 Mb Total Space | 32.45 Mb Free Space | 83.01% Space Free | Partition Type: FAT
Drive G: | 966.72 Mb Total Space | 947.38 Mb Free Space | 98.00% Space Free | Partition Type: FAT32

Computer Name: DADSDELL | User Name: Charles Carey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/26 16:46:49 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/01/26 14:24:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Charles Carey\Desktop\Removal tools\OTL.exe
PRC - [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/01/15 18:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2008/11/13 15:18:56 | 002,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
PRC - [2008/11/13 15:18:56 | 000,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\acs.exe
PRC - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () -- C:\CyberPower\ppped.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/19 00:22:15 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msdmo.dll
MOD - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\acs.exe
MOD - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () -- C:\CyberPower\ppped.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/26 16:46:49 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/01/15 18:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2010/01/25 10:02:20 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009/04/26 13:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2008/11/13 15:18:56 | 002,405,776 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\acs.exe -- (ACS)
SRV - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () [Auto | Running] -- C:\CyberPower\ppped.exe -- (ppped)
SRV - [2003/03/03 13:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbVM31b.sys -- (ZSMC301b)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klif.sys -- (TSP)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\tpcdrdrv.sys -- (tpcdrdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\LHidFlt2.sys -- (LHidFlt2)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\lanscsiminiport.sys -- (lanscsiminiport)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\LanscsiBus.sys -- (LanscsiBus)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\CHARLE~1\LOCALS~1\Temp\hSONYPVh.sys -- (hSONYPVh)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\CHARLE~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\bcmwl5.sys -- (BCM43XX)
DRV - [2012/07/05 13:54:18 | 000,016,248 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 13:54:16 | 000,030,408 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2012/01/05 18:07:40 | 000,246,816 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/09/21 09:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cpuz135_x32.sys -- (cpuz135)
DRV - [2010/11/26 18:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/06 22:24:30 | 000,019,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/08/22 13:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\RivaTuner v2.24\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009/08/11 13:43:50 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nchssvad.sys -- (NCHSSVAD)
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 11:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042mou.Sys -- (L8042mou)
DRV - [2009/05/01 16:03:38 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/05/01 16:03:38 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2008/11/13 15:19:00 | 000,353,680 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\vsdatant.sys -- (vsdatant)
DRV - [2008/04/21 07:19:58 | 000,051,648 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2007/01/23 15:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006/05/10 08:56:26 | 000,036,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006/04/25 17:30:40 | 000,469,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311T13.sys -- (AR5211)
DRV - [2005/03/02 14:26:02 | 000,018,560 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\x10ufx2.sys -- (XUIF)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2004/08/04 00:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 00:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 00:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 00:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 00:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 00:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 00:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 00:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 00:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 00:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/10/28 15:17:52 | 000,005,273 | ---- | M] (Arrowkey) [Kernel | Auto | Running] -- C:\Program Files\321Studios\Shared\CDRPDACC.SYS -- (CDRPDACC)
DRV - [2003/03/18 14:55:04 | 000,046,248 | ---- | M] (Crescentec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CsMini20.sys -- (DCamUSB20)
DRV - [2003/02/27 17:36:04 | 000,090,852 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/01/17 20:36:02 | 000,424,127 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\snyucam4.sys -- (DCamUSBSony4)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/11/11 16:52:58 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/11/05 15:56:48 | 000,012,692 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cresscan.sys -- (Usb20Scan)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{06A26EB0-0041-46FC-85F4-B733CE0570CD}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{74EA43EB-373B-48C9-A2D3-B1EB32CD68C3}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.jeepforum.com/"
FF - prefs.js..extensions.enabledAddons: %7BC0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51%7D:2.3.54
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1
FF - prefs.js..extensions.enabledAddons: %7B45d8ff86-d909-11db-9705-005056c00008%7D:1.1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.3.54
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.yahoo....type=382950&p="
FF - prefs.js..network.proxy.no_proxies_on: "localhost"
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPCShowPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/03/07 19:27:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 10:52:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 00:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/19 00:22:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/03/07 19:27:20 | 000,000,000 | ---D | M]

[2012/10/25 10:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Extensions
[2009/08/04 12:29:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Extensions\[email protected]
[2013/02/01 20:26:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions
[2010/02/11 10:08:51 | 000,000,000 | ---D | M] (Answers) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2008/02/07 11:18:38 | 000,000,000 | ---D | M] (Game-Monitor Extension) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{DEDDA510-573D-44d9-BF81-F85C3FA1FE54}(2)
[2010/02/11 15:59:35 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2008/02/07 11:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\temp
[2013/01/29 12:47:35 | 000,060,243 | ---- | M] () (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
[2013/01/26 00:22:45 | 000,242,136 | ---- | M] () (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/01/26 16:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/01/19 00:22:01 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\[email protected](2).org
[2012/01/11 10:52:44 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/01/19 00:22:16 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2002/09/27 07:59:00 | 000,090,112 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NpPopup.dll
[2012/08/29 10:58:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/12 23:04:23 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: AmericanGreetings.com Popup Plugin 1.0.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpPopup.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16260 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/02/01 21:10:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: cars.com ([siy] https in Trusted sites)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zon...ry/msgrchkr.cab (Checkers Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.us.de...iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab28578.cab (MessengerStatsClient Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....204&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://pcpitstop.com...cpConnCheck.cab (iCC Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1262649780406 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1262649770265 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zon...StatsClient.cab (MessengerStatsClient Class)
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} http://toolbar.googl...gleActivate.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://messenger.zon...ry/ZAxRcMgr.cab (ZoneAxRcMgr Class)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcp...ols/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} http://www.microsoft.../20/SassCln.CAB (SassCln Object)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab28578.cab (ZoneIntro Class)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://www.imgag.com...tall/AxCtp2.cab (Create & Print ActiveX Plug-in)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zon...ot.cab28578.cab (CBreakshotControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave...aploader_v5.cab (Reg Error: Value error.)
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} http://www.shockwave...ownloadCtrl.cab (Reg Error: Value error.)
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zon...ireShowdown.cab (Solitaire Showdown Class)
O16 - DPF: DirectAnimation Java Classes file://c:\I386\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://c:\I386\xmldso.cab (Reg Error: Key error.)
O16 - DPF: PackageCab http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://www2.verizon....vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A541BE98-85DC-437C-82E2-3EBAF83AD596}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Eudora mail\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 08:59:58 | 000,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/04/15 15:49:10 | 000,000,398 | ---- | M] () - F:\AUTOEXEC.UP -- [ FAT ]
O32 - AutoRun File - [2003/04/15 15:49:10 | 000,000,398 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Charles Carey^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Apoint - hkey= - key= - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: DVDSentry - hkey= - key= - File not found
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: IndexSearch - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
MsConfig - StartUpReg: IntelliPoint - hkey= - key= - c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
MsConfig - StartUpReg: Kernel and Hardware Abstraction Layer - hkey= - key= - C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
MsConfig - StartUpReg: Logitech Hardware Abstraction Layer - hkey= - key= - C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: PaperPort PTD - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RoxioAudioCentral - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe (Roxio, Inc.)
MsConfig - StartUpReg: RoxioDragToDisc - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe (Roxio)
MsConfig - StartUpReg: RoxioEngineUtility - hkey= - key= - C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe (Roxio)
MsConfig - StartUpReg: SigmaTel StacMon - hkey= - key= - C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe ()
MsConfig - StartUpReg: SSBkgdUpdate - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: WD Button Manager - hkey= - key= - File not found
MsConfig - StartUpReg: WD_SRT - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: IMFservice - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8EFA4753-7169-4CC3-A28B-0A1643B8A39B} - Microsoft .NET Framework 1.1 Hotfix (KB886903)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: {f5de1b93-9d38-416b-b09e-aa85a8e84309} - Q818529
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.enc - C:\WINDOWS\System32\ITIG726.acm (Ingenient Technologies, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.dll (Intel® Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\SYSTEM32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\SYSTEM32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/02/01 20:56:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/02/01 20:54:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/02/01 20:54:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/02/01 20:54:29 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/02/01 20:54:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/02/01 20:46:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/01 20:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Desktop\Removal tools
[2013/01/28 10:39:19 | 000,029,528 | ---- | C] (IObit) -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2013/01/28 10:38:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2013/01/26 22:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Sun
[2013/01/26 16:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/01/26 16:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
[2013/01/26 16:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 6
[2013/01/26 16:47:11 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/01/26 16:47:11 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/01/26 16:47:04 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/01/26 16:47:03 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/01/26 16:47:03 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/01/23 15:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Application Data\wsInspector
[2013/01/23 15:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\My Documents\wsInspector
[2013/01/23 15:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Startup Inspector for Windows
[2013/01/23 15:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup Inspector for Windows
[2013/01/19 00:22:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/16 12:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/15 21:47:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/15 21:47:41 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/15 21:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/15 21:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\Revo Uninstaller
[2013/01/15 21:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Start Menu\Programs\Revo Uninstaller

========== Files - Modified Within 30 Days ==========

[2013/02/01 21:33:23 | 000,348,373 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2013/02/01 21:32:45 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/02/01 21:32:34 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1caf3eebc635d38.job
[2013/02/01 21:32:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2013/02/01 21:32:08 | 2146,488,320 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/01 21:20:19 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/01 21:10:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2013/02/01 20:56:46 | 000,000,327 | RHS- | M] () -- C:\BOOT.INI
[2013/02/01 20:11:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA.job
[2013/02/01 20:01:57 | 009,196,023 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020118080.pdf
[2013/02/01 15:23:22 | 000,002,367 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/01 13:49:44 | 001,746,414 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020114120.pdf
[2013/01/30 23:08:54 | 000,138,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013/01/29 14:30:21 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/01/29 00:11:02 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core.job
[2013/01/26 16:46:50 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/01/26 16:46:48 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/01/26 16:46:48 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/01/26 16:46:48 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/01/26 16:46:48 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/01/26 16:46:48 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/01/23 15:24:48 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\Startup Inspector for Windows.lnk
[2013/01/23 00:17:11 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Charles Carey\My Documents\resume1.pub
[2013/01/23 00:17:11 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\resume1.pub
[2013/01/18 10:11:14 | 000,002,603 | ---- | M] () -- C:\Documents and Settings\Charles Carey\install.rdf
[2013/01/15 21:23:33 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\Revo Uninstaller.lnk
[2013/01/14 11:42:28 | 013,462,931 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\mbar-1.01.0.1016.zip
[2013/01/12 21:35:34 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL

========== Files Created - No Company Name ==========

[2013/02/01 20:56:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/02/01 20:56:42 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/02/01 20:54:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/02/01 20:54:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/02/01 20:54:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/02/01 20:54:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/02/01 20:54:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/02/01 20:01:47 | 009,196,023 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020118080.pdf
[2013/02/01 13:49:40 | 001,746,414 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020114120.pdf
[2013/01/28 10:39:14 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/01/28 10:39:11 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2013/01/27 00:47:54 | 000,122,225 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\09_tori-praver_16.jpg
[2013/01/27 00:46:13 | 000,154,404 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\09_cintia-dicker_02.jpg
[2013/01/23 15:24:48 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\Startup Inspector for Windows.lnk
[2013/01/23 00:20:30 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\resume1.pub
[2013/01/18 10:11:14 | 000,002,603 | ---- | C] () -- C:\Documents and Settings\Charles Carey\install.rdf
[2013/01/15 21:27:57 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/15 21:23:33 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\Revo Uninstaller.lnk
[2013/01/14 11:42:20 | 013,462,931 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\mbar-1.01.0.1016.zip
[2012/08/07 18:04:05 | 000,000,236 | ---- | C] () -- C:\Program Files\Common Files\dx.reg
[2012/08/07 18:04:03 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2012/08/07 18:04:03 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll
[2012/08/07 18:04:03 | 000,716,153 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2012/08/07 18:04:03 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll
[2012/08/07 18:04:03 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll
[2012/08/07 18:04:03 | 000,002,937 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2011/09/13 12:35:41 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011/08/13 12:55:53 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/17 08:40:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\{A9519275-C8CC-4D3F-B470-52419ACD6894}
[2011/02/13 22:46:54 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/02/13 22:46:49 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/02/13 22:46:49 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/02/13 22:46:38 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/06/11 11:46:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\AVSMediaPlayer.m3u
[2009/01/08 10:44:56 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\PFP110JPR.{PB
[2009/01/08 10:44:56 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\PFP110JCM.{PB
[2006/08/22 19:24:23 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2004/12/05 07:49:59 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\fusioncache.dat
[2004/05/05 17:51:29 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2003/08/08 12:10:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: WDC WD1600AAJB-00PVA0
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Removable media other than\tfloppy
Interface type: USB
Media Type: Removable media other than\tfloppy
Model: HP Officejet 6500 E USB Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 39.00MB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 149.00GB
Starting Offset: 41126400
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 969.00MB
Starting Offset: 127488
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >
[2000/06/21 16:46:28 | 001,489,152 | R--- | M] (Microsoft Corporation) -- C:\INSTMSI.EXE
[2000/06/21 16:46:30 | 001,499,904 | R--- | M] (Microsoft Corporation) -- C:\INSTMSIW.EXE

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >
[2000/06/21 16:46:28 | 001,489,152 | R--- | M] (Microsoft Corporation) -- C:\INSTMSI.EXE
[2000/06/21 16:46:30 | 001,499,904 | R--- | M] (Microsoft Corporation) -- C:\INSTMSIW.EXE

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/08/08 14:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Adobe
[2012/07/11 13:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\AdobeUM
[2008/02/07 11:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Apple Computer
[2009/03/25 11:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ArcSoft
[2008/07/31 09:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ATI
[2009/01/23 14:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\AVS4YOU
[2008/02/07 11:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Broderbund
[2008/02/07 11:17:49 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Brother
[2008/03/29 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Chessmaster Challenge
[2009/01/08 10:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Corel
[2008/02/07 11:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Creative
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\CyberLink
[2012/12/14 11:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\DDMSettings
[2012/12/23 21:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\DivX
[2012/06/09 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\DTV
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\EDrawings
[2011/09/13 12:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\FreeBurner
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Google
[2010/12/08 12:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Help
[2010/02/12 20:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\HP
[2010/11/20 01:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\HPAppData
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Identities
[2013/01/26 16:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\IObit
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Kontiki
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Lavasoft
[2008/02/07 11:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Leadertech
[2008/02/07 11:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Macromedia
[2009/10/03 14:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Malwarebytes
[2012/08/08 14:35:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Charles Carey\Application Data\Microsoft
[2008/02/07 11:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Move Networks
[2008/08/27 09:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla
[2008/02/07 11:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\MSN6
[2008/02/07 11:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\MX
[2009/08/11 13:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\NCH Swift Sound
[2008/02/07 11:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Novosoft
[2008/02/07 11:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Raptisoft
[2010/10/21 10:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Real
[2010/06/27 13:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Roxio
[2008/02/07 11:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Roxio.old
[2010/02/15 18:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ScanSoft
[2008/02/07 11:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\SmartFTP
[2008/02/07 11:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Sony Corporation
[2008/02/26 16:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\SpinTop
[2008/02/07 11:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Sun
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Symantec
[2011/06/03 11:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\SystemRequirementsLab
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Talkback
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\teamspeak2
[2009/08/04 12:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\TomTom
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ubi.com
[2012/02/20 22:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Ventrilo
[2008/02/07 11:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\WholeSecurity
[2012/08/01 21:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\WinRAR
[2013/01/26 12:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\wsInspector

< MD5 for: ATAPI.SYS >
[2002/08/29 05:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2002/08/29 05:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:atapi.sys
[2004/08/27 16:58:05 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys
[2009/03/20 11:17:13 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:atapi.sys
[2004/08/27 16:58:05 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009/03/20 11:17:13 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2003/01/31 15:43:30 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=3C33F5479520844A186C2D43ECFFD477 -- C:\I386\atapi.sys
[2002/08/29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DLLCACHE\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\SYSTEM32\csrss.exe
[2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\SYSTEM32\DLLCACHE\csrss.exe
[2002/08/29 05:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=B82CD0AD8B605F64EAD6C46D70A2C993 -- C:\I386\CSRSS.EXE
[2004/08/04 02:56:48 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SYSTEM32\DLLCACHE\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 02:56:49 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2002/08/29 05:00:00 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtUninstallKB820291$\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2002/08/29 05:00:00 | 000,228,352 | ---- | M] (Microsoft Corporation) MD5=18A8BE5A66B93F9C9615F7D4C148EDE2 -- C:\I386\MSWSOCK.DLL
[2004/08/04 02:56:44 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 12:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\ERDNT\cache\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\SYSTEM32\DLLCACHE\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\SYSTEM32\mswsock.dll
[2008/04/13 19:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/04/13 19:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NWPROVAU.DLL >
[2008/04/13 19:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
[2008/04/13 19:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\SYSTEM32\DLLCACHE\nwprovau.dll
[2008/04/13 19:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\SYSTEM32\nwprovau.dll
[2002/08/29 05:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=4A3D059857FBAFFFEA7997C3839E8803 -- C:\I386\NWPROVAU.DLL
[2006/10/13 07:41:38 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=808CB47D7F6BE51B0354CD628CF45978 -- C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
[2006/10/13 07:35:12 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=AEEB687B865E1BAB04BB9C3604F92CEF -- C:\WINDOWS\$NtServicePackUninstall$\nwprovau.dll
[2004/08/04 02:56:44 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=F01D97A8E0380BA52F58249A7B3BD7F1 -- C:\WINDOWS\$NtUninstallKB923980$\nwprovau.dll

< MD5 for: PNRPNSP.DLL >
[2004/08/04 02:56:44 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\$NtServicePackUninstall$\pnrpnsp.dll
[2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
[2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\SYSTEM32\DLLCACHE\pnrpnsp.dll
[2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\SYSTEM32\pnrpnsp.dll

< MD5 for: SERVICES.EXE >
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\SYSTEM32\DLLCACHE\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\SYSTEM32\services.exe
[2004/08/04 02:56:55 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2002/08/29 05:00:00 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=E3DF4A0252D287C44606EE55355E1623 -- C:\I386\SERVICES.EXE

< MD5 for: SVCHOST.EXE >
[2002/08/29 05:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\I386\SVCHOST.EXE
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SYSTEM32\DLLCACHE\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SYSTEM32\svchost.exe
[2004/08/04 02:56:57 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 02:56:57 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2011/09/13 10:32:34 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2011/09/13 10:28:28 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2011/09/13 10:32:34 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\DLLCACHE\userinit.exe
[2011/09/13 10:32:34 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe
[2002/08/29 05:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\I386\USERINIT.EXE

< MD5 for: WINLOGON.EXE >
[2004/08/04 02:56:57 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2002/08/29 05:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\I386\WINLOGON.EXE
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\DLLCACHE\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\winlogon.exe

< MD5 for: WINRNR.DLL >
[2004/08/04 02:56:46 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\$NtServicePackUninstall$\winrnr.dll
[2002/08/29 05:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=54332DB2DC5B851709CD78D2DA22F2FB -- C:\I386\WINRNR.DLL
[2008/04/13 19:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
[2008/04/13 19:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\SYSTEM32\DLLCACHE\winrnr.dll
[2008/04/13 19:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\SYSTEM32\winrnr.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 05:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 05:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >


77777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777

OTL Extras logfile created on: 2/1/2013 9:37:58 PM - Run 8
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Charles Carey\Desktop\Removal tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 73.88% Memory free
3.85 Gb Paging File | 3.48 Gb Available in Paging File | 90.30% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 46.46 Gb Free Space | 31.18% Space Free | Partition Type: NTFS
Drive F: | 39.10 Mb Total Space | 32.45 Mb Free Space | 83.01% Space Free | Partition Type: FAT
Drive G: | 966.72 Mb Total Space | 947.38 Mb Free Space | 98.00% Space Free | Partition Type: FAT32

Computer Name: DADSDELL | User Name: Charles Carey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"9220:TCP" = 9220:TCP:*:Enabled:9220
"161:UDP" = 161:UDP:*:Enabled:161
"427:UDP" = 427:UDP:*:Enabled:427
"9500:TCP" = 9500:TCP:*:Enabled:9500
"9290:TCP" = 9290:TCP:*:Enabled:9290
"139:UDP" = 139:UDP:*:Enabled:139
"137:TCP" = 137:TCP:*:Enabled:137
"9100:TCP" = 9100:TCP:*:Enabled:9100
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"E:\setup\hpznui01.exe" = E:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (TODO: <Company name>)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Broadband Networking\MSBNUtil.exe" = C:\Program Files\Microsoft Broadband Networking\MSBNUtil.exe:*:Enabled:Microsoft Broadband Network Utility -- (Microsoft Corporation)
"C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe" = C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe:*:Enabled:Microsoft Broadband Networking Tray -- (Microsoft Corporation)
"C:\Program Files\Microsoft Broadband Networking\MSBNCfg.exe" = C:\Program Files\Microsoft Broadband Networking\MSBNCfg.exe:*:Enabled:Microsoft Broadband Networking Setup -- (Microsoft Corporation)
"C:\Program Files\Microsoft Broadband Networking\MSBNUpdate.exe" = C:\Program Files\Microsoft Broadband Networking\MSBNUpdate.exe:*:Enabled:Microsoft Broadband Networking Update -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\SmartFTP Client 2.0\SmartFTP.exe" = C:\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0 -- (SmartFTP GmbH)
"C:\Battlefield 2\BF2.exe" = C:\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqdstcp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqdstcp.exe:*:Enabled:hpqdstcp -- (Hewlett-Packard Co.)
"C:\Program Files\321Studios\Platinum\BugTool.exe" = C:\Program Files\321Studios\Platinum\BugTool.exe:*:Enabled:321 Studios Support Utility -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (TODO: <Company name>)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2: Deluxe Edition
"{07397346-C8BA-4F57-A625-55AC31108AEC}" = CyberPower PowerPanel Personal Edition
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{1A22C818-D44D-4691-BF27-8884CB5B44B1}" = AVerDVD EZMaker USB 2.0 Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{32A3A4F4-B792-11D6-A78A-00B0D0170110}" = Java SE Development Kit 7 Update 11
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369B36BE-3D64-4641-9AEA-808D436FE134}" = Microsoft Digital Image Pro 7.0
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{3F695596-85E6-4224-BC70-538F9036797A}" = MovieShop
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{55BC7EFA-D832-4EE3-9DEA-49B0C07539D9}" =
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E835305-63BB-4E55-BBB7-EEBBE67774DB}" = MyDVD
"{5F3783B7-F809-45A7-8A92-A44B441FDA7C}" = DIRECTV Player
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64116298-93C5-401D-B06C-39D8E3338508}" = DAO
"{644F9DBE-CEDB-45AF-ACB8-E26692B74F62}" = Easy CD & DVD Creator 6
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69A0D256-A72C-4C33-9413-E1C0174CA7F4}" = C-Major Audio
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6F512339-216D-4FBE-8A83-3EDCC3F03F51}" = WD Win98 SE USB Disk Driver, v1.00.09
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0
"{74335A80-207A-4112-A08F-CEB1DC229450}" = KENWOOD Music Editor
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty® 2 Patch 1.3
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC15633-2327-43F4-BA85-B83FDB4B59BE}" = Microsoft Broadband Networking
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90190409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Publisher 2003
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9EBDAF91-DADA-47CE-94F2-F5B004007934}" = System Requirements Lab
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A351224F-533A-4EED-89F4-0BF3417FD31D}" = WD Backup
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600133}" = MSN Messenger 6.2
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600777}" = MSN Messenger 7.0
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{AF131494-F5D8-45C5-938C-D5F020CF1B0D}" = Tom Clancy's Rainbow Six 3: Raven Shield
"{AFFA4BBF-051D-4926-A603-1F729240C7F7}" = COD2 RCON Commander
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C169D3BB-9A27-43F5-9979-09A0D65FE95C}" = SmartFTP Client 2.0
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEA5EF64-B694-4B79-9A2C-0FF738906A1D}" = DriverGuide Toolkit
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D1AD7439-FBCA-4345-A780-2A5617EBA9DE}" = neoDVDstandard4
"{D3943D0B-C281-4BF7-9FFB-2A4497986BF9}" = Memory Key Boot Utility
"{D4B84055-7CFB-4178-8ECF-2AEBF16FF207}" = Eudora
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}" = Ghost Recon
"{DCDC8E79-4600-4C02-9824-CD3BB8971D4E}" =
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E432C362-6A71-4E8A-A68A-AE5246520656}" = Art Explosion Scrapbook Factory
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{EFD0BFEB-980E-491B-833B-A8848E5E0F0F}" = Hyplay
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FD6C6B7F-5696-48C5-A601-2EE9E50C3D46}" = WD Firewire HID Driver
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Call of Duty" = Call of Duty
"Call of Duty - United Offensive Map and Mod Tools" = Call of Duty - United Offensive Map and Mod Tools
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60
"Creative Jukebox Driver" = Creative Jukebox Driver
"Dark Angel's Ghost Recon Mod 4.8" = Dark Angel's Ghost Recon Mod 4.8
"D-Fend Reloaded" = D-Fend Reloaded 0.9.1 (deinstall)
"dimaondtools" = Diamond Tools
"DirectX10 for Windows XP - Win2000, 2003,..._is1" = DirectX10 RC2 Pre Fix 3
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"DriverAgent.exe" = DriverAgent by eSupport.com
"DVD X Rescue" = DVD X Rescue
"DVDXCopyPlatinum" = DVD X Copy Platinum 4.0.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Easy Burner_is1" = Free Easy Burner V 5.0
"Frostbite" = Frostbite
"Frostbite Full version 1.2" = Frostbite Full version 1.2
"Game Booster_is1" = Game Booster
"Golden" = Golden Records Vinyl to CD Converter
"HijackThis" = HijackThis 1.99.1
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Install Creator Pro" = Install Creator Pro
"InstallShield_{1A22C818-D44D-4691-BF27-8884CB5B44B1}" = AVerDVD EZMaker USB 2.0 Driver
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"InstallShield_{D1AD7439-FBCA-4345-A780-2A5617EBA9DE}" = neoDVDstandard
"InterActual Player" = InterActual Player
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IrfanView" = IrfanView (remove only)
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"MSPersonalTutorMathopolis" = Microsoft Mathopolis
"MSPersonalTutorReaderRailway" = Microsoft Reader Railway
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nomad MuVo" = NOMAD MuVo
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Prism" = Prism Video Converter
"PROSet" = Intel® PRO Network Adapters and Drivers
"QCDrivers" = QuickCam Drivers
"Revo Uninstaller" = Revo Uninstaller 1.94
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Shockwave" = Shockwave
"Shockwave.com Zuma" = Shockwave.com Zuma
"Smart Defrag 2_is1" = Smart Defrag 2
"SmartFTP Client 2.0 Setup Files" = SmartFTP Client 2.0 Setup Files (remove only)
"SoundTap" = SoundTap Streaming Audio Recorder
"ST6UNST #1" = RCON 4 Call Of Duty 2 V1.0 (10/Nov/05)
"Steam" = Steam
"Switch" = Switch Sound File Converter
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeakOverlay" = TeamSpeak Overlay BETA 2 (#63)
"WavePad" = WavePad Sound Editor
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoneAlarm" = ZoneAlarm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/30/2012 1:06:26 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.

Error - 1/1/2013 1:49:14 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application wlancfg5.exe, version 4.3.18.306, faulting module
wcapi.dll, version 4.1.0.161, fault address 0x0000dd60.

Error - 1/1/2013 3:18:38 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Error - 1/14/2013 1:34:14 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Error - 1/14/2013 7:34:02 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Error - 1/15/2013 10:33:27 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Error - 1/16/2013 6:38:30 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Error - 1/21/2013 5:45:16 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Error - 1/24/2013 8:45:03 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Error - 1/29/2013 6:54:49 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.

[ OSession Events ]
Error - 10/30/2010 4:30:23 PM | Computer Name = DADSDELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 827 seconds with 480 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2/1/2013 9:58:10 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7034
Description = The Atheros Configuration Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/1/2013 9:58:10 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7034
Description = The PowerPanel Personal Edition Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/1/2013 10:00:47 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7000
Description = The X10 Device Network Service service failed to start due to the
following error: %%3

Error - 2/1/2013 10:00:49 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KLIF

Error - 2/1/2013 10:01:56 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7034
Description = The Atheros Configuration Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/1/2013 10:01:56 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7034
Description = The PowerPanel Personal Edition Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/1/2013 10:02:14 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7016
Description = The BrSplService service has reported an invalid current state 0.

Error - 2/1/2013 10:12:31 PM | Computer Name = DADSDELL | Source = HTTP | ID = 15006
Description = Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR
is invalid. This could be because another user has already created the log file
or the directory.

Error - 2/1/2013 10:32:56 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7000
Description = The X10 Device Network Service service failed to start due to the
following error: %%3

Error - 2/1/2013 10:33:13 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KLIF


< End of report >



8888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888


Process PID CPU Description Company Name Verified Signer
System Idle Process 0 96.88
procexp.exe 1844 1.56 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts n/a 1.56 Hardware Interrupts and DPCs
zlclient.exe 2136 ZoneAlarm Client Check Point Software Technologies LTD (Verified) Check Point Software Technologies Ltd.
wscntfy.exe 3300 Windows Security Center Notification App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
wmiprvse.exe 2292 WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
winlogon.exe 624 Windows NT Logon Application Microsoft Corporation (Verified) Microsoft Windows Component Publisher
vsmon.exe 252 TrueVector Service Check Point Software Technologies LTD (Verified) Check Point Software Technologies Ltd.
System 4
svchost.exe 940 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 988 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1024 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1064 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1156 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1588 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1604 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1764 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1796 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 208 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 3472 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1888 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
spoolsv.exe 1392 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smss.exe 528 Windows NT Session Manager Microsoft Corporation (Verified) Microsoft Windows Component Publisher
services.exe 668 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Component Publisher
ppped.exe 1864 (Unable to verify) (null)
PnkBstrB.exe 1820 (Verified) Even Balance
PnkBstrA.exe 1808 (Verified) Even Balance
nvsvc32.exe 880 NVIDIA Driver Helper Service, Version 266.58 NVIDIA Corporation (Verified) NVIDIA Corporation
MDM.EXE 1672 Machine Debug Manager Microsoft Corporation (Verified) Microsoft Corporation
lsass.exe 680 LSA Shell (Export Version) Microsoft Corporation (Verified) Microsoft Windows Component Publisher
jusched.exe 2236 Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America
jqs.exe 1620 Java™ Quick Starter Service Oracle Corporation (Verified) Oracle America
IMFsrv.exe 1432 IObit Malware Fighter Service IObit (Verified) IObit Information Technology
fxssvc.exe 1176 Fax Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher
firefox.exe 2248 Firefox Mozilla Corporation (Verified) Mozilla Corporation
explorer.exe 584 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
CTSVCCDA.EXE 1496 Creative Service for CDROM Access Creative Technology Ltd (Unable to verify) Creative Technology Ltd
ctfmon.exe 2316 CTF Loader Microsoft Corporation (Verified) Microsoft Windows Component Publisher
csrss.exe 600 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Component Publisher
brsvc01a.exe 1356 brsvc01a brother Industries Ltd (Unable to verify) brother Industries Ltd
brss01a.exe 1384 brss01a.exe brother Industries Ltd (Unable to verify) brother Industries Ltd
ASCService.exe 840 Advanced SystemCare Service IObit (Verified) IObit Information Technology
alg.exe 3684 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher
acs.exe 1476 (Unable to verify) (null)



999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999

Summary
Operating System
Microsoft Windows XP Home Edition 32-bit SP3
CPU
Intel Pentium 4
Northwood 0.13um Technology
RAM
2.00 GB Single-Channel DDR @ 166MHz (2.5-3-3-7)
Motherboard
Dell Computer Corp. 02Y832 (Microprocessor)
Graphics
CM2019 ([email protected])
256MB GeForce 6200 (Undefined) 51 °C
Hard Drives
149GB Western Digital WDC WD1600AAJB-00PVA0 (PATA) 32 °C
Optical Drives
HL-DT-ST CD-ROM GCR-8481B
NEC DVD+RW ND-1100A
Audio
USB Audio Device
Operating System
Microsoft Windows XP Home Edition 32-bit SP3
Computer type: Mini Tower
Installation Date : 8/11/2003 5:24:28 PM
Serial Number:
Windows Security Center
Windows Update
AutoUpdate Not configured
Firewall
Firewall Enabled
Company Name Check Point, LTD.
Display Name ZoneAlarm Firewall
Product Version 8.0.065.000
Antivirus
Avira AntiVir PersonalEdition Classic
Antivirus Enabled
Company Name Avira GmbH
Product Version 0.0.0.0
Virus Signature Database Up to date
Microsoft Security Essentials
Antivirus Disabled
Company Name Microsoft Corporation
Product Version 4.0.1526.0
Virus Signature Database Up to date
.NET Frameworks installed
v2.0 SP1
v1.1 SP1
Internet Explorer
Version 8.0.6001.18702
Java
Java Runtime Environment
Path C:\Program Files\Java\jdk1.7.0_11\bin\java.exe
Version 7.0
Update 11
Build 21
Java Runtime Environment
Path C:\Program Files\Java\jre7\bin\java.exe
Version 7.0
Update 11
Build 21
Environment Variables
USERPROFILE C:\Documents and Settings\Charles Carey
SystemRoot C:\WINDOWS
User Variables
TEMP C:\Documents and Settings\Charles Carey\Local Settings\Temp
TMP C:\Documents and Settings\Charles Carey\Local Settings\Temp
Machine Variables
CLASSPATH .;"C\QTJava.zip";C:\Program Files\Java\jre6\lib\ext\QTJava.zip
ComSpec C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK NO
NUMBER_OF_PROCESSORS 1
OS Windows_NT
Path C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\system32\wbem
C:\Program Files\Sonic\MyDVD
C:\Program Files\Common Files\Roxio Shared\DLLShared
C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier
C:\Program Files\Common Files\DivX Shared
C:\Program Files\Common Files\HP\Digital Imaging\bin
C:\Program Files\HP\Digital Imaging\bin
C:\Program Files\HP\Digital Imaging\bin\Qt\Qt 4.3.3
C:\Program Files\QuickTime\QTSystem
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE x86
PROCESSOR_IDENTIFIER x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL 15
PROCESSOR_REVISION 0209
PS5ROOT C:\Program Files\Roxio\Easy CD Creator 6\PhotoSuite\
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
tvdumpflags 8
windir C:\WINDOWS
QTJAVA C:\Program Files\Java\jre6\lib\ext\QTJava.zip
Power Profile
Active power scheme Gaming Mode Power Plan
Hibernation Enabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Hard Disk after: (On AC Power) Never
Suspend after: (On AC Power) Never
Screen saver Enabled
Uptime
Current Session
Current Time 2/1/2013 11:53:33 PM
Current Uptime 8,502 sec (0 d, 02 h, 21 m, 42 s)
Last Boot Time 2/1/2013 9:31:51 PM
TimeZone
TimeZone GMT -5:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Process List
acs.exe
Process ID 1476
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\SYSTEM32\acs.exe
Memory Usage 6.05 MB
Peak Memory Usage 6.05 MB
alg.exe
Process ID 3684
Path C:\WINDOWS\System32\alg.exe
Memory Usage 3.52 MB
Peak Memory Usage 3.53 MB
ascservice.exe
Process ID 840
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
Memory Usage 756KB
Peak Memory Usage 22 MB
brss01a.exe
Process ID 1384
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\brss01a.exe
Memory Usage 1.82 MB
Peak Memory Usage 10 MB
brsvc01a.exe
Process ID 1356
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\brsvc01a.exe
Memory Usage 1.27 MB
Peak Memory Usage 1.28 MB
csrss.exe
Process ID 600
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\csrss.exe
Memory Usage 3.84 MB
Peak Memory Usage 7.66 MB
ctfmon.exe
Process ID 2316
User Charles Carey
Domain DADSDELL
Path C:\WINDOWS\system32\ctfmon.exe
Memory Usage 3.52 MB
Peak Memory Usage 3.61 MB
ctsvccda.exe
Process ID 1496
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\CTsvcCDA.EXE
Memory Usage 1.38 MB
Peak Memory Usage 1.38 MB
explorer.exe
Process ID 584
User Charles Carey
Domain DADSDELL
Path C:\WINDOWS\Explorer.EXE
Memory Usage 1.81 MB
Peak Memory Usage 26 MB
firefox.exe
Process ID 2248
User Charles Carey
Domain DADSDELL
Path C:\Program Files\Mozilla Firefox\firefox.exe
Memory Usage 121MB
Peak Memory Usage 174MB
fxssvc.exe
Process ID 1176
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\fxssvc.exe
Memory Usage 3.52 MB
Peak Memory Usage 3.52 MB
imfsrv.exe
Process ID 1432
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
Memory Usage 2.02 MB
Peak Memory Usage 4.41 MB
jqs.exe
Process ID 1620
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Java\jre7\bin\jqs.exe
Memory Usage 1.36 MB
Peak Memory Usage 28 MB
jusched.exe
Process ID 2236
User Charles Carey
Domain DADSDELL
Path C:\Program Files\Common Files\Java\Java Update\jusched.exe
Memory Usage 96 KB
Peak Memory Usage 2.62 MB
lsass.exe
Process ID 680
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\lsass.exe
Memory Usage 1.70 MB
Peak Memory Usage 6.25 MB
mdm.exe
Process ID 1672
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Memory Usage 3.25 MB
Peak Memory Usage 3.26 MB
nvsvc32.exe
Process ID 880
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\nvsvc32.exe
Memory Usage 5.91 MB
Peak Memory Usage 7.95 MB
pnkbstra.exe
Process ID 1808
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\PnkBstrA.exe
Memory Usage 2.45 MB
Peak Memory Usage 2.45 MB
pnkbstrb.exe
Process ID 1820
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\PnkBstrB.exe
Memory Usage 2.66 MB
Peak Memory Usage 2.66 MB
ppped.exe
Process ID 1864
User SYSTEM
Domain NT AUTHORITY
Path C:\CyberPower\ppped.exe
Memory Usage 4.15 MB
Peak Memory Usage 4.85 MB
services.exe
Process ID 668
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\services.exe
Memory Usage 5.77 MB
Peak Memory Usage 5.82 MB
smss.exe
Process ID 528
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 420KB
Peak Memory Usage 704KB
speccy.exe
Process ID 2524
User Charles Carey
Domain DADSDELL
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 25 MB
Peak Memory Usage 42 MB
spoolsv.exe
Process ID 1392
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\spoolsv.exe
Memory Usage 6.04 MB
Peak Memory Usage 7.21 MB
svchost.exe
Process ID 1796
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 2.88 MB
Peak Memory Usage 2.88 MB
svchost.exe
Process ID 940
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.77 MB
Peak Memory Usage 4.86 MB
svchost.exe
Process ID 208
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 4.78 MB
Peak Memory Usage 4.86 MB
svchost.exe
Process ID 1024
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 26 MB
Peak Memory Usage 26 MB
svchost.exe
Process ID 1064
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.31 MB
Peak Memory Usage 3.34 MB
svchost.exe
Process ID 1156
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 3.57 MB
Peak Memory Usage 4.16 MB
svchost.exe
Process ID 1588
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.87 MB
Peak Memory Usage 5.99 MB
svchost.exe
Process ID 1604
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 7.13 MB
Peak Memory Usage 7.15 MB
svchost.exe
Process ID 3472
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 3.73 MB
Peak Memory Usage 3.89 MB
svchost.exe
Process ID 1888
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 7.09 MB
Peak Memory Usage 7.11 MB
svchost.exe
Process ID 988
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.22 MB
Peak Memory Usage 4.25 MB
svchost.exe
Process ID 1764
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 2.91 MB
Peak Memory Usage 2.91 MB
system
Process ID 4
Memory Usage 224KB
Peak Memory Usage 9.63 MB
system idle process
Process ID 0
vsmon.exe
Process ID 252
winlogon.exe
Process ID 624
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\winlogon.exe
Memory Usage 4.11 MB
Peak Memory Usage 22 MB
wmiprvse.exe
Process ID 2264
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 8.56 MB
Peak Memory Usage 10 MB
wmiprvse.exe
Process ID 2292
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 4.92 MB
Peak Memory Usage 4.93 MB
wscntfy.exe
Process ID 3300
User Charles Carey
Domain DADSDELL
Path C:\WINDOWS\system32\wscntfy.exe
Memory Usage 296KB
Peak Memory Usage 2.12 MB
zlclient.exe
Process ID 2136
Scheduler
2/2/2013 12:11 AM;Every 1 hour(s) from 12:11 AM for 24 hour(s) every day, starting 9/9/2012 GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA
2/2/2013 12:11 AM;At 12:11 AM every day, starting 9/9/2012 GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core
2/2/2013 12:20 AM;Every 1 hour(s) from 7:20 PM for 24 hour(s) every day, starting 9/17/2012 GoogleUpdateTaskMachineUA
2/2/2013 7:20 PM;Run at user logon GoogleUpdateTaskMachineCore1caf3eebc635d38
Run at user logon SmartDefragUpdate
Hotfixes
1/29/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1078.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/28/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.990.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/27/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.931.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/25/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.856.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/24/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.723.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/22/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.455.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/20/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.376.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/19/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.370.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/18/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.265.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/17/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.103.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/15/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3946.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/14/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3868.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/13/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3811.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/11/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3721.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/10/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3608.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/9/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3520.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/7/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3314.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/5/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3225.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/3/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3062.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/1/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2916.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/31/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2863.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2800.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2655.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2573.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2498.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/22/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2452.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/20/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2314.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/18/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2140.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2032.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1943.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/13/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1788.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1697.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/11/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1598.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/9/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1470.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/8/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1431.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/6/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1254.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/5/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1166.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/3/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.979.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/1/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.912.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/30/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.828.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.742.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.571.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.437.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.368.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/23/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.282.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.153.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/19/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2377.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2307.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2168.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2160.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/14/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2054.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1888.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1805.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/9/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1734.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/8/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1623.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/6/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1448.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/5/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1329.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/3/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1296.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/1/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1140.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.863.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.745.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.670.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/25/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.593.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.508.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/23/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.405.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.281.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/20/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.228.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/18/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.67.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/16/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1929.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/13/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1741.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1663.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1511.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/9/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1401.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/7/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1273.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/6/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1243.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/5/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1185.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/3/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1026.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/1/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.832.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.748.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/28/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.673.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.596.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.501.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.310.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/22/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.246.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.176.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/19/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1568.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1409.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1326.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/13/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1173.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1067.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.873.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/8/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.790.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/7/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.699.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/5/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.530.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/4/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.434.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/1/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.304.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/31/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.225.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.74.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.427.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/25/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.316.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/23/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.200.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.61.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/20/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.2365.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/18/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.2322.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.2256.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.2131.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.1879.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.1793.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/9/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/9/2012 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2387149)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2707511)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2659262)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2478971)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/8/2012 Security Update for Windows XP (KB2491683)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Update for Windows XP (KB2345886)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
8/8/2012 Security Update for Windows XP (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2646524)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2585542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/8/2012 Security Update for Windows XP (KB2631813)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2296011)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2691442)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2718523)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB975558)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2443105)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2655992)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/8/2012 Security Update for Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package (KB2565063)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2481109)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2485663)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2598479)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2440591)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2686509)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB982132)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2507938)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2476490)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2347290)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2483185)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2624667)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB979687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2719985)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2592799)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Update for Windows XP (KB2718704)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
8/8/2012 Windows Malicious Software Removal Tool - July 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/8/2012 Update Rollup for ActiveX Killbits for Windows XP (KB2695962)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2535512)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2699988)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2685939)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB981322)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2507618)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2603381)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB953300)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
  • 0

#4
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
part 2



8/8/2012 Security Update for Windows XP (KB2419632)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2508429)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2653956)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Update for Windows XP (KB971029)
Install this update to restrict AutoRun entries in the AutoPlay
dialog to only CD and DVD drives. After you install this item,
you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2506212)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Update for Windows XP (KB2633952)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2698365)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2619339)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB981997)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Cumulative Security Update for ActiveX Killbits for Windows XP (KB2618451)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/8/2012 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2509553)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2676562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2510531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Microsoft Silverlight (KB2690729)
This security update to Silverlight includes fixes outlined in
KBs 2681578 and 2690729. This update is backward compatible with
web applications built using previous versions of Silverlight.
8/8/2012 Security Update for Windows XP (KB982665)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Internet Explorer 8 for Windows XP (KB2544521)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2478960)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2393802)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Update for Windows XP and Windows Server 2003 (KB2728973)
Install this update to resolve an issue which requires an update
to the untrusted certificate store on Windows systems and to
keep your systems up to date. After you install this update,
you may have to restart your system.
8/8/2012 Security Update for Windows XP (KB2620712)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2566454)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2584146)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2423089)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2360937)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.1638.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/8/2012 Windows Update Agent 7.6.7600.256
The Windows Update Agent enables your computer to search for
and install updates from an update service. The agent can automatically
update itself as needed to communicate with the update service
when Windows searches for new updates.
4/24/2011 Update for Microsoft Silverlight (KB2416427)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
8/2/2010 Security Update for Windows XP (KB2286198)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906)
A security issue has been identified that could allow an attacker
to tamper with digitally signed content without being detected,
when this content is being consumed by an application that makes
use of the Microsoft .NET Framework on a Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
8/2/2010 Update for Microsoft Silverlight (KB982926)
This update to Silverlight improves security and reliability,
and adds a variety of performance and functional enhancements
including support for web-conferencing, printing support and
improved support for video, networking and rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
8/2/2010 Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB953300)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and .NET Framework 3.0 subcomponents.
The .NET Framework 3.5 Family Update provides important application
compatibility updates. This combined Service Pack and update
is applicable to .NET versions 2.0 through 3.5.
8/2/2010 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and .NET Framework 3.0 subcomponents.
The .NET Framework 3.5 Family Update provides important application
compatibility updates. This combined Service Pack and update
is applicable to .NET versions 2.0 through 3.5.
8/2/2010 Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906)
A security issue has been identified that could allow an attacker
to tamper with digitally signed content without being detected,
when this content is being consumed by an application that makes
use of the Microsoft .NET Framework on a Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
8/2/2010 Security Update for Windows XP (KB2229593)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB979559)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB975562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB979482)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/2/2010 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP3 (KB978695)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB980218)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Update for Windows XP (KB981793)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
8/2/2010 Security Update for Windows XP (KB978542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 nVidia - Display - NVIDIA GeForce 6200
nVidia Display software update released in April, 2010
8/2/2010 Security Update for Windows XP (KB978601)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB979683)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB978338)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/2/2010 Security Update for Windows XP (KB979309)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB981332)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB977816)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB980232)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB975561)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Update for Windows XP (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
8/2/2010 Security Update for Windows XP (KB978706)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB971468)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB977914)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB975560)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB978037)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Windows XP (KB975713)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Update for Microsoft Silverlight (KB979202)
This update to Silverlight includes functional, performance,
reliability and security improvements. This update is backward
compatible with web applications built using previous versions
of Silverlight.
8/2/2010 Security Update for Windows XP (KB972270)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB973688)
Install this update to prevent applications from sending too
many HTTP requests while a well-known Document Type Definition
(DTD) is included. After you install this item, you may have
to restart your computer. Once you have installed this item,
it cannot be removed.
8/2/2010 Security Update for Windows XP (KB973904)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Update for Windows XP (KB955759)
An issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Update for Windows XP (KB971737)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
8/2/2010 Update for Windows XP (KB970430)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
8/2/2010 Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB953300)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/2/2010 Security Update for Jscript 5.8 for Windows XP (KB971961)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Microsoft .NET Framework 1.1 SP1 Security Update for Windows 2000 and Windows XP (KB979906)
A security issue has been identified that could allow an attacker
to tamper with digitally signed content without being detected,
when this content is being consumed by an application that makes
use of the Microsoft .NET Framework on a Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
8/1/2010 Windows Malicious Software Removal Tool - July 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/1/2010 Security Update for Windows XP (KB981349)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB978601)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 nVidia - Display - NVIDIA GeForce 6200
nVidia Display software update released in April, 2010
8/1/2010 Security Update for Windows XP (KB978542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Update for Windows XP (KB981793)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
8/1/2010 Security Update for Windows XP (KB980218)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP3 (KB978695)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/1/2010 Security Update for Windows XP (KB979482)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB975562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB979559)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB982381)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/1/2010 Security Update for Windows XP (KB975560)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB977914)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB971468)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB978706)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB975561)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB980232)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB977816)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB979309)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB978338)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/1/2010 Security Update for Windows XP (KB979683)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Update for Microsoft Silverlight (KB979202)
This update to Silverlight includes functional, performance,
reliability and security improvements. This update is backward
compatible with web applications built using previous versions
of Silverlight.
8/1/2010 Security Update for Windows XP (KB975713)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB978037)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB973688)
Install this update to prevent applications from sending too
many HTTP requests while a well-known Document Type Definition
(DTD) is included. After you install this item, you may have
to restart your computer. Once you have installed this item,
it cannot be removed.
8/1/2010 Security Update for Windows XP (KB972270)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Update for Windows XP (KB955759)
An issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB973904)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB974392)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB974318)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Update for Windows XP (KB973687)
Install this update to prevent applications from sending too
many HTTP requests while a well-known Document Type Definition
(DTD) is included. After you install this item, you may have
to restart your computer.
8/1/2010 Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB953300)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Update for Windows XP (KB968389)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
8/1/2010 Security Update for Windows XP (KB969059)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB958869)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB974112)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB974571)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/1/2010 Security Update for Windows XP (KB975025)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB954155)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Jscript 5.7 for Windows XP (KB971961)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB956844)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Internet Explorer 8 for Windows XP
Internet Explorer 8 is the latest version of the familiar Web
browser that you are most comfortable using. Internet Explorer
8 helps you get everything that you want from the Web faster,
easier, and more privately and securely than ever. After you
install this item, you may have to restart your computer.
8/1/2010 Security Update for Windows XP (KB971657)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB973815)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB960859)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB973507)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB956744)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB973869)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP Service Pack 3 (KB973540)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB973923)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system with Microsoft Visual
C++ 2005 Service Pack 1 Redistributable Package and gain complete
control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
8/1/2010 Security Update for Windows XP (KB970238)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB961501)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/1/2010 Security Update for Windows XP (KB2229593)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/5/2010 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and .NET Framework 3.0 subcomponents.
The .NET Framework 3.5 Family Update provides important application
compatibility updates. This combined Service Pack and update
is applicable to .NET versions 2.0 through 3.5.
1/5/2010 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and .NET Framework 3.0 subcomponents.
The .NET Framework 3.5 Family Update provides important application
compatibility updates. This combined Service Pack and update
is applicable to .NET versions 2.0 through 3.5.
11/10/2009 Update for Microsoft Silverlight (KB974331)
This update to Silverlight includes security and reliability
improvements, and broadens support for Unicode characters, particularly
towards the GB18030 character set for China. This update is backward
compatible with web applications built in previous versions of
Silverlight.
5/1/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/30/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/30/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/29/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/29/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/25/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/24/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/24/2009 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86
Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and .NET Framework 3.0 subcomponents.
The .NET Framework 3.5 Family Update provides important application
compatibility updates.
4/24/2009 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86
Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and .NET Framework 3.0 subcomponents.
The .NET Framework 3.5 Family Update provides important application
compatibility updates.
4/24/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/24/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/22/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/21/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/21/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/18/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/17/2009 Security Update for Windows XP (KB959426)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/17/2009 Security Update for Windows XP (KB961373)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/17/2009 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB963027)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/17/2009 Windows Malicious Software Removal Tool - April 2009 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/17/2009 Security Update for Windows XP (KB956572)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/17/2009 Security Update for Windows XP (KB952004)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/17/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/17/2009 Security Update for Windows XP (KB960803)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/17/2009 Security Update for Windows XP (KB923561)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/17/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/14/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/11/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/10/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/9/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/8/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/7/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/7/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/3/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/3/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/2/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/2/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/2/2009 Security Update for CAPICOM (KB931906)
A remote code execution vulnerability exists in Cryptographic
API Component Object Model (CAPICOM) that allows an attacker
who successfully exploits this vulnerability to take complete
control of an affected system. CAPICOM can be used as a component
of a 3rd party webpage, script or application. You can protect
your computer by installing this update from Microsoft.
4/2/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/31/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/28/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/28/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/27/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/26/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/26/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/25/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/24/2009 Windows Malicious Software Removal Tool - March 2009 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/24/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/21/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/21/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB951376)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB952954)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB946648)
A security issue has been identified that could allow an unauthenticated,
remote attacker to compromise a system that is running Windows
Messenger and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB956803)
A security issue has been identified that could allow an authenticated
local attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Update for Windows XP (KB955839)
Install this update to resolve an issue that is caused by revised
daylight saving time laws in many countries. This update enables
your computer to automatically adjust the computer clock on the
correct date in 2008. After you install this item, you may have
to restart your computer.
3/20/2009 Update for Windows XP (KB951978)
Install this update to resolve an issue in VBScript/JScript scripts
from CScript\WScript hosts, certain built-ins may not function
correctly when Standards and Formats in Regional Settings is
changed. After you install this item, you may have to restart
your computer.
3/20/2009 Security Update for Windows XP (KB950974)
A security issue has been identified in Event System on Microsoft
Windows based systems that could allow an attacker to compromise
your Microsoft Windows-based system and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/20/2009 Security Update for Windows XP (KB951698)
A security issue has been identified in Microsoft DirectShow
that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Security Update for Internet Explorer 7 for Windows XP (KB938127)
A security issue has been identified in the way Vector Markup
Language (VML) is handled that could allow an attacker to compromise
a computer running Microsoft Windows and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/20/2009 Security Update for Windows XP (KB960225)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
3/20/2009 Security Update for Windows XP (KB956841)
A security issue has been identified that could allow an authenticated
local attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB938464)
A security issue has been identified that could allow an attacker
to remotely compromise a Windows-based system that uses GDI+
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB950762)
A security issue has been identified that could allow an unauthenticated,
remote attacker to cause the affected system to stop responding.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/20/2009 Security Update for Windows XP (KB957097)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Update Rollup for ActiveX Killbits for Windows XP (KB960715)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB958687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/20/2009 Update for Windows XP (KB952287)
Install this update to resolve an issue in which a malfunction
or data loss occurs when using Microsoft Data Access Components
(MDAC) components on computers that are running Windows XP SP2
or XP SP3. After you install this item, you may have to restart
your computer.
3/20/2009 Update for Windows XP (KB967715)
Install this update to resolve an issue in which AutoRun features
were not correctly disabled. After you install this item, you
may have to restart your computer.
3/20/2009 Cumulative Security Update for ActiveX Killbits for Windows XP (KB950760)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system that is running
Microsoft Internet Explorer and gain control over it. You can
help protect your system by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/20/2009 Security Update for Outlook Express for Windows XP (KB951066)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Outlook Express
or Windows Mail and read data from another Internet Explorer
domain or the local computer. You can help protect your system
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB958690)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/20/2009 Security Update for Windows XP (KB954459)
A security issue has been identified in Microsoft XML Core Services
(MSXML) that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP Service Pack 3 (KB952069)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/20/2009 Security Update for Windows XP (KB951748)
A security issue has been identified that could allow a remote
attacker to misrepresent a system action or behavior unbeknownst
to users on Microsoft Windows systems. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
3/20/2009 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB961260)
Security issues have been identified that could allow an attacker
to compromise a computer running Microsoft Internet Explorer
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB954600)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/20/2009 Security Update for Windows XP (KB955069)
A security issue has been identified in the way Microsoft XML
Core Services (MSXML) is handled that could allow an attacker
to compromise a computer that is running Microsoft Windows and
gain control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
3/20/2009 Security Update for Windows XP (KB956802)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/20/2009 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB954430)
A security issue has been identified in Microsoft XML Core Services
(MSXML) that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer. Once you have installed
this item, it cannot be removed.
3/20/2009 Windows XP Service Pack 3 (KB936929)
Windows XP Service Pack 3 (SP3) is an update to Windows XP that
addresses key feedback from our customers and is a cumulative
update that includes all previously released updates for Windows
XP, including security updates. Windows XP SP3 contains a small
number of new updates and should not significantly change the
Windows XP experience. After you install this item, you may have
to restart your computer.
5/20/2008 Windows Genuine Advantage Validation Tool (KB892130)
The Windows Genuine Advantage Validation Tool enables you to
verify that your copy of Microsoft Windows is genuine. The tool
validates your Windows installation by checking Windows Product
Identification and Product Activation status.
2/5/2008 Microsoft .NET Framework 2.0 Service Pack 1 (KB110806)
Microsoft .NET Framework 2.0 Service Pack 1 provides cumulative
roll-up updates for customer reported issues found after the
release of Microsoft .NET Framework 2.0. In addition, this release
provides security improvements, and prerequisite feature support
for .NET Framework 3.0 Service Pack 1, and .NET Framework 3.5.
After you install this item, you may have to restart your computer.
2/5/2008 Security Update for Windows XP (KB943485)
A security issue has been identified in LSASS that could allow
an attacker to compromise your Windows-based system and gain
control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
2/5/2008 Update for Windows XP (KB942840)
Install this update to increase the performance of web sites
that use Ajax. After you install this item, you may have to restart
your computer.
2/5/2008 Security Update for Windows XP (KB941644)
A security issue has been identified in TCPIP that could allow
an attacker to compromise your Windows-based system and gain
control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
2/5/2008 Security Update for Windows XP with Windows Media Format Runtime 9.5 and 11 (KB941569)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Windows
Media file formats and gain control over it. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
2/5/2008 Windows Malicious Software Removal Tool - January 2008 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
2/5/2008 Security Update for Windows XP (KB944653)
A security issue has been identified in the Macrovision Driver
that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/5/2008 Cumulative Security Update for Internet Explorer 6 for Windows XP (KB942615)
Security issues have been identified that could allow an attacker
to compromise a system running Internet Explorer and gain control
over it. You can help protect your system by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
2/5/2008 Security Update for Windows XP (KB941568)
A security issue has been identified in Microsoft DirectShow
that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/5/2008 Update for Windows XP (KB942763)
Installing this update enables your computer to automatically
adjust the computer clock on the correct date in 2007 and 2008
due to revised Daylight Saving Time laws in many countries. After
you install this item, you may have to restart your computer.
2/5/2008 Windows Internet Explorer 7 for Windows XP
This free upgrade to Internet Explorer customers offers improvements
such as enhanced security, a cleaner look, and features to make
everyday tasks such as printing and searching the web easier.
This upgrade preserves your current home page, search settings,
favorites, and compatible toolbars, and can be uninstalled if
you decide to do so.
2/5/2008 Update for Windows XP (KB936357)
This is a reliability update. Install this microcode update to
improve the reliability of systems with Intel processors. After
you install this item, you may have to restart your computer.
2/5/2008 Security Update for Windows XP (KB943460)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/5/2008 Security Update for Outlook Express for Windows XP (KB941202)
A security issue has been identified in Outlook Express that
could allow an attacker to compromise your Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/5/2008 Security Update for Windows XP (KB933729)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/5/2008 Security Update for Windows XP (KB936021)
A security issue has been identified in Microsoft XML Core Services
(MSXML) that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/5/2008 Security Update for Windows XP (KB938127)
A security issue has been identified in the way Vector Markup
Language (VML) is handled that could allow an attacker to compromise
a computer running Microsoft Windows and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/5/2008 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB936181)
A security issue has been identified in Microsoft XML Core Services
(MSXML) that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer. Once you have installed
this item, it cannot be removed.
2/5/2008 Security Update for Windows Media Player 10 for Windows XP (KB936782)
A security issue has been identified in Windows Media Player
that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/5/2008 Security Update for Windows XP (KB938829)
A security issue has been identified in Microsoft GDI that could
allow an attacker to compromise your Windows-based system and
gain control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
2/5/2008 Security Update for Windows XP (KB921503)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Object
Linking and Embedding (OLE) Automation and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/5/2008 Update for Windows XP (KB938828)
This is a reliability update. Install this update to improve
the stability of computers running Windows XP. After you install
this item, you may have to restart your computer.
2/5/2008 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
2/5/2008 Security Update for Windows XP (KB935839)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system using a Windows kernel
API and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/5/2008 Security Update for Windows XP (KB935840)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system using Secure Channel
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/5/2008 Cumulative Security Update for Outlook Express for Windows XP (KB929123)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Outlook
Express. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
2/5/2008 Update for Windows XP (KB927891)
This is a reliability update. This update resolves an issue in
the Windows Installer (MSI) that can affect performance during
software updates. After you install this item, you may have to
restart your computer.
2/5/2008 Windows Genuine Advantage Validation Tool (KB892130)
The Windows Genuine Advantage Validation Tool enables you to
verify that your copy of Microsoft Windows is genuine. The tool
validates your Windows installation by checking Windows Product
Identification and Product Activation status.
5/14/2007 Windows Malicious Software Removal Tool - May 2007 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
5/14/2007 Cumulative Security Update for Internet Explorer 6 for Windows XP (KB931768)
Security issues have been identified that could allow an attacker
to compromise a system running Internet Explorer and gain control
over it. You can help protect your system by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
5/14/2007 Update for Windows XP (KB930916)
This is a reliability update. Install this update to resolve
an issue where a third-party driver installed on a computer that
is running Windows XP may prevent you from opening files successfully
on a NTFS file system volume. After you install this item, you
may have to restart your computer.
4/10/2007 Security Update for Windows XP (KB932168)
A security issue has been identified in Microsoft Agent that
could allow an attacker to compromise your Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/10/2007 Security Update for Windows XP (KB931261)
A security issue has been identified in Universal Plug and Play
that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/10/2007 Security Update for Windows XP (KB930178)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
4/10/2007 Security Update for Windows XP (KB931784)
A security issue has been identified in the Windows Kernel that
could allow an attacker to compromise your Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/5/2007 Security Update for Windows XP (KB925902)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
4/5/2007 Update for Windows Media Format 11 SDK for Windows XP (KB929399)
Install this update to address the DRM subscriptions service’s
inability to extract metering data from certain portable devices
while attempting to synchronize metering data on a client computer
running the Microsoft Windows Media Format 11 SDK. After you
install this item, you may have to restart your computer.
3/16/2007 Windows Malicious Software Removal Tool - March 2007 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
3/16/2007 Update for Windows XP (KB929338)
This is a reliability update. Install this update to improve
the stability of computers running Windows XP. This update prevents
some Stop 0x1a or Stop 0x0a errors. After you install this item,
you will have to restart your computer.
3/16/2007 Update for Windows XP (KB931836)
Installing this update enables your computer to automatically
adjust the computer clock on the correct date in 2007 due to
revised Daylight Saving Time laws in many countries. After you
install this item, you may have to restart your computer.
3/16/2007 Cumulative Security Update for Internet Explorer 6 for Windows XP (KB928090)
Security issues have been identified that could allow an attacker
to compromise a system running Internet Explorer and gain control
over it. You can help protect your system by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
3/16/2007 Security Update for Windows (KB923723)
A security issue has been identified in the Step-by-Step Interactive
Training application that could allow an attacker to compromise
your Windows-based system and gain control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/16/2007 Security Update for Windows XP (KB926436)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/16/2007 Security Update for Windows XP (KB918118)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/16/2007 Security Update for Windows XP (KB927779)
A security issue has been identified in Microsoft Data Access
Components (MDAC) that could allow an attacker to compromise
your Windows-based system and gain control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/16/2007 Security Update for Windows XP (KB924667)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/16/2007 Security Update for Windows XP (KB927802)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/16/2007 Security Update for Windows XP (KB928843)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/16/2007 Security Update for Windows XP (KB928255)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/16/2007 Security Update for Windows XP (KB929969)
A security issue has been identified in the way Vector Markup
Language (VML) is handled that could allow an attacker to compromise
a computer running Microsoft Windows and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
3/16/2007 Security Update for Windows Media Player 6.4 (KB925398)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Windows
Media Player and gain control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
3/16/2007 Cumulative Security Update for Outlook Express for Windows XP (KB923694)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Outlook
Express. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
3/16/2007 Security Update for Windows XP (KB926255)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
12/15/2006 Windows Media Player 11
Windows Media Player 11 offers great new ways to store and enjoy
digital media beyond music. It's easier than ever to access all
of your video, pictures, and recorded TV on your computer. Play
it, view it, organize it, sync it to a portable device for viewing
on the go, or share with devices around your home—all from one
place. After you install this item, you may have to restart your
computer.
11/16/2006 Security Update for Windows XP (KB923980)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
11/16/2006 Security Update for Windows XP (KB924270)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
11/16/2006 Windows Malicious Software Removal Tool - November 2006 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
11/16/2006 MSXML 4.0 SP2 Security Update (KB927978)
A vulnerability exists in the XMLHTTP ActiveX control within
Microsoft XML Core Services that could allow for remote code
execution
11/16/2006 Security Update for Windows XP (KB920213)
A security issue has been identified in MSAgent that could allow
an attacker to compromise your Windows-based system and gain
control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
11/16/2006 Cumulative Security Update for Internet Explorer for Windows XP (KB922760)
Security issues have been identified that could allow an attacker
to compromise a system running Microsoft Internet Explorer and
gain control over it. You can help protect your system by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
10/16/2006 Security Update for Windows XP (KB924191)
A security issue has been identified in the way Microsoft XML
Core Services (MSXML) is handled that could allow an attacker
to compromise a Windows-based system and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/16/2006 Security Update for Windows XP (KB922819)
A security issue has been identified that could allow an attacker
to cause Denial of Service conditions on Windows-based systems.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/16/2006 Security Update for Windows XP (KB924496)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/14/2006 Security Update for Windows XP (KB924191)
A security issue has been identified in the way Microsoft XML
Core Services (MSXML) is handled that could allow an attacker
to compromise a Windows-based system and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/14/2006 Security Update for Windows XP (KB922819)
A security issue has been identified that could allow an attacker
to cause Denial of Service conditions on Windows-based systems.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/14/2006 Security Update for Windows XP (KB923414)
A security issue has been identified in the Server service that
could allow a remote user to cause an affected Windows-based
system to stop responding. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/14/2006 Security Update for Windows XP (KB924496)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/14/2006 Security Update for Microsoft .NET Framework, Version 2.0 (KB922770)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain access to restricted data. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
10/14/2006 Security Update for Windows XP (KB923191)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/14/2006 Windows Malicious Software Removal Tool - October 2006 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
9/26/2006 Security Update for Windows XP (KB925486)
A security issue has been identified in the way Vector Markup
Language (VML) is handled that could allow an attacker to compromise
a computer running Microsoft Windows and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
9/13/2006 Security Update for Windows XP (KB920685)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain access to restricted
data. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
9/13/2006 Update for Windows XP (KB920872)
This is a reliability update for Windows XP machines. Install
this audio component update to prevent memory corruption issues
which may cause an unstable state on a computer that is running
Windows XP Service Pack 2. After you install this item, you may
have to restart your computer.
9/13/2006 Security Update for Windows XP (KB919007)
A security issue has been identified in Reliable Multicast Program
(PGM) for Microsoft Windows XP-based systems that could result
in a denial of service. You can help protect your computer by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
9/13/2006 Update for Windows XP (KB922582)
A problem has been identified in Filter Manager that can prevent
you from installing updates from Windows update. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
9/13/2006 Windows Malicious Software Removal Tool - September 2006 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
8/25/2006 Security Update for Microsoft .NET Framework, Version 2.0 (KB917283)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain access to restricted data. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/25/2006 Windows Genuine Advantage Notification (KB905474)
The Windows Genuine Advantage Notification tool notifies you
if your copy of Windows is not genuine. If your system is found
to be a non-genuine, the tool will help you obtain a licensed
copy of Windows.
8/23/2006 Security Update for Windows XP (KB922616)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using a vulnerability
in HTML Help and gain control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/23/2006 Security Update for Windows XP (KB921398)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
8/23/2006 Cumulative Security Update for Internet Explorer for Windows XP (KB918899)
Security issues have been identified that could allow an attacker
to compromise a system running Microsoft Internet Explorer and
gain control over it. You can help protect your system by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
8/23/2006 Security Update for Windows XP (KB920683)
A security issue has been identified in DNS Resolution that could
allow an attacker to compromise your Windows-based system and
gain control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
8/23/2006 Security Update for Outlook Express for Windows XP (KB920214)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/23/2006 Security Update for Windows XP (KB922616)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using a vulnerability
in HTML Help and gain control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/23/2006 Security Update for Windows XP (KB921398)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
8/23/2006 Windows Malicious Software Removal Tool - August 2006 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
8/23/2006 Cumulative Security Update for Internet Explorer for Windows XP (KB918899)
Security issues have been identified that could allow an attacker
to compromise a system running Microsoft Internet Explorer and
gain control over it. You can help protect your system by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
8/23/2006 Security Update for Windows XP (KB920670)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
8/23/2006 Security Update for Windows XP (KB917422)
A security issue has been identified in the Windows Kernel that
could allow an attacker to compromise your Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/23/2006 Security Update for Windows XP (KB920683)
A security issue has been identified in DNS Resolution that could
allow an attacker to compromise your Windows-based system and
gain control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
8/23/2006 Windows Malicious Software Removal Tool - August 2006 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
8/8/2006 Security Update for Windows Media Player 10 for Windows XP (KB917734)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Windows
Media Player and gain control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB899587)
A security issue has been identified that could allow an attacker
to gain access to sensitive data transmitted through your Microsoft
Windows-based system in a domain environment, and to perform
denial of service attacks against domain controllers. You can
help protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB921883)
A security issue has been identified in the Server service that
could allow an attacker to compromise your Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB911927)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
8/8/2006 Security Update for Windows XP (KB901017)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Collaboration
Data Objects (CDO) and gain control over it. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB899591)
A security issue has been identified in the Remote Desktop Protocol
(RDP) that could allow an attacker to remotely cause your Microsoft
Windows-based system to stop responding. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB896424)
A remote code execution security issue has been identified in
the Graphics Rendering Engine that could allow an attacker to
remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
8/8/2006 Security Update for Windows XP (KB893756)
A security issue has been identified in the Telephony Application
Programming Interface (TAPI) that could allow an attacker to
compromise your Microsoft Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
8/8/2006 Security Update for Windows XP (KB911280)
A remote code execution security issue has been identified in
the Routing and Remote Access service that could allow an attacker
to remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
8/8/2006 Security Update for Windows XP (KB911562)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Microsoft
Data Access Components and gain control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/8/2006 Update for Windows XP (KB900485)
Install this update to prevent an issue in which you may receive
a “stop 0x7e in AEC.SYS” error message on a computer that is
running Windows XP Service Pack 2. The error may occur during
startup, or after the system has started. AEC.SYS is the acoustic
echo canceling driver. After you install this item, you may have
to restart your computer.
8/8/2006 Security Update for Windows XP (KB917159)
A remote code execution security issue has been identified in
the Server service that could allow an attacker to remotely compromise
your Windows-based system and gain control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/8/2006 Update for Windows XP (KB910437)
Install this update to prevent or resolve an issue in which Windows
Update and Automatic Updates can no longer download updates after
an Access Violation error occurs when using the Automatic Updates
service. After you install this item, you may have to restart
your computer.
8/8/2006 Security Update for Windows Media Player Plug-in (KB911564)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using the Windows
Media Player Plug-in and gain control over it. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB918439)
A security issue has been identified in the way ART images are
handled that could allow an attacker to compromise a computer
running Microsoft Windows and gain control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB902400)
A remote code execution security issue has been identified that
could allow an attacker to remotely compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB914388)
A remote code execution security issue has been identified in
the DHCP Client service that could allow an attacker to remotely
compromise your Windows-based system and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
8/8/2006 Security Update for Windows XP (KB917344)
A security issue has been identified in the Windows Script Host
that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB905414)
A denial of service security issue has been identified that could
cause the Network Manager service to stop responding on your
Windows-based system. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB917953)
A security issue has been identified that could allow an attacker
to compromise your Microsoft Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
8/8/2006 Security Update for Windows XP (KB900725)
A security issue has been identified that could allow an authenticated
attacker to gain access and potentially compromise your Microsoft
Windows-based system. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB912919)
A remote code execution security issue has been identified in
the Graphics Rendering Engine that could allow an attacker to
remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
8/8/2006 Update for Windows XP (KB916595)
This is a reliability update for Windows XP machines. Install
this update to prevent an issue in which you may receive a "Stop
0xD" error message on a computer that is running Windows XP Service
Pack 2. The error may occur during startup, or after the system
has started. After you install this item, you may have to restart
your computer.
8/8/2006 Security Update for Windows XP (KB904706)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using DirectShow
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB908531)
A security issue has been identified in Windows Explorer that
could allow an attacker to compromise your Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB905749)
A security issue has been identified in the Plug and Play service
that could allow an authenticated attacker to compromise your
Microsoft Windows-based system and gain control over it. You
can help protect your computer by installing this update from
Microsoft. After you install this item, you may have to restart
your computer.
8/8/2006 Security Update for Windows XP (KB913580)
A security issue has been identified in Windows-based systems
that could cause the Microsoft Distributed Transaction Coordinator
(MSDTC) to stop responding. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2006 Cumulative Security Update for Outlook Express for Windows XP (KB911567)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Outlook
Express and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2006 Update for Windows XP (KB894391)
Install this update to address an issue that may cause a "Generic
Host Process" error message to be displayed after you install
security update MS05-012, or cause attachment file names not
to be displayed in Rich Text e-mail messages. After you install
this update, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB908519)
A security issue has been identified that could allow an attacker
to compromise your Microsoft Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
8/8/2006 Security Update for Windows XP (KB914389)
A local elevation of privilege security issue has been identified
in the Server Message Block that could allow an attacker to compromise
your Windows-based system and gain control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/8/2006 Security Update for Windows XP (KB896423)
A security issue has been identified in the Print Spooler service
that could allow an attacker to compromise your Microsoft Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2006 Windows Malicious Software Removal Tool - July 2006 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
7/14/2005 Windows Malicious Software Removal Tool - July 2005 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
7/14/2005 Security Update for Windows XP (KB901214)
A security issue has been identified in the Color Management
Module that could allow an attacker to compromise your Microsoft
Windows-based system and gain control over it. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
7/14/2005 Security Update for JView Profiler (KB903235)
A security issue has been identified that could allow an attacker
to compromise a computer running Microsoft Internet Explorer
and gain control over it. You can help protect your computer
by installing this update, which sets a registry key that blocks
attempts to take advantage of this issue. After you install this
item, you may have to restart your computer.
6/29/2005 Update for Windows XP (KB898461)
This update installs a permanent copy of Package Installer for
Windows to enable software updates to have a significantly smaller
download size. The Package Installer facilitates the install
of software updates for Microsoft Windows operating systems and
other Microsoft products. After you install this update, you
may have to restart your system.
6/15/2005 Security Update for Windows XP (KB896422)
A security issue has been identified in Server Message Block
that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/15/2005 Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB883939)
Security issues have been identified that could allow an attacker
to compromise a computer running Microsoft Internet Explorer
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/15/2005 Security Update for Windows XP (KB896358)
A security issue has been identified in the HTML Help component
that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/15/2005 Windows Malicious Software Removal Tool - June 2005 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
6/15/2005 Security Update for Microsoft Windows (KB898458)
A security issue has been identified in the Step-by-Step Interactive
Training application that could allow an attacker to compromise
your Microsoft Windows-based system and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
6/15/2005 Security Update for Windows XP (KB890046)
A security issue has been identified in Microsoft Agent that
could allow an attacker to compromise your Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/15/2005 Security Update for Windows XP (KB893066)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
6/15/2005 Security Update for Windows XP (KB896428)
A security issue in Telnet has been identified that could allow
an attacker to learn information about your Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
5/19/2005 Microsoft Windows Installer 3.1
The Microsoft Windows Installer 3.1 is the application installation
and configuration service for Windows. The additional features
in version 3.1 help make creating, distributing, and managing
updates to applications easier and more efficient.
5/11/2005 Windows Malicious Software Removal Tool - May 2005 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps to remove any infection
found. If an infection is found, the tool will display a status
report the next time you start your computer. A new version of
the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center or run an online version from microsoft.com.
This tool is not a replacement for an anti-virus product. To
help protect your computer, you should use an anti-virus product.
4/16/2005 Security Update for Windows XP (KB893066)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
4/16/2005 Windows Malicious Software Removal Tool - April 2005 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and automatically helps remove any
variants found. After it runs, the tool is deleted from your
computer. A new version of the tool will be offered every month.
If you want to manually run the tool on your computer, you can
download a copy from the Microsoft Download Center or run an
online version from microsoft.com. In addition to using this
tool, you should use an up-to-date antivirus product to help
protect your computer from other malicious software.
4/16/2005 Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB890923)
A security issue has been identified that could allow an attacker
to compromise a computer running Microsoft Internet Explorer
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/16/2005 Security Update for Windows XP (KB893086)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
4/16/2005 Security Update for Windows XP (KB890859)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
4/16/2005 Microsoft Windows Installer 3.1
The Microsoft Windows Installer 3.1 is the application installation
and configuration service for Windows. The additional features
in version 3.1 help make creating, distributing, and managing
updates to applications easier and more efficient.
4/15/2005 Windows Malicious Software Removal Tool - April 2005 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and automatically helps remove any
variants found. After it runs, the tool is deleted from your
computer. A new version of the tool will be offered every month.
If you want to manually run the tool on your computer, you can
download a copy from the Microsoft Download Center or run an
online version from microsoft.com. In addition to using this
tool, you should use an up-to-date antivirus product to help
protect your computer from other malicious software.
3/10/2005 Windows Malicious Software Removal Tool - March 2005 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and automatically helps remove any
variants found. After it runs, the tool is deleted from your
computer. A new version of the tool will be offered every month.
If you want to manually run the tool on your computer, you can
download a copy from the Microsoft Download Center or run an
online version from microsoft.com. In addition to using this
tool, you should use an up-to-date antivirus product to help
protect your computer from other malicious software.
2/24/2005 Update for Windows XP (KB887742)
This update addresses an issue that could cause your system to
stop responding if certain firewall or antivirus programs are
installed. You can help resolve this issue by installing this
HTTP.sys update from Microsoft. After you install this item,
you may have to restart your computer.
2/14/2005 Windows Malicious Software Removal Tool - February 2005 (KB890830)
After the download, this tool runs once to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and automatically helps remove any
variants found. After it runs, the tool is deleted from your
computer. A new version of the tool will be offered every month.
If you want to manually run the tool on your computer, you can
download a copy from the Microsoft Download Center or run an
online version from microsoft.com. In addition to using this
tool, you should use an up-to-date antivirus product to help
protect your computer from other malicious software.
2/13/2005 Security Update for Windows XP (KB885250)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
2/13/2005 Security Update for Windows XP (KB888113)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/13/2005 Security Update for Windows Messenger (KB887472)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/13/2005 Security Update for Windows XP (KB891781)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/13/2005 Cumulative Security Update for Internet Explorer for Windows XP (KB867282)
A security issue has been identified that could allow an attacker
to compromise a computer running Microsoft Internet Explorer
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/13/2005 Security Update for Windows XP (KB873333)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/13/2005 Security Update for Windows XP (KB890047)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/13/2005 Security Update for Windows XP (KB888302)
A security issue has been identified that could allow an attacker
to remotely read information about your Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
2/13/2005 Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system running the Microsoft
.NET Framework and gain access to restricted data. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
1/15/2005 Malicious Software Removal Tool - January 2005 (KB890830)
This tool checks your computer for infection by specific, prevalent
malicious software (including Blaster, Sasser, and Mydoom) and
helps remove any variants found. You should also use an antivirus
product to remove other malicious software that may be present.
This tool helps maintain your computer, and its appearance does
not indicate that your machine is infected with malicious software.
After you run this item, you may have to restart your computer.
1/13/2005 Security Update for Windows XP (KB890175)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
12/15/2004 Security Update for Windows XP (KB885836)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
12/15/2004 Security Update for Windows XP (KB873339)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
12/15/2004 Critical Update for Windows XP (KB886185)
This update helps narrow the definition of the My network, or
local subnet, restriction option in the Windows Firewall. This
is helpful in situations where the Windows Firewall would consider
a large network to be on the local subnet because of how the
dial-up software configured the route tables. After you install
this item, you may have to restart your computer.
12/15/2004 Security Update for Windows XP (KB885835)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/15/2004 Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB834707)
A security issue has been identified that could allow an attacker
to compromise a computer running Internet Explorer and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
10/15/2004 Critical Update for Office XP on Windows XP Service Pack 2 (KB885884)
This update resolves an issue affecting only customers deploying
the MS04-028 update for Office XP on Windows XP SP2. The original
update appears to install correctly, but it may not actually
have completed. To help protect your computer, we are providing
this new update. After you install this item, you may have to
restart your computer.
9/19/2004 Microsoft GDI+ Detection Tool (KB873374)
The Microsoft GDI+ Detection Tool helps detect the presence of
Microsoft products (other than Windows) that contain the GDI+
component. Microsoft customers can run this tool to help determine
if a GDI+ security update is required. Microsoft recommends you
visit the Office Update site to determine if your computer requires
security updates for Office family products.
9/19/2004 Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 1.1 Service Pack 1 resolves various
issues found after the initial release of .NET Framework 1.1.
These include both security- and non-security-related issues.
After you install this item, you may have to restart your computer.
Once you have installed this item, it cannot be removed.
8/27/2004 Windows XP Service Pack 2
Get better protection against hackers, viruses, and worms with
Windows XP Service Pack 2. Updating your computer with Service
Pack 2 will ensure that you have the latest security updates
and enhancements from Microsoft. After you have installed Service
Pack 2, you will need to restart your computer.
7/31/2004 Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB867801)
A security issue has been identified that could allow an attacker
to compromise a computer running Internet Explorer and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
7/15/2004 Security Update for Windows XP (KB839645)
A security issue has been identified that could allow an attacker
to compromise a computer running Windows and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
7/15/2004 Security Update for Windows XP (KB841873)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
7/15/2004 Security Update for Windows XP (KB840315)
A security issue has been identified that could allow an attacker
to compromise a computer running Windows and gain control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
7/15/2004 Update for Background Intelligent Transfer Service (BITS) 2.0 and WinHTTP 5.1 (KB842773)
This software updates the Background Intelligent Transfer Service
(BITS) to v2.0 and updates WinHTTP. These updates help ensure
an optimal download experience with future versions of Automatic
Updates, Windows Update, and other programs that rely on BITS
to transfer files using idle network bandwidth.
7/15/2004 Cumulative Security Update for Outlook Express 6 SP1 (KB823353)
A vulnerability exists in Outlook Express that could allow an
attacker to cause Outlook Express to fail. You can help protect
your computer by installing this update. After you install this
update you may need to restart your computer.
7/3/2004 Critical Update for ADODB.stream (KB870669)
An issue has been identified that could allow an attacker to
compromise a computer running Windows and gain complete control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
6/8/2004 Security Update for DirectX 9.0 (KB839643)
A security issue has been identified that could allow an attacker
to cause DirectX, or applications using DirectX, to become unresponsive.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
5/15/2004 Security Update for Windows XP (KB840374)
A security issue has been identified that could allow an attacker
to compromise a computer running Windows and gain complete control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
5/8/2004 Update for Windows Media Player 9 Series (KB837272)
4/14/2004 Cumulative Security Update for Outlook Express 6 Service Pack 1 (KB837009)
A security issue has been identified in Microsoft Outlook Express
that could allow an attacker to read files on your computer,
or cause a program to run. You can help protect your computer
by installing this update. After you install this item, you may
have to restart your computer.
4/14/2004 Broadcom Corporation modem software update released on August 27 2003.
4/14/2004 NVIDIA display software update released on October 06 2003.
4/14/2004 Update for Microsoft Windows XP (KB826942)
4/14/2004 Update for Windows XP HighMAT Support in CD Writing Wizard (KB831240)
4/14/2004 Update for Windows XP Shop for Music Online Link (KB833998)
4/14/2004 Critical Update for IntelliType Pro and IntelliPoint on Windows XP (KB834840)
4/14/2004 Security Update for Windows XP (KB835732)
4/14/2004 Security Update for Windows XP (KB828741)
4/14/2004 Security Update for Windows XP (KB837001)
4/14/2004 Critical Update for Internet Explorer 6 Service Pack 1 (KB831167)
4/14/2004 Cumulative Security Update for Outlook Express 6 Service Pack 1 (KB837009)
2/15/2004 Security Update for Windows XP (KB828028)
A security issue has been identified in Microsoft Windows-based
systems that could allow an attacker to compromise your Microsoft
Windows-based system and gain control over it. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may need to restart your computer.
2/15/2004 Critical Update for Windows (KB833407)
This item updates the Bookshelf Symbol 7 font included in some
Microsoft products. The font has been found to contain unacceptable
symbols. After you install this item, you may have to restart
your computer.
2/3/2004 Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB832894)
Identified security issues in Internet Explorer could allow an
attacker to compromise a Windows-based system. For example, an
attacker could run programs on your computer while you view a
Web page. This affects all computers with Internet Explorer installed
(even if you don’t run Internet Explorer as your Web browser).
After you install this item, you may need to restart your computer.
1/14/2004 Security Update for Microsoft Data Access Components (KB832483)
An identified security issue in Microsoft Data Access Components
could allow an attacker to compromise a Windows-based system
and take a variety of actions. For example, an attacker could
execute code on the system. By installing this update, you help
protect your computer. After you install this item, you may have
to restart your computer. Once you have installed this item,
it cannot be removed.
12/11/2003 Security Update for Windows XP (KB810217)
A security issue has been identified in FrontPage Server Extensions.
This vulnerability could allow an attacker to run code of their
choice on your system. You can help protect your computer by
installing this update from Microsoft. After you install this
item, you may have to restart your computer. Once you have installed
this item, it cannot be removed.
11/23/2003 Security Update for Microsoft Windows XP (KB828035)
A security issue has been identified that could allow an attacker
to remotely compromise a computer running Microsoft Windows
XP and gain complete control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
11/11/2003 NVIDIA display software update released on July 28 2003.
11/11/2003 Recommended Update for Windows XP SP1 (KB822603)
11/11/2003 Update for Jet 4.0 Service Pack 8 (KB829558)
11/11/2003 Cumulative Security Update for Internet Explorer 6 SP1 (KB824145)
10/17/2003 Security Update for Microsoft Windows (KB824141)
A security issue has been identified that could allow an attacker
to compromise a computer running Microsoft Windows and gain control
over it. To attempt an attack, the attacker would have to be
able to log on to the computer. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/17/2003 Security Update for Microsoft Windows (KB823182)
A security issue has been identified that could allow an attacker
to remotely compromise a computer running Microsoft Windows and
gain complete control over it. For example, an attacker could
execute code on your system. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/17/2003 Security Update for Microsoft Windows XP (KB825119)
A security issue has been identified that could allow an attacker
to remotely compromise a computer running Microsoft Windows
XP and gain complete control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
10/17/2003 Security Update for Microsoft Windows XP (KB828035)
A security issue has been identified that could allow an attacker
to remotely compromise a computer running Microsoft Windows
XP and gain complete control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
10/4/2003 Security Update for Windows Media Player (KB828026)
A security issue has been identified that could allow an attacker
to execute commands on a computer running Windows Media Player.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
10/4/2003 October 2003, Cumulative Patch for Internet Explorer 6 Service Pack 1 (KB828750)
Security issues identified in Microsoft Internet Explorer (IE)
could allow an attacker to compromise systems with IE installed
(even if IE is not used as the Web browser). For example, an
attacker could run programs on a computer used to view the attacker's
Web site. Download this update from Microsoft to help protect
your computer. After installation, you may have to restart your
computer.
9/12/2003 Security Update for Windows XP (KB824146)
A security issue has been identified that could allow an attacker
to remotely compromise a computer running Microsoft Windows
and gain complete control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
9/5/2003 Security Update for Microsoft Windows (KB824105)
A security issue has been identified in Microsoft Windows that
could allow an attacker to see information in your computer’s
memory over a network. You can help protect your computer by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/24/2003 Security Update for Microsoft Data Access Components (823718)
An identified security issue in Microsoft Data Access Components
could allow an attacker to compromise a Microsoft Windows-based
system and then take a variety of actions. For example, an attacker
could execute code on the system. By installing this update,
you can help protect your computer. After you install this item,
you may have to restart your computer. Once you have installed
this item, it cannot be removed.
8/24/2003 August 2003, Cumulative Patch for Internet Explorer 6 Service Pack 1 (822925)
Security issues identified in Microsoft Internet Explorer (IE)
could allow an attacker to compromise systems with IE installed
(even if IE is not used as the Web browser). For example, an
attacker could run programs on a computer used to view the attacker's
Web site. Download this update from Microsoft to help protect
your computer. After installation, you may have to restart your
computer.
8/12/2003 Flaw In Windows Media Player May Allow Media Library Access (819639)
An identified security issue in Windows Media Player 9 could
allow an attacker to see certain information on your computer
after you viewed a Web page. For instance, this issue could allow
an attacker to view information about your media library and
modify it. By installing this update, you can help protect your
computer. After you install this item, you may have to restart
your computer. Once you have installed this item, it cannot be
removed.
8/11/2003 NVIDIA Display Driver Version 4.4.0.3
8/11/2003 Dell Computer Corp. Monitor Driver Released on March 22 2002
8/11/2003 Windows MovieMaker 2
8/11/2003 Microsoft Windows Journal Viewer (Windows XP)
8/11/2003 Windows Messenger 4.7
8/11/2003 Windows Error Reporting: Recommended Update (Windows XP)
8/11/2003 Q282010: Recommended Update for Microsoft Jet 4.0 Service Pack 7 (SP7) - Windows XP
8/11/2003 Q810243 Update: Watch television shows recorded by Media Center PCs on other Microsoft Windows XP PCs
8/11/2003 Q327405: Recommended Update (Windows XP Home Edition)
8/11/2003 Q322011: Recommended Update
8/11/2003 814995: Recommended Update
8/11/2003 Recommended Update for Windows XP SP1 (817778)
8/11/2003 820291: Recommended Update (Windows XP)
8/11/2003 DirectX 9.0b End-User Runtime
8/11/2003 Windows Media Player 9 Series (Windows XP)
8/11/2003 329170: Security Update
A security vulnerability has been identified that could allow
an attacker to disrupt a facility by which security settings
are applied to Windows-based computers in a corporate network.
This could allow the attacker to loosen settings on his or her
own computer or impose tighter ones on someone else's. Network
administrators can help eliminate this issue by installing this
update. After you install this item, you may have to restart
your computer.
8/11/2003 811630: Critical Update (Windows XP)
This update enables applications to access HTML Help in a new,
restricted mode. Future updates of Internet Explorer require
this new capability. Download now to ensure that Internet Explorer
can properly display HTML Help in HTML pages.
8/11/2003 Q323255: Security Update (Windows XP)
This update resolves the "Unchecked buffer in HTML Help can lead
to Code Execution" security vulnerability in Windows XP. Download
now to help prevent a malicious user from running an unauthorized
program on your computer.
8/11/2003 814078: Security Update (Microsoft Jscript version 5.6, Windows 2000, Windows XP)
A security issue has been identified that could allow an attacker
to run programs on a computer running Microsoft Windows. The
attacker would first have to send you an e-mail message or entice
you into visiting a malicious Web site. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
Once you have installed this item, it cannot be removed.
8/11/2003 817787: Security Update Windows Media Player for XP
An identified security issue in Microsoft Windows Media Player
7.1 and Windows Media Player for XP could enable an attacker
to read files or run programs on a remote computer. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
Once you have installed this item, it cannot be removed.
8/11/2003 817606: Security Update (Windows XP)
An identified security issue in Microsoft Windows could allow
an attacker to compromise a Microsoft Windows-based system and
then take a variety of actions. For example, an attacker could
execute code on the system. By installing this update, you can
help protect your computer. After you install this item, you
may have to restart your computer.
8/11/2003 823559: Security Update for Microsoft Windows
An identified security issue in Microsoft Windows could allow
an attacker to compromise a Microsoft Windows-based system and
then take a variety of actions. For example, an attacker could
execute code on the system. By installing this update, you can
help protect your computer. After you install this item, you
may have to restart your computer.
8/11/2003 Security Update for Windows XP (823980)
A security issue has been identified that could allow an attacker
to remotely compromise a computer running Microsoft Windows
and gain complete control over it. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/11/2003 810577: Security Update
A security issue has been identified that could allow an attacker
to compromise a computer running Microsoft Windows XP and
gain control over it. To attempt an attack, the attacker would
have to be able to log on to the computer. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/11/2003 810833: Security Update (Windows XP)
A security issue has been identified that could allow an attacker
to compromise a computer running Microsoft Windows and
gain control over it. This issue is most likely to affect computers
used as servers. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
8/11/2003 810565: Critical Update
This update contains several fixes to Windows components to better
support default Web browsers other than Internet Explorer, as
described in Microsoft Knowledge Base (KB) Article 810565. Download
now to improve the interaction of certain Windows components
with default web browsers other than Internet Explorer. After
you install this item, you may have to restart your computer.
Once you have installed this item, it cannot be removed.
8/11/2003 328310: Security Update
A security vulnerability has been identified that could allow
an attacker to compromise a Windows-based computer and gain complete
control over it. The attacker would need the ability to log onto
the computer to carry out an attack. You can help protect your
computer from this specific vulnerability by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
8/11/2003 Q329115: Security Update (Windows XP)
This update resolves the "Certificate Validation Flaw Could Enable
Identity Spoofing" vulnerability in Windows XP. Download now
to help prevent an attacker from attempting identity spoofing
using certificates. After you install this item, you may have
to restart your computer.
8/11/2003 Q329390: Security Update
An identified security vulnerability in Windows XP could enable
an attacker to compromise a user's Microsoft Windows-based
computer and gain complete control over it, if the user visited
the attacker's web site or took other, less likely, actions.
You can help protect your computer from this and other identified
security concerns by installing this update. After you install
this item, you may have to restart your computer.
8/11/2003 Security Update for Windows XP (329834)
This update resolves the "Unchecked Buffer in PPTP Implementation
Could Enable Denial of Service" security vulnerability in Windows
XP and Windows XP Service Pack 1 (SP1). Download now to help
prevent an attacker from disrupting service on a server that
offers private networking and uses the PPTP protocol.
8/11/2003 814033: Critical Update
This update addresses the "Offered driver may not install using
Windows Update" issue in Windows XP, and is discussed in Microsoft
Knowledge Base (KB) Article 814033. Download now so you can download
drivers that Windows Update offers. After installing this update,
you may have to restart your computer.
8/11/2003 Q329441: Critical Update
This update addresses the "You Cannot Create a Network Connection
After You Restore Windows XP" issue in Windows XP, and is discussed
in Microsoft Knowledge Base (KB) Article Q329441. Download now
to be able to create network connections after restoring Windows
XP. After installing this update, you may have to restart your
computer.
8/11/2003 Security Update for Windows XP (815021)
An identified security vulnerability in Microsoft Windows NT
4.0, Windows 2000, and Windows XP could allow an attacker to
take control of the computer. This issue is most likely to affect
computers used as web servers. You can help protect your computer
from this and other identified issues by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
8/11/2003 816093: Security Update Microsoft Virtual Machine (Microsoft VM)
This update helps resolve a vulnerability in the Microsoft virtual
machine. After you install this item, you may have to restart
your computer. Once you have installed this item, it cannot be
removed.
8/11/2003 Q817287: Critical Update (Catalog Database Corruption in Microsoft Windows XP)
This update resolves issues associated with the catalog database
Windows uses to ensure the integrity of installed binaries. Update
817287 allows the database to repair itself if corruption occurs.
This update also improves performance of the catalog database
and anything using Microsoft Cryptographic Services NT Service
(CryptSvc.dll), including Microsoft Windows Media Player, and
Microsoft Media. After you install this item, you may have to
restart your computer. Once you have installed this item, it
cannot be removed.
8/11/2003 811493: Security Update (Windows XP)
A security issue has been identified that could allow an attacker
to compromise a computer running Microsoft Windows XP and gain
complete control over it. An attacker would need the ability
to log onto the computer locally to carry out an attack. You
can help protect your computer by installing this update from
Microsoft. After you install this update, you may have to restart
your computer.
8/11/2003 Security Update for Microsoft Windows (819696)
An identified security issue in Microsoft DirectX could allow
an attacker to run programs on a computer running Microsoft Windows.
The attacker would first have to send you an e-mail message or
entice you into visiting a malicious Web site. You can help protect
your computer by installing this update from Microsoft. Once
you have installed this item, it cannot be removed.
8/11/2003 821557: Security Update (Windows XP)
An identified security issue in Microsoft Windows could allow
an attacker to compromise a Microsoft Windows-based system and
then take a variety of actions. For example, an attacker could
execute code on the system. By installing this update, you can
help protect your computer. After you install this item, you
may have to restart your computer.
8/11/2003 330994: April 2003, Security Update for Outlook Express 6 SP1
A security issue in Microsoft Outlook Express has been
identified that could allow an attacker to read files on your
computer, or cause a program to run. You can help protect your
computer by installing this update. After you install this item,
you may have to restart your computer.
8/11/2003 818529: June 2003, Cumulative Patch for Internet Explorer 6 Service Pack 1
A number of security issues have been identified in Microsoft
Internet Explorer that could allow an attacker to compromise
your Microsoft Windows-based systems and then take a variety
of actions. For example, an attacker could run programs on a
computer used to view the attacker's Web site. This vulnerability
affects computers that have Microsoft Internet Explorer installed.
(You do not have to be using Internet Explorer as your Web browser
to be affected by this issue.) You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
System Folders
Path for burning CD C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\CD Burning
Application Data C:\Documents and Settings\All Users\Application Data
Public Desktop C:\Documents and Settings\All Users\Desktop
Documents C:\Documents and Settings\All Users\Documents
Global Favorites C:\Documents and Settings\All Users\Favorites
Music C:\Documents and Settings\All Users\Documents\My Music
Pictures C:\Documents and Settings\All Users\Documents\My Pictures
Start Menu Programs C:\Documents and Settings\All Users\Start Menu\Programs
Start Menu C:\Documents and Settings\All Users\Start Menu
Startup C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Templates C:\Documents and Settings\All Users\Templates
Videos C:\Documents and Settings\All Users\Documents\My Videos
Cookies C:\Documents and Settings\Charles Carey\Cookies
Desktop C:\Documents and Settings\Charles Carey\Desktop
Physical Desktop C:\Documents and Settings\Charles Carey\Desktop
User Favorites C:\Documents and Settings\Charles Carey\Favorites
Fonts C:\WINDOWS\Fonts
Internet History C:\Documents and Settings\Charles Carey\Local Settings\History
Temporary Internet Files C:\Documents and Settings\Charles Carey\Local Settings\Temporary Internet Files
Local Application Data C:\Documents and Settings\Charles Carey\Local Settings\Application Data
Windows Directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Program Files C:\Program Files
Services
Running Advanced SystemCare Service 6
Running Application Layer Gateway Service
Running Atheros Configuration Service
Running Automatic Updates
Running BITS
Running BrSplService
Running COM+ Event System
Running Computer Browser
Running Creative Service for CDROM Access
Running CryptSvc
Running DCOM Server Process Launcher
Running DHCP Client
Running DNS Client
Running Error Reporting Service
Running Event Log
Running Fast User Switching Compatibility
Running Fax
Running Help and Support
Running HID Input Service
Running HP CUE DeviceDiscovery Service
Running HP Network Devices Support
Running hpqcxs08
Running IMF Service
Running IPSEC Services
Running Java Quick Starter
Running Machine Debug Manager
Running Net Driver HPZ12
Running Network Connections
Running Network Location Awareness (NLA)
Running NVIDIA Display Driver Service
Running Plug and Play
Running Pml Driver HPZ12
Running PnkBstrA
Running PnkBstrB
Running PowerPanel Personal Edition Service
Running Print Spooler
Running Protected Storage
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Secondary Logon
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery Service
Running System Event Notification
Running System Restore Service
Running Task Scheduler
Running Telephony
Running Terminal Services
Running Themes
Running TrueVector Internet Monitor
Running Windows Audio
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Firewall/Internet Connection Sharing (ICS)
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Time
Running Wireless Zero Configuration
Running Workstation
Stopped .NET Runtime Optimization Service v2.0.50727_X86
Stopped Alerter
Stopped Application Management
Stopped ASP.NET State Service
Stopped ClipBook
Stopped COM+ System Application
Stopped Distributed Link Tracking Client
Stopped Distributed Transaction Coordinator
Stopped Extensible Authentication Protocol Service
Stopped getPlus Helper
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management Service
Stopped HTTP SSL
Stopped IMAPI CD-Burning COM Service
Stopped Indexing Service
Stopped Intel NCS NetService
Stopped Logical Disk Manager
Stopped Logical Disk Manager Administrative Service
Stopped Messenger
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Office Groove Audit Service
Stopped MS Software Shadow Copy Provider
Stopped Net Logon
Stopped NetMeeting Remote Desktop Sharing
Stopped Network Access Protection Agent
Stopped Network DDE
Stopped Network DDE DSDM
Stopped Network Provisioning Service
Stopped NT LM Security Support Provider
Stopped Office Source Engine
Stopped PCPitstop Scheduling
Stopped Performance Logs and Alerts
Stopped Portable Media Serial Number Service
Stopped QoS RSVP
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Help Session Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Removable Storage
Stopped Routing and Remote Access
Stopped Smart Card
Stopped TCP/IP NetBIOS Helper
Stopped Uninterruptible Power Supply
Stopped Universal Plug and Play Device Host
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Installer
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Stopped X10 Device Network Service
Security Options
@wsecedit.dll,-432 Enabled
@wsecedit.dll,-433 Enabled
@wsecedit.dll,-63 Disabled
@wsecedit.dll,-65 Administrator
@wsecedit.dll,-67 Guest
Accounts: Limit local account use of blank passwords to console logon only Enabled
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Undefined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Undefined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Administrators
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Disabled
Devices: Restrict floppy access to locally logged-on user only Disabled
Devices: Unsigned driver installation behavior Warn but allow installation
Domain controller: Allow server operators to schedule tasks Undefined
Domain controller: LDAP server signing requirements Undefined
Domain controller: Refuse machine account password changes Undefined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Disabled
Interactive logon: Display user information when the session is locked Undefined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Undefined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 14 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Undefined
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of credentials or .NET Passports for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously COMNAP,COMNODE,SQL\QUERY,SPOOLSS,LLSRPC,browser
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Control\Server Applications,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
Network access: Shares that can be accessed anonymously COMCFG,DFS$
Network access: Sharing and security model for local accounts Guest only - local users authenticate as Guest
Network security: Do not store LAN Manager hash value on next password change Disabled
Network security: LAN Manager authentication level Send LM & NTLM responses
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients No minimum
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers No minimum
Recovery console: Allow automatic administrative logon Enabled
Recovery console: Allow floppy copy and access to all drives and all folders Enabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Default owner for objects created by members of the Administrators group Object creator
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
Device Tree
ACPI Uniprocessor PC
Microsoft ACPI-Compliant System
ACPI Power Button
Intel Pentium 4 CPU 2.80GHz
System board
ACPI Fixed Feature Button
PCI bus
Intel 82865G\PE\P Processor to I/O Controller - 2570
Intel 82801EB Ultra ATA Storage Controllers
Intel 82801EB SMBus Controller - 24D3
SoundMAX Integrated Digital Audio
Intel® 82865G\PE\P Processor to AGP Controller - 2571
NVIDIA GeForce 6200
Plug and Play Monitor
Intel® 82801EB USB Universal Host Controller - 24D2
USB Root Hub
USB Human Interface Device
CyberPower Battery Backup
USB Human Interface Device
HID-compliant consumer control device
Microsoft USB Comfort Optical Mouse 3000 (IntelliPoint)
Intel® 82801EB USB Universal Host Controller - 24D4
USB Root Hub
Intel® 82801EB USB Universal Host Controller - 24D7
USB Root Hub
Intel® 82801EB USB Universal Host Controller - 24DE
USB Root Hub
USB Composite Device
USB Audio Device
USB Human Interface Device
HID-compliant consumer control device
Intel® 82801EB USB2 Enhanced Host Controller - 24DD
USB Root Hub
USB Composite Device
Officejet 6500 E709n
USB Printing Support
HP Officejet 6500 E709n Series
Officejet 6500 E709n (DOT4USB)
Officejet 6500 E709n (DOT4)
Officejet 6500 E709n (DOT4PRT)
Officejet 6500 E709n (Dot4PRINT)
USB Mass Storage Device
HP Officejet 6500 E USB Device
Generic volume
Intel® 82801EB PCI Bridge - 244E
NETGEAR 108 Mbps Wireless PCI Adapter WG311T
Intel PRO/100 VE Network Connection
Intel® 82801EB LPC Interface Controller - 24D0
ISAPNP Read Data Port
Direct memory access controller
Numeric data processor
Programmable interrupt controller
System speaker
System CMOS/real time clock
System timer
PS/2 Keyboard
Communications Port (COM1)
System board
Standard floppy disk controller
Floppy disk drive
ECP Printer Port (LPT1)
Printer Port Logical Interface
Intel® 82801EB Ultra ATA Storage Controllers
Primary IDE Channel
WDC WD1600AAJB-00PVA0
Generic volume
Generic volume
Secondary IDE Channel
HL-DT-ST CD-ROM GCR-8481B
_NEC DVD+RW ND-1100A
CPU
Intel Pentium 4
Cores 1
Threads 1
Name Intel Pentium 4
Code Name Northwood
Package Socket 478 mPGA
Technology 0.13um
Specification Intel Pentium 4 CPU 2.80GHz
Family F
Extended Family F
Model 2
Extended Model 2
Stepping 9
Revision D1
Instructions MMX, SSE, SSE2
Virtualization Not supported
Hyperthreading Not supported
Bus Speed 133.0 MHz
Rated Bus Speed 532.0 MHz
Stock Core Speed 2800 MHz
Stock Bus Speed 133 MHz
Caches
L1 Data Cache Size 8 KBytes
L1 trace cache 12 Kµops
L2 Unified Cache Size 512 KBytes
Core 0
Core Speed 2793.2 MHz
Multiplier x 21.0
Bus Speed 133.0 MHz
Rated Bus Speed 532.0 MHz
Thread 1
APIC ID 0
RAM
Memory slots
Total memory slots 4
Used memory slots 4
Free memory slots 0
Memory
Type DDR
Size 2048 MBytes
Channels # Single
DRAM Frequency 166.3 MHz
CAS# Latency (CL) 2.5 clocks
RAS# to CAS# Delay (tRCD) 3 clocks
RAS# Precharge (tRP) 3 clocks
Cycle Time (tRAS) 7 clocks
Physical Memory
Memory Usage 29 %
Total Physical 2.00 GB
Available Physical 1.41 GB
Total Virtual 3.85 GB
Available Virtual 3.39 GB
SPD
Number Of SPD Modules 4
Slot #1
Type DDR
Size 1024 MBytes
Manufacturer Kingston
Max Bandwidth PC2700 (166 MHz)
Part Number K
Serial Number 71159D52
Week/year 37 / 07
SPD Ext. EPP
JEDEC #2
Frequency 166.7 MHz
CAS# Latency 2.5
RAS# To CAS# 4
RAS# Precharge 4
tRAS 8
Voltage 2.500 V
JEDEC #1
Frequency 133.3 MHz
CAS# Latency 2.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 6
Voltage 2.500 V
Slot #2
Type DDR
Size 512 MBytes
Manufacturer Kingston
Max Bandwidth PC3200 (200 MHz)
Part Number K
Serial Number 6519993D
Week/year 02 / 06
SPD Ext. EPP
JEDEC #3
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
Voltage 2.500 V
JEDEC #2
Frequency 166.7 MHz
CAS# Latency 2.5
RAS# To CAS# 3
RAS# Precharge 3
tRAS 7
Voltage 2.500 V
JEDEC #1
Frequency 133.3 MHz
CAS# Latency 2.0
RAS# To CAS# 2
RAS# Precharge 2
tRAS 6
Voltage 2.500 V
Slot #3
Type DDR
Size 256 MBytes
Manufacturer Kingston
Max Bandwidth PC2700 (166 MHz)
Part Number K
Serial Number 452EAEE4
Week/year 29 / 03
SPD Ext. EPP
JEDEC #2
Frequency 166.7 MHz
CAS# Latency 2.5
RAS# To CAS# 4
RAS# Precharge 4
tRAS 8
Voltage 2.500 V
JEDEC #1
Frequency 133.3 MHz
CAS# Latency 2.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 6
Voltage 2.500 V
Slot #4
Type DDR
Size 256 MBytes
Manufacturer Kingston
Max Bandwidth PC2700 (166 MHz)
Part Number K
Serial Number 022EFFD3
Week/year 29 / 03
SPD Ext. EPP
JEDEC #2
Frequency 166.7 MHz
CAS# Latency 2.5
RAS# To CAS# 4
RAS# Precharge 4
tRAS 8
Voltage 2.500 V
JEDEC #1
Frequency 133.3 MHz
CAS# Latency 2.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 6
Voltage 2.500 V
Motherboard
Manufacturer Dell Computer Corp.
Model 02Y832 (Microprocessor)
Chipset Vendor Intel
Chipset Model i865P/PE/G/i848P
Chipset Revision A2
Southbridge Vendor Intel
Southbridge Model 82801EB (ICH5)
Southbridge Revision 02
BIOS
Brand Dell Computer Corporation
Version A12
Date 8/26/2004
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI1
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI2
Slot Number 1
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI3
Slot Number 2
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage In Use
Bus Width 32 bit
Slot Designation AGP1
Slot Number 3
Graphics
Monitor
Name CM2019 on NVIDIA GeForce 6200
Current Resolution 1280x1024 pixels
Work Resolution 1280x996 pixels
State enabled, primary, output devices support
Monitor Width 1280
Monitor Height 1024
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
GeForce 6200
GPU NV44a
Device ID 10DE-0221
Revision A2
Subvendor Undefined (0000)
Series GeForce 6
Current Performance Level Level 1
Technology 110 nm
Die Size 110 mm˛
Transistors 77 M
Release Date 2005
DirectX Support 9.0c
DirectX Shader Model 3.0
OpenGL Support 2.0
Bus Interface AGP
AGP Aperture 128 MB
AGP Rate 8x
Temperature 52 °C
GPU Clock 351 MHz
Memory Clock 532 MHz
Driver version 6.14.12.6658
BIOS Version 5.44.a2.07.52
ROPs 4
Shaders Vertex 4/Pixel 4
Memory Type DDR
Memory 256 MB
Bus Width 32x2 (64 bit)
Pixel Fillrate 1.4 GPixels/s
Texture Fillrate 1.4 GTexels/s
Bandwidth 8.5 GB/s
Anti Aliasing Modes 1x2OGSS, 2x2OGSS, 2xRGMS, 2xRGMS+5, 4xOGMS, 4xS, 6xS, 6x, new 8xS, 2x1OGSS, 4xRGMS, 16xS
Filtering Modes Bilinear, Trilinear, 16x Anisotropic
Noise Level Silent
Count of performance levels : 1
Level 1
OpenGL
Version 2.1.2
Vendor NVIDIA Corporation
Renderer GeForce 6200/AGP/SSE2
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 8
GL_MAX_TEXTURE_SIZE 4096
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_ARB_color_buffer_float
GL_ARB_copy_buffer
GL_ARB_depth_clamp
GL_ARB_depth_texture
GL_ARB_draw_buffers
GL_ARB_ES2_compatibility
GL_ARB_explicit_attrib_location
GL_ARB_fragment_program
GL_ARB_fragment_program_shadow
GL_ARB_fragment_shader
GL_ARB_framebuffer_object
GL_ARB_half_float_pixel
GL_ARB_half_float_vertex
GL_ARB_imaging
GL_ARB_map_buffer_range
GL_ARB_multisample
GL_ARB_multitexture
GL_ARB_occlusion_query
GL_ARB_occlusion_query2
GL_ARB_pixel_buffer_object
GL_ARB_point_parameters
GL_ARB_point_sprite
GL_ARB_provoking_vertex
GL_ARB_robustness
GL_ARB_sampler_objects
GL_ARB_separate_shader_objects
GL_ARB_shader_objects
GL_ARB_shading_language_100
GL_ARB_shading_language_include
GL_ARB_shadow
GL_ARB_texture_border_clamp
GL_ARB_texture_compression
GL_ARB_texture_cube_map
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_crossbar
GL_ARB_texture_env_dot3
GL_ARB_texture_float
GL_ARB_texture_mirrored_repeat
GL_ARB_texture_non_power_of_two
GL_ARB_texture_rectangle
GL_ARB_texture_swizzle
GL_ARB_timer_query
GL_ARB_transpose_matrix
GL_ARB_vertex_array_bgra
GL_ARB_vertex_array_object
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_vertex_shader
GL_ARB_window_pos
GL_ATI_draw_buffers
GL_ATI_texture_float
GL_ATI_texture_mirror_once
GL_S3_s3tc
GL_EXT_texture_env_add
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_blend_color
GL_EXT_blend_equation_separate
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_compiled_vertex_array
GL_EXT_Cg_shader
GL_EXT_depth_bounds_test
GL_EXT_direct_state_access
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_framebuffer_blit
GL_EXT_framebuffer_multisample
GL_EXT_framebuffer_object
GL_EXT_gpu_program_parameters
GL_EXT_multi_draw_arrays
GL_EXT_packed_depth_stencil
GL_EXT_packed_pixels
GL_EXT_pixel_buffer_object
GL_EXT_point_parameters
GL_EXT_provoking_vertex
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_shader_objects
GL_EXT_separate_specular_color
GL_EXT_shadow_funcs
GL_EXT_stencil_two_side
GL_EXT_stencil_wrap
GL_EXT_texture3D
GL_EXT_texture_compression_s3tc
GL_EXT_texture_cube_map
GL_EXT_texture_edge_clamp
GL_EXT_texture_env_combine
GL_EXT_texture_env_dot3
GL_EXT_texture_filter_anisotropic
GL_EXT_texture_lod
GL_EXT_texture_lod_bias
GL_EXT_texture_mirror_clamp
GL_EXT_texture_object
GL_EXT_texture_sRGB
GL_EXT_texture_swizzle
GL_EXT_timer_query
GL_EXT_vertex_array
GL_EXT_vertex_array_bgra
GL_IBM_rasterpos_clip
GL_IBM_texture_mirrored_repeat
GL_KTX_buffer_region
GL_NV_blend_square
GL_NV_copy_depth_to_color
GL_NV_depth_clamp
GL_NV_fence
GL_NV_float_buffer
GL_NV_fog_distance
GL_NV_fragment_program
GL_NV_fragment_program_option
GL_NV_fragment_program2
GL_NV_framebuffer_multisample_coverage
GL_NV_half_float
GL_NV_light_max_exponent
GL_NV_multisample_filter_hint
GL_NV_occlusion_query
GL_NV_packed_depth_stencil
GL_NV_pixel_data_range
GL_NV_point_sprite
GL_NV_primitive_restart
GL_NV_register_combiners
GL_NV_register_combiners2
GL_NV_texgen_reflection
GL_NV_texture_barrier
GL_NV_texture_compression_vtc
GL_NV_texture_env_combine4
GL_NV_texture_expand_normal
GL_NV_texture_rectangle
GL_NV_texture_shader
GL_NV_texture_shader2
GL_NV_texture_shader3
GL_NV_vertex_array_range
GL_NV_vertex_array_range2
GL_NV_vertex_program
GL_NV_vertex_program1_1
GL_NV_vertex_program2
GL_NV_vertex_program2_option
GL_NV_vertex_program3
GL_NVX_conditional_render
GL_SGIS_generate_mipmap
GL_SGIS_texture_lod
GL_SGIX_depth_texture
GL_SGIX_shadow
GL_SUN_slice_accum
GL_WIN_swap_hint
WGL_EXT_swap_control
GL_EXT_bgra
Hard Drives
WDC WD1600AAJB-00PVA0
Manufacturer Western Digital
Form Factor GB/3.5-inch
Business Unit/Brand Desktop/WD Caviar
RPM/Buffer Size or Attribute 7200 RPM with 2 MB cache
Heads 16
Cylinders 16,383
Device type Fixed
ATA Standard ATA/ATAPI-7
Serial Number WD-WMAP9C343726
LBA Size 48-bit LBA
Power On Count 1654 times
Power On Time 699.3 days
Features S.M.A.R.T., AAM
Transfer Mode Ultra DMA/100
Interface PATA
Capacity 149GB
Real size 160,041,885,696 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 200 (200 worst) Data 0000000000
03 Spin-Up Time 156 (149) Data 0000000C56
04 Start/Stop Count 099 (099) Data 0000000676
05 Reallocated Sectors Count 200 (200) Data 0000000000
07 Seek Error Rate 200 (200) Data 0000000000
09 Power-On Hours (POH) 078 (078) Data 000000418E
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 099 (099) Data 0000000676
C0 Power-off Retract Count 200 (200) Data 000000002B
C1 Load/Unload Cycle Count 200 (200) Data 0000000676
C2 Temperature 111 (100) Data 0000000020
C4 Reallocation Event Count 200 (200) Data 0000000000
C5 Current Pending Sector Count 200 (200) Data 0000000000
C6 Uncorrectable Sector Count 200 (200) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 200 (200) Data 0000000000
Temperature 32 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 39.1 MB
Partition 1
Partition ID Disk #0, Partition #1
Size 149 GB
Optical Drives
HL-DT-ST CD-ROM GCR-8481B
Media Type CD-ROM
Name HL-DT-ST CD-ROM GCR-8481B
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 0
Status OK
NEC DVD+RW ND-1100A
Media Type CD-ROM
Name NEC DVD+RW ND-1100A
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 1
Status OK
Audio
Sound Cards
USB Audio Device
SoundMAX Integrated Digital Audio
SoundTap Recorder
Playback Devices
Logitech USB Headset
SoundMAX Digital Audio
Recording Devices
Logitech USB Headset
SoundMAX Digital Audio
Speaker Configuration
Speaker Configuration
Speaker type Stereo
Peripherals
PS/2 Keyboard
Device Kind Keyboard
Device Name PS/2 Keyboard
Vendor Logitech
Location plugged into keyboard port
Driver
Date 1-23-2007
Version 3.30.0.0
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
File C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
Microsoft USB Comfort Optical Mouse 3000 (IntelliPoint)
Device Kind Mouse
Device Name Microsoft USB Comfort Optical Mouse 3000 (IntelliPoint)
Vendor Microsoft
Location Location 0
Driver
Date 5-8-2009
Version 7.0.258.0
File C:\WINDOWS\system32\DRIVERS\mouhid.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
File C:\WINDOWS\system32\DRIVERS\point32.sys
Officejet 6500 E709n
Device Kind Printer
Device Name Officejet 6500 E709n
Vendor HP
Location ip:192.168.1.2,subnet:192.168.1.0/24
Driver
HP Officejet 6500 E709n Series
Device Kind Printer
Device Name HP Officejet 6500 E709n Series
Vendor HP
Location USB Printing Support
Driver
Date 8-12-2008
Version 70.82.15.0
File C:\WINDOWS\system32\hpzids01.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpwj65n3.gpd
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpwj65n3.vdf
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpwj65n3.xml
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfsc082.dtd
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfhl082.cab
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfsm082.gpd
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpf3m082.gpd
File C:\WINDOWS\System32\spool\DRIVERS\COLOR\Adobe RGB (1998) D65 WP 2.2 Gamma.icc
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\STDNAMES.GPD
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\UNIDRV.HLP
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpwj65na.ini
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfst082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfui082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfvu082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpwj65n3.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfev082.dll
File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpfpp082.dll
File C:\WINDOWS\system32\hpf3l082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpf3r082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfrs082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfie082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\UNIDRV.DLL
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\UNIRES.DLL
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\UNIDRVUI.DLL
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\HPCDMC32.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfpr082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfpa082.vdf
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpfpa082.dll
File C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpofficejet_6500_e70e4a2\hpwj65n0.cfg
Officejet 6500 E709n
Device Kind Camera/scanner
Device Name Officejet 6500 E709n
Vendor Hewlett-Packard
Comment Officejet 6500 E709n
Location Officejet 6500 E709n (Location 0)
Driver
Date 4-22-2008
Version 12.0.0.0
File C:\WINDOWS\system32\drivers\usbscan.sys
File C:\WINDOWS\system32\hpwwiax5.dll
File C:\WINDOWS\system32\hpwtiop4.dll
File C:\WINDOWS\system32\hpovst11.dll
File C:\WINDOWS\system32\hppldcoi.dll
File C:\WINDOWS\system32\difxapi.dll
USB Audio Device
Device Kind Audio device
Device Name USB Audio Device
Vendor Logitech
Location Logitech USB Headset (Location 0)
Driver
Date 7-1-2001
Version 5.1.2535.0
File C:\WINDOWS\system32\drivers\USBAUDIO.sys
File C:\WINDOWS\system32\ksuser.dll
File C:\WINDOWS\system32\ksproxy.ax
File C:\WINDOWS\system32\drivers\ks.sys
File C:\WINDOWS\system32\drivers\drmk.sys
File C:\WINDOWS\system32\drivers\portcls.sys
File C:\WINDOWS\system32\drivers\stream.sys
File C:\WINDOWS\system32\wdmaud.drv
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor HP
Comment HP Officejet 6500 E USB Device
Location Location 0
Driver
Date 7-1-2001
Version 5.1.2535.0
File C:\WINDOWS\system32\DRIVERS\disk.sys
Printers
Fax
Printer Port SHRFAX:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\FXSDRV.DLL
HP Officejet 6500 E709n Series (Default Printer)
Share Name Printer3
Printer Port USB001
Print Processor hpfpp082
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Officejet 6500 E709n Series (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
HP Officejet 6500 E709n Series fax
Share Name Printer2
Printer Port USB001
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Color
Status Unknown
Driver
Driver Name HP Officejet 6500 E709n Series fax (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\unidrv.dll
Send To OneNote 2007
Share Name Printer
Printer Port Send To Microsoft OneNote Port:
Print Processor OneNotePrint2007
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Send To Microsoft OneNote Driver (v4.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\msonpdrv.dll
Network
You are connected to the internet
Connected through NETGEAR 108 Mbps Wireless PCI Adapter WG311T - Packet Scheduler Miniport
IP Address 192.168.1.6
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 71.48.103.77
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Mixed node
Link Speed 0 Bps
Computer Name
NetBIOS Name DADSDELL
DNS Name DadsDell
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain DADSDELL
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 1
Available access points count 1
Wi-Fi (NETGEAR)
SSID NETGEAR
Name NETGEAR
Signal Strength/Quality 70
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network Temporal Key Integrity Protocol (TKIP) algorithm
Default Auth used to join this network for the first time WPA algorithm that uses preshared keys (PSK)
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Guest only - local users authenticate as Guest
Adapters List
NETGEAR 108 Mbps Wireless PCI Adapter WG311T - Packet Scheduler Miniport
IP Address 192.168.1.6
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
? ?? (J) J:\
J J:\
SharedDocs C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS
Printer Send To OneNote 2007,LocalsplOnly
Printer2 HP Officejet 6500 E709n Series fax,LocalsplOnly
Printer3 HP Officejet 6500 E709n Series,LocalsplOnly
Current TCP Connections
C:\Program Files\Mozilla Firefox\firefox.exe (2248)
Local 127.0.0.1:1034 ESTABLISHED Remote 127.0.0.1:1035 (Querying... )
Local 127.0.0.1:1035 ESTABLISHED Remote 127.0.0.1:1034 (Querying... )
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.1.6:139 (NetBIOS session service) LISTEN


000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000


Posted Image
  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
Shutdown the PC. Leave it plugged up. Open it up. Using a vacuum cleaner hose and a soft brush clean out the dust. Pay special attention to the heatsink on the CPU and don't neglect the vents on the lower front. Start it up while watching the fan. The fan should spin up very quickly without a lot of noise. (Usually they zoom and then slow down but keep running.) Use the eraser end of a pencil to stop the fan momentarily. It should start on its own. If you have to push it to start it then it needs to be replaced.

(It's not critically hot yet but it's hotter (51) than it should be (35). A hot CPU is a slow CPU.)

Recommend you uninstall the following:

Dangerous:
Java 7 Update 11
Java SE Development Kit 7 Update 11

Don't trust:
IObit Malware Fighter
Advanced SystemCare 6

Obsolete Programs:
Adobe Flash Player 10 ActiveX (this is the Flash player for IE. To update it use IE and go to adobe.com and click on Flash. Uncheck all optional downloads like McAfee Security Scan, Ask toolbar or other foist wear.

Adobe Download Manager
Macromedia Shockwave Player
MSN Messenger 6.2

Consider removing ZoneAlarm and replacing it with the free Online Armor http://www.online-armor.com/

You have a network drive (J:\) per Speccy. I would disconnect the network drive as an unterminated network drive can cause major slowdowns.
(Find J:\ in Explorer and right click on it and Disconnect)



Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

AtJob::

SecCenter::
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {804E5358-FFA4-00FB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00DB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00FE-0D24-347CA8A3377C}

DirLook::
C:\Program Files\Common
%user%\library

Driver::
x10nets
KLIF
AppMgmt
tpcdrdrv
hSONYPVh
iAimTV2
ZSMC301b
BCM43XX
BCMModem
LHidFlt2
LanscsiBus
LanscsiBus


******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.


Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Run OTL, quickscan and post the log.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

How log does it take from the PC maker's logo to the logon screen?
Logon screen to desktop?


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:

2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.




Ron
  • 0

#6
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
ok ron thanks again.

under 30 seconds to get to logon screen from dell logo

FYI; combofix stopped due to avira scanners but i had already removed the program via revo. i just clicked ok and combofix restarted

i have a few issues, this pc was at the landfill and i rescued it 6 yrs ago. it needed a power supply and then after a year or so i put in a new hard drive. sad but true, it is the best pc i own now.

i cant find the network drive to remove/disconnect it ie: a network drive (J:\) per Speccy. it was the previous owners.

there was no dust buildup so i'll r&r the heatsink and put new grease on it when were finished cleaning out the bugs.

########my laptop is still messed up but working, my son is using it at college and if you could look at the issues with fresh eyes that would be great. it still takes 25 minutes for cold reboot, but hibernate times are normal. http://www.geekstogo...or-performance/ ##################

ComboFix 13-02-01.04 - Charles Carey 02/02/2013 12:01:19.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1640 [GMT -5:00]
Running from: c:\documents and settings\Charles Carey\Desktop\Removal tools\ComboFix.exe
Command switches used :: c:\documents and settings\Charles Carey\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_HSONYPVH
-------\Legacy_KLIF
-------\Legacy_X10NETS
-------\Service_AppMgmt
-------\Service_BCM43XX
-------\Service_BCMModem
-------\Service_hSONYPVh
-------\Service_iAimTV2
-------\Service_KLIF
-------\Service_LanscsiBus
-------\Service_LHidFlt2
-------\Service_tpcdrdrv
-------\Service_x10nets
-------\Service_ZSMC301b
.
.
((((((((((((((((((((((((( Files Created from 2013-01-02 to 2013-02-02 )))))))))))))))))))))))))))))))
.
.
2013-02-02 04:51 . 2013-02-02 04:51 -------- d-----w- c:\program files\Speccy
2013-01-28 15:39 . 2012-05-08 23:35 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-01-28 15:39 . 2010-11-26 23:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-01-27 03:20 . 2013-01-27 03:20 -------- d-----w- c:\documents and settings\Charles Carey\Local Settings\Application Data\Sun
2013-01-27 03:16 . 2013-01-27 03:16 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit
2013-01-26 21:49 . 2013-01-26 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-01-26 21:49 . 2013-01-26 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-01-23 20:29 . 2013-01-26 17:53 -------- d-----w- c:\documents and settings\Charles Carey\Application Data\wsInspector
2013-01-23 20:24 . 2013-01-23 20:25 -------- d-----w- c:\program files\Startup Inspector for Windows
2013-01-16 17:50 . 2013-01-16 17:50 -------- d-----w- c:\program files\ESET
2013-01-16 02:47 . 2013-01-16 02:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-16 02:47 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 02:23 . 2013-01-26 21:35 -------- d-----w- c:\program files\Revo Uninstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-02 05:32 . 2007-07-26 21:39 138376 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-02-02 05:32 . 2007-07-26 21:38 202448 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-26 21:46 . 2012-08-01 19:19 859552 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-26 21:46 . 2010-04-28 15:43 780192 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2008-03-09 11:25 . 2012-08-07 23:04 236 ----a-w- c:\program files\Common Files\dx.reg
2013-01-19 05:22 . 2013-01-19 05:22 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common ----
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
2007-06-13 14:26 73728 ----a-w- c:\windows\SYSTEM32\VirtualExpander\VEShellExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-12-25 4474832]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\eudora mail\EuShlExt.dll" [2005-08-09 86016]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Charles Carey^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Charles Carey\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD_SRT]
c:\program files\Western Digital Technologies\WD Win98 SE USB Disk Driver [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2003-02-27 11:04 114688 ------w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2012-11-30 02:06 1263512 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry]
2002-08-14 23:22 28672 ----a-w- c:\windows\SYSTEM32\DSentry.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 04:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 21:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2004-04-14 19:04 40960 ------w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2009-06-01 18:51 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-08 00:56 13880424 ----a-w- c:\windows\SYSTEM32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-08 00:56 111208 ----a-w- c:\windows\SYSTEM32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2004-04-14 18:46 57393 ------w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
2003-01-09 14:21 253952 ------w- c:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2003-01-13 15:19 757760 ------w- c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
2004-01-02 00:09 65536 ------w- c:\program files\Common Files\Roxio Shared\System\EngUtil.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmaTel StacMon]
2003-03-26 22:19 45056 ------w- c:\program files\SigmaTel\C-Major Audio\stacmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-10-14 14:22 155648 ------r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]
2009-03-25 16:31 339968 ----a-w- c:\windows\SYSTEM32\WDBtnMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNUtil.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNTray.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNCfg.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNUpdate.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\SmartFTP Client 2.0\\SmartFTP.exe"=
"c:\\Battlefield 2\\BF2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqdstcp.exe"=
"c:\\Program Files\\321Studios\\Platinum\\BugTool.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{FA0F0A01-4631-4161-A6C2-948BF694382E}\\setup\\hpznui01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9220:TCP"= 9220:TCP:9220
"161:UDP"= 161:UDP:161
"427:UDP"= 427:UDP:427
"9500:TCP"= 9500:TCP:9500
"9290:TCP"= 9290:TCP:9290
"139:UDP"= 139:UDP:139
"137:TCP"= 137:TCP:137
"9100:TCP"= 9100:TCP:9100
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\SYSTEM32\DRIVERS\SmartDefragDriver.sys [1/28/2013 10:39 AM 14776]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [1/26/2013 4:49 PM 465216]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [1/28/2013 10:38 AM 821592]
R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [1/28/2013 10:38 AM 246816]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\SYSTEM32\DRIVERS\Pcouffin.sys [2/22/2004 6:34 AM 34528]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [1/28/2013 10:38 AM 30408]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [1/28/2013 10:38 AM 16248]
S3 DCamUSB20;AVerDVD EZMaker USB 2.0 Video Capture;c:\windows\SYSTEM32\DRIVERS\CsMini20.sys [3/18/2003 2:55 PM 46248]
S3 DCamUSBSony4;Sony Visual Communication Camera;c:\windows\SYSTEM32\DRIVERS\snyucam4.sys [6/2/2004 3:36 PM 424127]
S3 lanscsiminiport;Lanscsi SCSI Miniport Driver for NetDisk;c:\windows\system32\DRIVERS\lanscsiminiport.sys --> c:\windows\system32\DRIVERS\lanscsiminiport.sys [?]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [1/29/2011 5:39 PM 19056]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [5/27/2010 8:26 AM 90352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1caf3eebc635d38.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 17:17]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 17:17]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core.job
- c:\documents and settings\Charles Carey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-07 19:51]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA.job
- c:\documents and settings\Charles Carey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-07 19:51]
.
2013-02-02 c:\windows\Tasks\SmartDefragUpdate.job
- c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-01-28 16:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.dellnet.com/
uInternet Settings,ProxyOverride = localhost
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
Trusted Zone: cars.com\siy
TCP: DhcpNameServer = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\i386\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\i386\xmldso.cab
DPF: PackageCab - hxxp://ak.imgag.com/imgag/cp/install/AxCtp2.cab
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/dsl_settings/include/vzTCPConfig.CAB
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
FF - ProfilePath - c:\documents and settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.jeepforum.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-01-29 12:47; {45d8ff86-d909-11db-9705-005056c00008}; c:\documents and settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF - ExtSQL: !HIDDEN! 2010-03-07 19:27; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
.
.
.
**************************************************************************
.
disk not found C:\
.
please note that you need administrator rights to perform deep scan
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(4812)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\VirtualExpander\VEShellExt.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\smartftp client 2.0\smarthook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\brss01a.exe
c:\windows\SYSTEM32\acs.exe
c:\windows\system32\CTsvcCDA.EXE
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\cyberpower\ppped.exe
c:\windows\system32\fxssvc.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2013-02-02 12:16:24 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-02 17:16
ComboFix2.txt 2013-02-02 02:12
.
Pre-Run: 50,447,998,976 bytes free
Post-Run: 50,303,688,704 bytes free
.
- - End Of File - - C899B696BA2B79A56EADA3D5260B2C23



1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111



Farbar Service Scanner Version: 30-01-2013
Ran by Charles Carey (administrator) on 02-02-2013 at 12:50:04
Running from "C:\Documents and Settings\Charles Carey\Desktop\Removal tools"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2002-08-29 05:00] - [2008-04-13 19:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2002-08-29 05:00] - [2009-02-06 06:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
AegisP(8) Gpc(6) IPSec(4) NetBT(5) OAmon(13) Tcpip(3)
0x0700000004000000030000000D00000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****



222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222


OTL logfile created on: 2/2/2013 12:51:29 PM - Run 9
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Charles Carey\Desktop\Removal tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 73.18% Memory free
3.85 Gb Paging File | 3.49 Gb Available in Paging File | 90.48% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 47.21 Gb Free Space | 31.68% Space Free | Partition Type: NTFS
Drive F: | 39.10 Mb Total Space | 32.45 Mb Free Space | 83.01% Space Free | Partition Type: FAT
Drive G: | 966.72 Mb Total Space | 947.38 Mb Free Space | 98.00% Space Free | Partition Type: FAT32

Computer Name: DADSDELL | User Name: Charles Carey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/26 14:24:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Charles Carey\Desktop\Removal tools\OTL.exe
PRC - [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/10/02 15:02:10 | 004,463,864 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Online Armor\oasrv.exe
PRC - [2012/10/02 15:02:10 | 002,415,104 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Online Armor\oaui.exe
PRC - [2012/10/02 15:02:06 | 001,248,144 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Online Armor\oahlp.exe
PRC - [2012/10/02 15:02:04 | 000,216,072 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Online Armor\oacat.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\acs.exe
PRC - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () -- C:\CyberPower\ppped.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/19 00:22:15 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msdmo.dll
MOD - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\acs.exe
MOD - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () -- C:\CyberPower\ppped.exe


========== Services (SafeList) ==========

SRV - [2012/10/02 15:02:10 | 004,463,864 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2012/10/02 15:02:04 | 000,216,072 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oacat.exe -- (OAcat)
SRV - [2009/04/26 13:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\acs.exe -- (ACS)
SRV - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () [Auto | Running] -- C:\CyberPower\ppped.exe -- (ppped)
SRV - [2003/03/03 13:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klif.sys -- (TSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\lanscsiminiport.sys -- (lanscsiminiport)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/10/02 15:03:04 | 000,044,992 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\oahlp32.sys -- (oahlpXX)
DRV - [2012/10/02 15:02:34 | 000,031,920 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OAnet.sys -- (OAnet)
DRV - [2012/10/02 15:02:34 | 000,027,648 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OAmon.sys -- (OAmon)
DRV - [2012/10/02 15:02:32 | 000,208,320 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OADriver.sys -- (OADevice)
DRV - [2010/11/26 18:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/06 22:24:30 | 000,019,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/08/22 13:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\RivaTuner v2.24\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009/08/11 13:43:50 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nchssvad.sys -- (NCHSSVAD)
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 11:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042mou.Sys -- (L8042mou)
DRV - [2009/05/01 16:03:38 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/05/01 16:03:38 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/01/23 15:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006/05/10 08:56:26 | 000,036,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006/04/25 17:30:40 | 000,469,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311T13.sys -- (AR5211)
DRV - [2005/03/02 14:26:02 | 000,018,560 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\x10ufx2.sys -- (XUIF)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2004/08/04 00:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 00:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 00:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 00:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 00:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 00:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 00:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 00:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 00:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 00:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/10/28 15:17:52 | 000,005,273 | ---- | M] (Arrowkey) [Kernel | Auto | Running] -- C:\Program Files\321Studios\Shared\CDRPDACC.SYS -- (CDRPDACC)
DRV - [2003/03/18 14:55:04 | 000,046,248 | ---- | M] (Crescentec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CsMini20.sys -- (DCamUSB20)
DRV - [2003/02/27 17:36:04 | 000,090,852 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/01/17 20:36:02 | 000,424,127 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\snyucam4.sys -- (DCamUSBSony4)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/11/11 16:52:58 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/11/05 15:56:48 | 000,012,692 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cresscan.sys -- (Usb20Scan)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{06A26EB0-0041-46FC-85F4-B733CE0570CD}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{74EA43EB-373B-48C9-A2D3-B1EB32CD68C3}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.jeepforum.com/"
FF - prefs.js..extensions.enabledAddons: %7BC0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51%7D:2.3.54
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1
FF - prefs.js..extensions.enabledAddons: %7B45d8ff86-d909-11db-9705-005056c00008%7D:1.1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.3.54
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.yahoo....type=382950&p="
FF - prefs.js..network.proxy.no_proxies_on: "localhost"
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPCShowPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/03/07 19:27:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 10:52:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 00:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/02 11:34:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/03/07 19:27:20 | 000,000,000 | ---D | M]

[2012/10/25 10:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Extensions
[2009/08/04 12:29:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Extensions\[email protected]
[2013/02/02 11:34:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions
[2010/02/11 10:08:51 | 000,000,000 | ---D | M] (Answers) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2008/02/07 11:18:38 | 000,000,000 | ---D | M] (Game-Monitor Extension) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{DEDDA510-573D-44d9-BF81-F85C3FA1FE54}(2)
[2008/02/07 11:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\temp
[2013/01/29 12:47:35 | 000,060,243 | ---- | M] () (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
[2013/01/26 00:22:45 | 000,242,136 | ---- | M] () (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/01/26 16:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/01/19 00:22:01 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\[email protected](2).org
[2012/01/11 10:52:44 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/01/19 00:22:16 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2002/09/27 07:59:00 | 000,090,112 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NpPopup.dll
[2012/08/29 10:58:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/12 23:04:23 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: AmericanGreetings.com Popup Plugin 1.0.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpPopup.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16260 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/02/02 12:12:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: cars.com ([siy] https in Trusted sites)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zon...ry/msgrchkr.cab (Checkers Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.us.de...iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab28578.cab (MessengerStatsClient Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....204&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://pcpitstop.com...cpConnCheck.cab (iCC Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1262649780406 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1262649770265 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zon...StatsClient.cab (MessengerStatsClient Class)
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} http://toolbar.googl...gleActivate.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://messenger.zon...ry/ZAxRcMgr.cab (ZoneAxRcMgr Class)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcp...ols/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} http://www.microsoft.../20/SassCln.CAB (SassCln Object)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab28578.cab (ZoneIntro Class)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://www.imgag.com...tall/AxCtp2.cab (Create & Print ActiveX Plug-in)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zon...ot.cab28578.cab (CBreakshotControl Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave...aploader_v5.cab (Reg Error: Value error.)
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} http://www.shockwave...ownloadCtrl.cab (Reg Error: Value error.)
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zon...ireShowdown.cab (Solitaire Showdown Class)
O16 - DPF: DirectAnimation Java Classes file://c:\I386\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://c:\I386\xmldso.cab (Reg Error: Key error.)
O16 - DPF: PackageCab http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://www2.verizon....vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A541BE98-85DC-437C-82E2-3EBAF83AD596}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsisoft GmbH)
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Eudora mail\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 08:59:58 | 000,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/04/15 15:49:10 | 000,000,398 | ---- | M] () - F:\AUTOEXEC.UP -- [ FAT ]
O32 - AutoRun File - [2003/04/15 15:49:10 | 000,000,398 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/02 12:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Application Data\OnlineArmor
[2013/02/02 12:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2013/02/02 12:39:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Online Armor
[2013/02/02 12:39:48 | 000,031,920 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2013/02/02 12:39:48 | 000,027,648 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2013/02/02 12:39:40 | 000,000,000 | ---D | C] -- C:\Program Files\Online Armor
[2013/02/02 12:22:09 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/02/01 23:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/02/01 23:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/02/01 20:56:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/02/01 20:54:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/02/01 20:54:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/02/01 20:54:29 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/02/01 20:54:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/02/01 20:46:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/01 20:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Desktop\Removal tools
[2013/01/28 10:39:19 | 000,029,528 | ---- | C] (IObit) -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2013/01/26 22:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Sun
[2013/01/26 16:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/01/26 16:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
[2013/01/23 15:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Application Data\wsInspector
[2013/01/23 15:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\My Documents\wsInspector
[2013/01/23 15:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Startup Inspector for Windows
[2013/01/23 15:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup Inspector for Windows
[2013/01/19 00:22:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/16 12:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/15 21:47:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/15 21:47:41 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/15 21:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/15 21:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\Revo Uninstaller
[2013/01/15 21:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Start Menu\Programs\Revo Uninstaller

========== Files - Modified Within 30 Days ==========

[2013/02/02 12:46:29 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/02/02 12:46:12 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1caf3eebc635d38.job
[2013/02/02 12:45:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2013/02/02 12:45:50 | 2146,488,320 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/02 12:40:08 | 000,416,224 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2013/02/02 12:40:08 | 000,068,044 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2013/02/02 12:20:20 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/02 12:12:25 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2013/02/02 12:11:07 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA.job
[2013/02/02 00:32:16 | 000,138,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013/02/02 00:11:01 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core.job
[2013/02/01 20:56:46 | 000,000,327 | RHS- | M] () -- C:\BOOT.INI
[2013/02/01 20:01:57 | 009,196,023 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020118080.pdf
[2013/02/01 15:23:22 | 000,002,367 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/01 13:49:44 | 001,746,414 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020114120.pdf
[2013/01/29 14:30:21 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/01/23 15:24:48 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\Startup Inspector for Windows.lnk
[2013/01/23 00:17:11 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Charles Carey\My Documents\resume1.pub
[2013/01/23 00:17:11 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\resume1.pub
[2013/01/18 10:11:14 | 000,002,603 | ---- | M] () -- C:\Documents and Settings\Charles Carey\install.rdf
[2013/01/15 21:23:33 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\Revo Uninstaller.lnk
[2013/01/14 11:42:28 | 013,462,931 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\mbar-1.01.0.1016.zip
[2013/01/12 21:35:34 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL

========== Files Created - No Company Name ==========

[2013/02/02 12:39:48 | 000,208,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2013/02/02 12:39:48 | 000,044,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2013/02/01 20:56:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/02/01 20:56:42 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/02/01 20:54:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/02/01 20:54:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/02/01 20:54:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/02/01 20:54:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/02/01 20:54:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/02/01 20:01:47 | 009,196,023 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020118080.pdf
[2013/02/01 13:49:40 | 001,746,414 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020114120.pdf
[2013/01/28 10:39:14 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/01/28 10:39:11 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2013/01/27 00:47:54 | 000,122,225 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\09_tori-praver_16.jpg
[2013/01/27 00:46:13 | 000,154,404 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\09_cintia-dicker_02.jpg
[2013/01/23 15:24:48 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\Startup Inspector for Windows.lnk
[2013/01/23 00:20:30 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\resume1.pub
[2013/01/18 10:11:14 | 000,002,603 | ---- | C] () -- C:\Documents and Settings\Charles Carey\install.rdf
[2013/01/15 21:27:57 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/15 21:23:33 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\Revo Uninstaller.lnk
[2013/01/14 11:42:20 | 013,462,931 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\mbar-1.01.0.1016.zip
[2012/08/07 18:04:05 | 000,000,236 | ---- | C] () -- C:\Program Files\Common Files\dx.reg
[2012/08/07 18:04:03 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2012/08/07 18:04:03 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll
[2012/08/07 18:04:03 | 000,716,153 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2012/08/07 18:04:03 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll
[2012/08/07 18:04:03 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll
[2012/08/07 18:04:03 | 000,002,937 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2011/09/13 12:35:41 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011/08/13 12:55:53 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/17 08:40:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\{A9519275-C8CC-4D3F-B470-52419ACD6894}
[2011/02/13 22:46:54 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/02/13 22:46:49 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/02/13 22:46:49 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/02/13 22:46:38 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/06/11 11:46:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\AVSMediaPlayer.m3u
[2009/01/08 10:44:56 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\PFP110JPR.{PB
[2009/01/08 10:44:56 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\PFP110JCM.{PB
[2006/08/22 19:24:23 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2004/12/05 07:49:59 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\fusioncache.dat
[2004/05/05 17:51:29 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2003/08/08 12:10:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/02/07 11:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Active Home Professional
[2008/02/07 11:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\broderbund
[2008/02/07 11:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2013/01/26 16:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2008/02/07 11:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/02/07 11:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN Messenger 6.2.0137
[2010/06/27 13:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2013/02/02 12:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2010/05/27 08:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/02/07 11:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2008/02/07 11:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/02/07 11:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2008/02/07 11:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/08/04 12:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2008/02/07 11:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\X10 Settings
[2013/01/26 16:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
[2013/01/26 16:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2008/02/07 11:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Broderbund
[2008/03/29 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Chessmaster Challenge
[2012/12/14 11:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\DDMSettings
[2012/06/09 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\DTV
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\EDrawings
[2011/09/13 12:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\FreeBurner
[2013/01/26 16:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\IObit
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Kontiki
[2008/02/07 11:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Leadertech
[2008/02/07 11:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\MX
[2009/08/11 13:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\NCH Swift Sound
[2008/02/07 11:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Novosoft
[2013/02/02 12:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\OnlineArmor
[2008/02/07 11:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Raptisoft
[2010/02/15 18:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ScanSoft
[2008/02/26 16:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\SpinTop
[2011/06/03 11:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\SystemRequirementsLab
[2009/08/04 12:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\TomTom
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ubi.com
[2008/02/07 11:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\WholeSecurity
[2013/01/26 12:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\wsInspector

========== Purity Check ==========



< End of report >



3333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333


Vino's Event Viewer v01c run on Windows XP in English
Report run at 02/02/2013 1:05:56 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/02/2013 1:03:12 PM
Type: error Category: 0
Event: 1001 Source: Dhcp
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 12:46:25 PM
Type: error Category: 0
Event: 32003 Source: ipnathlp
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

Log: 'System' Date/Time: 02/02/2013 12:40:16 PM
Type: error Category: 0
Event: 15006 Source: HTTP
Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR is invalid. This could be because another user has already created the log file or the directory.

Log: 'System' Date/Time: 02/02/2013 12:14:57 PM
Type: error Category: 0
Event: 7016 Source: Service Control Manager
The BrSplService service has reported an invalid current state 0.

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The IMF Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Print Spooler service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PnkBstrB service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Fax service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The BrSplService service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:51 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Atheros Configuration Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:51 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PowerPanel Personal Edition Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 11:59:47 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF

Log: 'System' Date/Time: 02/02/2013 11:59:43 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 02/02/2013 11:58:01 AM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PowerPanel Personal Edition Service service terminated unexpectedly. It has done this 1 time(s).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/02/2013 1:03:11 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 02/02/2013 12:40:12 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 12:12:22 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 02/02/2013 12:12:20 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 11:59:48 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 11:22:17 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 02/02/2013 11:22:14 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 11:22:07 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 12:24:23 AM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Log: 'System' Date/Time: 01/02/2013 9:01:56 PM
Type: warning Category: 0
Event: 263 Source: PlugPlayManager
The service "ACS" may not have unregistered for device event notifications before it was stopped.

Log: 'System' Date/Time: 01/02/2013 8:30:40 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 01/02/2013 3:22:21 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 01/02/2013 3:19:53 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 000FB54F40E4. The IP address being used is 169.254.137.234.

Log: 'System' Date/Time: 01/02/2013 3:16:03 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 01/02/2013 9:51:01 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 01/02/2013 9:50:49 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 31/01/2013 10:12:42 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 30/01/2013 2:06:34 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:29 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:19 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

44444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444


Vino's Event Viewer v01c run on Windows XP in English
Report run at 02/02/2013 1:09:35 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/01/2013 5:54:49 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 24/01/2013 7:45:03 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 21/01/2013 4:45:16 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 16/01/2013 5:38:30 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 15/01/2013 9:33:27 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 14/01/2013 6:34:02 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 14/01/2013 12:34:14 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 01/01/2013 2:18:38 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 01/01/2013 12:49:14 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application wlancfg5.exe, version 4.3.18.306, faulting module wcapi.dll, version 4.1.0.161, fault address 0x0000dd60.

Log: 'Application' Date/Time: 30/12/2012 12:06:26 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Log: 'Application' Date/Time: 27/12/2012 12:28:53 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application divx plus player.exe, version 10.4.0.57, faulting module qtcore4.dll, version 4.5.0.0, fault address 0x000e1b16.

Log: 'Application' Date/Time: 26/12/2012 7:17:30 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application coduomp.exe, version 0.0.0.0, faulting module coduomp.exe, version 0.0.0.0, fault address 0x00140198.

Log: 'Application' Date/Time: 26/12/2012 1:52:44 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 25/12/2012 9:23:28 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 25/12/2012 7:52:43 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application wlancfg5.exe, version 4.3.18.306, faulting module wcapi.dll, version 4.1.0.161, fault address 0x0000dd60.

Log: 'Application' Date/Time: 24/12/2012 12:38:06 AM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Log: 'Application' Date/Time: 24/12/2012 12:35:37 AM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Log: 'Application' Date/Time: 24/12/2012 12:33:24 AM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Log: 'Application' Date/Time: 20/12/2012 8:34:46 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 18/12/2012 1:04:02 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application wlancfg5.exe, version 4.3.18.306, faulting module wcapi.dll, version 4.1.0.161, fault address 0x0000dd60.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/02/2013 1:03:07 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 1:03:07 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 12:46:12 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 12:46:12 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 12:12:10 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 12:12:10 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 11:59:44 AM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 11:59:44 AM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 11:22:09 AM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 11:22:09 AM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 01/02/2013 9:32:47 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 01/02/2013 9:32:46 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 01/02/2013 9:00:40 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 01/02/2013 9:00:40 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 01/02/2013 8:30:56 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 01/02/2013 8:30:56 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 01/02/2013 9:51:15 AM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 01/02/2013 9:51:15 AM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 31/01/2013 10:12:40 AM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 31/01/2013 10:12:40 AM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Edited by richclan, 02 February 2013 - 12:39 PM.

  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
Can you uninstall IOBIT/Advanced SystemCare 4 ? You may need to use Revo to do it. I'm wondering if their smartdefrag may be running during the bootup? Don't much like the program anyway. Think it's a Chinese ripoff of other programs.

Also uninstall CyberPower PowerPanel Personal Edition. This is supposed to control a UPS. Do you even have one?

and Adobe Download Manager.

Start, Run, services.msc, OK then find the Fax service. Right click on it and select Properties then change the Startup Type: to Disabled. OK.


Copy the text in the code box by highlighting and Ctrl + c

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klif.sys -- (TSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\lanscsiminiport.sys -- (lanscsiminiport)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

:Commands
[EMPTYTEMP]
[purity]
[Reboot]


then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.


I am seeing a lot of Explorer crashes:
Download ShellExView.

http://www.nirsoft.n...s/shexview.html

Use this download:
http://www.nirsoft.n...xview_setup.exe

Once you get it installed, run it and look in the third or fourth column from the RIGHT. It should say MICROSOFT. Click once or twice on MICROSOFT so that items with NO are at the top.
Select all of the NO items and then click on the red led looking icon in the upper left. This should disable all of the non-microsoft additions to Explorer. Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.
Reboot and rerun VEW as before and let's see if you still get the Explorer crashes.
  • 0

#8
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
i am unable to get rid IOBIT/Advanced SystemCare 4, it doesnt show up anywhere not even revo.

i do have a UPS CyberPower PowerPanel Personal Edition i disable it due to all the cpu it takes. is there a better program to use?

deleted Adobe Download Manager

ha ha just disabled the Fax service missed that 1

"I am seeing a lot of Explorer crashes" i was getting them a lot !!!!

Vino's Event Viewer v01c run on Windows XP in English
Report run at 02/02/2013 2:47:46 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/02/2013 2:25:30 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PowerPanel Personal Edition Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 2:25:29 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PnkBstrB service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 2:25:29 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 2:25:29 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Atheros Configuration Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 2:25:29 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 2:25:29 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The BrSplService service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 2:25:28 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 1:03:12 PM
Type: error Category: 0
Event: 1001 Source: Dhcp
Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 12:46:25 PM
Type: error Category: 0
Event: 32003 Source: ipnathlp
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

Log: 'System' Date/Time: 02/02/2013 12:40:16 PM
Type: error Category: 0
Event: 15006 Source: HTTP
Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR is invalid. This could be because another user has already created the log file or the directory.

Log: 'System' Date/Time: 02/02/2013 12:14:57 PM
Type: error Category: 0
Event: 7016 Source: Service Control Manager
The BrSplService service has reported an invalid current state 0.

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The IMF Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Print Spooler service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:57 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PnkBstrB service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Fax service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 02/02/2013 12:00:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/02/2013 1:03:11 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 02/02/2013 12:40:12 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 12:12:22 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 02/02/2013 12:12:20 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 11:59:48 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 11:22:17 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 02/02/2013 11:22:14 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 11:22:07 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 02/02/2013 12:24:23 AM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Log: 'System' Date/Time: 01/02/2013 9:01:56 PM
Type: warning Category: 0
Event: 263 Source: PlugPlayManager
The service "ACS" may not have unregistered for device event notifications before it was stopped.

Log: 'System' Date/Time: 01/02/2013 8:30:40 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 01/02/2013 3:22:21 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 01/02/2013 3:19:53 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 000FB54F40E4. The IP address being used is 169.254.137.234.

Log: 'System' Date/Time: 01/02/2013 3:16:03 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 01/02/2013 9:51:01 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 01/02/2013 9:50:49 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 31/01/2013 10:12:42 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.

Log: 'System' Date/Time: 30/01/2013 2:06:34 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:29 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 30/01/2013 2:06:19 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111


Vino's Event Viewer v01c run on Windows XP in English
Report run at 02/02/2013 2:48:27 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/01/2013 5:54:49 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 24/01/2013 7:45:03 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 21/01/2013 4:45:16 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 16/01/2013 5:38:30 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 15/01/2013 9:33:27 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 14/01/2013 6:34:02 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 14/01/2013 12:34:14 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 01/01/2013 2:18:38 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 01/01/2013 12:49:14 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application wlancfg5.exe, version 4.3.18.306, faulting module wcapi.dll, version 4.1.0.161, fault address 0x0000dd60.

Log: 'Application' Date/Time: 30/12/2012 12:06:26 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Log: 'Application' Date/Time: 27/12/2012 12:28:53 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application divx plus player.exe, version 10.4.0.57, faulting module qtcore4.dll, version 4.5.0.0, fault address 0x000e1b16.

Log: 'Application' Date/Time: 26/12/2012 7:17:30 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application coduomp.exe, version 0.0.0.0, faulting module coduomp.exe, version 0.0.0.0, fault address 0x00140198.

Log: 'Application' Date/Time: 26/12/2012 1:52:44 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 25/12/2012 9:23:28 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 25/12/2012 7:52:43 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application wlancfg5.exe, version 4.3.18.306, faulting module wcapi.dll, version 4.1.0.161, fault address 0x0000dd60.

Log: 'Application' Date/Time: 24/12/2012 12:38:06 AM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Log: 'Application' Date/Time: 24/12/2012 12:35:37 AM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Log: 'Application' Date/Time: 24/12/2012 12:33:24 AM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Log: 'Application' Date/Time: 20/12/2012 8:34:46 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x4ec674b2.

Log: 'Application' Date/Time: 18/12/2012 1:04:02 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application wlancfg5.exe, version 4.3.18.306, faulting module wcapi.dll, version 4.1.0.161, fault address 0x0000dd60.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/02/2013 2:43:37 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 2:43:37 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 2:27:45 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 2:27:45 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 1:03:07 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 1:03:07 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 12:46:12 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 12:46:12 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 12:12:10 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 12:12:10 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 11:59:44 AM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 11:59:44 AM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 02/02/2013 11:22:09 AM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 02/02/2013 11:22:09 AM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 01/02/2013 9:32:47 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 01/02/2013 9:32:46 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 01/02/2013 9:00:40 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 01/02/2013 9:00:40 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

Log: 'Application' Date/Time: 01/02/2013 8:30:56 PM
Type: warning Category: 1
Event: 32068 Source: Microsoft Fax
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

Log: 'Application' Date/Time: 01/02/2013 8:30:56 PM
Type: warning Category: 1
Event: 32026 Source: Microsoft Fax
Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.
  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
You didn't clear the alarms before rebooting and running VEW. I just want to see new alarms since we made the changes.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.


Reboot.

Run Vew.
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
In addition to clearing the alarms per my last post:

Let's pull out IOBit by its roots:

Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

File::
c:\windows\SYSTEM32\DRIVERS\SmartDefragDriver.sys

Driver::
SmartDefragDriver
AdvancedSystemCareService6
IMFservice
FileMonitor
RegFilter
UrlFilter

Folder::
c:\program files\IObit

RootKit::
c:\windows\SYSTEM32\DRIVERS\SmartDefragDriver.sys


******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.


I would check the Cyberlink site and see if they have a newer program for you to use.
  • 0

Advertisements


#11
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
combofix didnt leave a log maybe due to new antivirus stopping it on the reboot. searched for it nothing found not even in Qoobox folder. whats weird is i didnt have permission to run combofix at first.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 02/02/2013 3:51:54 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/02/2013 3:48:18 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.








Vino's Event Viewer v01c run on Windows XP in English
Report run at 02/02/2013 3:52:35 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
Look in C:\ See if you can find Combofix.txt or Perhaps it's in C:\Combofix\ If all else fails look in c:\qoobox for CombofixN.txt where N is some number. I think that's where it keeps an archive of its logs.

How is it running now?

I don't really see a anti-virus now. Online Armor is just a firewall. Let's install the free Avast:

http://www.avast.com...ivirus-download
  • 0

#13
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
i think you did great!

should i re-do the combofix again to get the log? i cant find it anywhere

how can we get rid of network drive (J:\) per Speccy. it still shows it. maybe thats why my online games play choppy.
  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
Yes rerun Combofix and let's see what it looks like now.

If you can find it in Explorer then you just right click on it and Disconnect or Delete.

There is a command prompt command that you could use too:
]
Start, Run, cmd, OK and then type:


net  use  J:  /delete

(I use two spaces in the code box so you can see where one space goes.)
  • 0

#15
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
got combofix to go, the firewall was interfering.

net use J: /delete didnt seem to rid the network

Network Shares
새 볼륨 (J) J:\
J J:\
SharedDocs C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS
Printer Send To OneNote 2007,LocalsplOnly
Printer2 HP Officejet 6500 E709n Series fax,LocalsplOnly
Printer3 HP Officejet 6500 E709n Series,LocalsplOnly
Current TCP Connections
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (3972)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (584)
C:\Program Files\AVAST Software\Avast\setup\avast.setup (2072)
C:\Program Files\Mozilla Firefox\firefox.exe (3404)
C:\WINDOWS\System32\alg.exe (3276)
System Process
System Process
svchost.exe (808)

ComboFix 13-02-02.05 - Charles Carey 02/02/2013 19:44:45.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1667 [GMT -5:00]
Running from: c:\documents and settings\Charles Carey\Desktop\Removal tools\ComboFix.exe
Command switches used :: c:\documents and settings\Charles Carey\Desktop\Removal tools\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: Online Armor Firewall *Enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
FILE ::
"c:\windows\SYSTEM32\DRIVERS\SmartDefragDriver.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit
c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe
c:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\win8_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\win8_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\win8_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\win8_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\EULA.rtf
c:\program files\IObit\Smart Defrag 2\fav.ico
c:\program files\IObit\Smart Defrag 2\Freeware\ASC_FreeSoftwareDownloader.exe
c:\program files\IObit\Smart Defrag 2\Freeware\Check.dll
c:\program files\IObit\Smart Defrag 2\Freeware\FreeSoftwareDownload\IObitMalwareFighterSetup.exe
c:\program files\IObit\Smart Defrag 2\Freeware\SD_FreeSoftwareDownloader.exe
c:\program files\IObit\Smart Defrag 2\Help\Images\001.jpg
c:\program files\IObit\Smart Defrag 2\Help\Images\002.jpg
c:\program files\IObit\Smart Defrag 2\Help\Images\003.jpg
c:\program files\IObit\Smart Defrag 2\Help\Images\004.jpg
c:\program files\IObit\Smart Defrag 2\Help\Images\005.jpg
c:\program files\IObit\Smart Defrag 2\Help\Images\006.jpg
c:\program files\IObit\Smart Defrag 2\Help\Images\007.jpg
c:\program files\IObit\Smart Defrag 2\Help\Images\008.jpg
c:\program files\IObit\Smart Defrag 2\Help\Images\009.jpg
c:\program files\IObit\Smart Defrag 2\Help\Index.html
c:\program files\IObit\Smart Defrag 2\Language\Albanian.lng
c:\program files\IObit\Smart Defrag 2\Language\Arabic.lng
c:\program files\IObit\Smart Defrag 2\Language\Bulgarian.lng
c:\program files\IObit\Smart Defrag 2\Language\ChineseSimp.lng
c:\program files\IObit\Smart Defrag 2\Language\ChineseTrad.lng
c:\program files\IObit\Smart Defrag 2\Language\Czech.lng
c:\program files\IObit\Smart Defrag 2\Language\Danish.lng
c:\program files\IObit\Smart Defrag 2\Language\Dutch.lng
c:\program files\IObit\Smart Defrag 2\Language\English.lng
c:\program files\IObit\Smart Defrag 2\Language\Finnish.lng
c:\program files\IObit\Smart Defrag 2\Language\Flemish.lng
c:\program files\IObit\Smart Defrag 2\Language\French.lng
c:\program files\IObit\Smart Defrag 2\Language\Georgian.lng
c:\program files\IObit\Smart Defrag 2\Language\German.lng
c:\program files\IObit\Smart Defrag 2\Language\Greek.lng
c:\program files\IObit\Smart Defrag 2\Language\Hebrew.lng
c:\program files\IObit\Smart Defrag 2\Language\Hungarian.lng
c:\program files\IObit\Smart Defrag 2\Language\Indonesia.lng
c:\program files\IObit\Smart Defrag 2\Language\Italian.lng
c:\program files\IObit\Smart Defrag 2\Language\Japanese.lng
c:\program files\IObit\Smart Defrag 2\Language\Kashubian.lng
c:\program files\IObit\Smart Defrag 2\Language\Korean.lng
c:\program files\IObit\Smart Defrag 2\Language\Kurdish.lng
c:\program files\IObit\Smart Defrag 2\Language\Malay.lng
c:\program files\IObit\Smart Defrag 2\Language\Malayalam.lng
c:\program files\IObit\Smart Defrag 2\Language\Norwegian.lng
c:\program files\IObit\Smart Defrag 2\Language\Polish.lng
c:\program files\IObit\Smart Defrag 2\Language\Portuguese(PT-BR).lng
c:\program files\IObit\Smart Defrag 2\Language\Portuguese(PT-PT).lng
c:\program files\IObit\Smart Defrag 2\Language\Romanian.lng
c:\program files\IObit\Smart Defrag 2\Language\Russian.lng
c:\program files\IObit\Smart Defrag 2\Language\Serbian.lng
c:\program files\IObit\Smart Defrag 2\Language\Slovak.lng
c:\program files\IObit\Smart Defrag 2\Language\Slovenian.lng
c:\program files\IObit\Smart Defrag 2\Language\Spanish.lng
c:\program files\IObit\Smart Defrag 2\Language\Swedish.lng
c:\program files\IObit\Smart Defrag 2\Language\Turkish.lng
c:\program files\IObit\Smart Defrag 2\Language\Ukrainian.lng
c:\program files\IObit\Smart Defrag 2\Language\Vietnamese.lng
c:\program files\IObit\Smart Defrag 2\LatestNews\LatestNews.ini
c:\program files\IObit\Smart Defrag 2\Log\SDBootTime_2012-12-26-11-27-17.log
c:\program files\IObit\Smart Defrag 2\Log\SDBootTime_2013-01-09-07-00-19.log
c:\program files\IObit\Smart Defrag 2\Log\SDBootTime_2013-01-16-12-00-53.log
c:\program files\IObit\Smart Defrag 2\Log\SDBootTime_2013-01-23-10-51-03.log
c:\program files\IObit\Smart Defrag 2\Log\SDBootTime_2013-01-28-11-23-30.log
c:\program files\IObit\Smart Defrag 2\NtfsData.dll
c:\program files\IObit\Smart Defrag 2\rtl120.bpl
c:\program files\IObit\Smart Defrag 2\SDDriverMgr.dll
c:\program files\IObit\Smart Defrag 2\SDInit.exe
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Center.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Checked.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Unchecked.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnDivider.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnHeader.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Bottom.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Hide.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Item_Selected.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Layout.ini
c:\program files\IObit\Smart Defrag 2\Skins\Black\line.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Logo.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Page_Body.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Setting_Text_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Show.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Statistics.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Title.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\center.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Checked.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Unchecked.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Close_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Close_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\ColumnDivider.png
c:\program files\IObit\Smart Defrag 2\Skins\White\ColumnHeader.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Bottom.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Hide.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Item_Selected.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Layout.ini
c:\program files\IObit\Smart Defrag 2\Skins\White\line.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Logo.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Page_Body.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Setting_Text_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Show.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Statistics.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Title.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Top.png
c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files\IObit\Smart Defrag 2\taskMgr.dll
c:\program files\IObit\Smart Defrag 2\unins000.dat
c:\program files\IObit\Smart Defrag 2\unins000.exe
c:\program files\IObit\Smart Defrag 2\unins000.msg
c:\program files\IObit\Smart Defrag 2\UninstallPromote.exe
c:\program files\IObit\Smart Defrag 2\Update\Update.Ini
c:\program files\IObit\Smart Defrag 2\vcl120.bpl
c:\program files\IObit\Smart Defrag 2\vclx120.bpl
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_REGFILTER
-------\Legacy_SMARTDEFRAGDRIVER
-------\Legacy_URLFILTER
-------\Service_SmartDefragDriver
.
.
((((((((((((((((((((((((( Files Created from 2013-01-03 to 2013-02-03 )))))))))))))))))))))))))))))))
.
.
2013-02-02 23:04 . 2012-10-30 23:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-02 23:04 . 2012-10-30 23:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-02 23:04 . 2012-10-30 23:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-02 23:04 . 2012-10-30 23:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-02 23:04 . 2012-10-30 23:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-02 23:04 . 2012-10-30 23:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-02-02 23:04 . 2012-10-30 23:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-02-02 23:04 . 2012-10-30 23:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-02-02 23:04 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-02 23:04 . 2012-10-30 23:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-02 23:03 . 2013-02-02 23:03 -------- d-----w- c:\program files\AVAST Software
2013-02-02 23:03 . 2013-02-02 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2013-02-02 21:13 . 2008-04-13 19:36 20352 ----a-w- c:\windows\system32\drivers\hidbatt.sys
2013-02-02 21:13 . 2008-04-13 19:36 20352 ----a-w- c:\windows\system32\dllcache\hidbatt.sys
2013-02-02 19:32 . 2013-02-02 19:32 -------- d-----w- c:\program files\NirSoft
2013-02-02 17:40 . 2013-02-02 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\OnlineArmor
2013-02-02 17:40 . 2013-02-02 17:40 -------- d-----w- c:\documents and settings\Charles Carey\Application Data\OnlineArmor
2013-02-02 17:39 . 2012-10-02 20:03 44992 ----a-w- c:\windows\system32\drivers\oahlp32.sys
2013-02-02 17:39 . 2012-10-02 20:02 31920 ----a-w- c:\windows\system32\drivers\OAnet.sys
2013-02-02 17:39 . 2012-10-02 20:02 27648 ----a-w- c:\windows\system32\drivers\OAmon.sys
2013-02-02 17:39 . 2012-10-02 20:02 208320 ----a-w- c:\windows\system32\drivers\OADriver.sys
2013-02-02 17:39 . 2013-02-03 00:35 -------- d-----w- c:\program files\Online Armor
2013-02-02 04:51 . 2013-02-02 04:51 -------- d-----w- c:\program files\Speccy
2013-01-28 15:39 . 2012-05-08 23:35 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-01-27 03:20 . 2013-01-27 03:20 -------- d-----w- c:\documents and settings\Charles Carey\Local Settings\Application Data\Sun
2013-01-27 03:16 . 2013-01-27 03:16 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit
2013-01-26 21:49 . 2013-01-26 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-01-26 21:49 . 2013-01-26 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-01-23 20:29 . 2013-01-26 17:53 -------- d-----w- c:\documents and settings\Charles Carey\Application Data\wsInspector
2013-01-23 20:24 . 2013-01-23 20:25 -------- d-----w- c:\program files\Startup Inspector for Windows
2013-01-16 17:50 . 2013-01-16 17:50 -------- d-----w- c:\program files\ESET
2013-01-16 02:47 . 2013-01-16 02:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-16 02:47 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 02:23 . 2013-01-26 21:35 -------- d-----w- c:\program files\Revo Uninstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-02 21:31 . 2007-07-26 21:39 138376 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-02-02 21:31 . 2007-07-26 21:38 202448 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-26 21:46 . 2010-04-28 15:43 780192 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2008-03-09 11:25 . 2012-08-07 23:04 236 ----a-w- c:\program files\Common Files\dx.reg
2013-01-19 05:22 . 2013-01-19 05:22 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-02-02 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\ONLINE~2\oaevent.dll" [2012-10-02 366440]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Charles Carey^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Charles Carey\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD_SRT]
c:\program files\Western Digital Technologies\WD Win98 SE USB Disk Driver [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2003-02-27 11:04 114688 ------w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2012-11-30 02:06 1263512 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry]
2002-08-14 23:22 28672 ----a-w- c:\windows\SYSTEM32\DSentry.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 04:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 21:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2004-04-14 19:04 40960 ------w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2009-06-01 18:51 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-08 00:56 13880424 ----a-w- c:\windows\SYSTEM32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-08 00:56 111208 ----a-w- c:\windows\SYSTEM32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2004-04-14 18:46 57393 ------w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
2003-01-09 14:21 253952 ------w- c:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2003-01-13 15:19 757760 ------w- c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
2004-01-02 00:09 65536 ------w- c:\program files\Common Files\Roxio Shared\System\EngUtil.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmaTel StacMon]
2003-03-26 22:19 45056 ------w- c:\program files\SigmaTel\C-Major Audio\stacmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-10-14 14:22 155648 ------r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]
2009-03-25 16:31 339968 ----a-w- c:\windows\SYSTEM32\WDBtnMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNUtil.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNTray.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNCfg.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNUpdate.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\SmartFTP Client 2.0\\SmartFTP.exe"=
"c:\\Battlefield 2\\BF2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqdstcp.exe"=
"c:\\Program Files\\321Studios\\Platinum\\BugTool.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{FA0F0A01-4631-4161-A6C2-948BF694382E}\\setup\\hpznui01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9220:TCP"= 9220:TCP:9220
"161:UDP"= 161:UDP:161
"427:UDP"= 427:UDP:427
"9500:TCP"= 9500:TCP:9500
"9290:TCP"= 9290:TCP:9290
"139:UDP"= 139:UDP:139
"137:TCP"= 137:TCP:137
"9100:TCP"= 9100:TCP:9100
.
R1 aswSnx;aswSnx;c:\windows\SYSTEM32\DRIVERS\aswSnx.sys [2/2/2013 6:04 PM 738504]
R1 aswSP;aswSP;c:\windows\SYSTEM32\DRIVERS\aswSP.sys [2/2/2013 6:04 PM 361032]
R1 OADevice;OADriver;c:\windows\SYSTEM32\DRIVERS\OADriver.sys [2/2/2013 12:39 PM 208320]
R1 oahlpXX;Online Armor helper driver;c:\windows\SYSTEM32\DRIVERS\oahlp32.sys [2/2/2013 12:39 PM 44992]
R1 OAmon;OAmon;c:\windows\SYSTEM32\DRIVERS\OAmon.sys [2/2/2013 12:39 PM 27648]
R1 OAnet;OAnet;c:\windows\SYSTEM32\DRIVERS\OAnet.sys [2/2/2013 12:39 PM 31920]
R2 aswFsBlk;aswFsBlk;c:\windows\SYSTEM32\DRIVERS\aswFsBlk.sys [2/2/2013 6:04 PM 21256]
R2 OAcat;Online Armor Helper Service;c:\program files\Online Armor\oacat.exe [2/2/2013 12:39 PM 216072]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\SYSTEM32\DRIVERS\Pcouffin.sys [2/22/2004 6:34 AM 34528]
S3 DCamUSB20;AVerDVD EZMaker USB 2.0 Video Capture;c:\windows\SYSTEM32\DRIVERS\CsMini20.sys [3/18/2003 2:55 PM 46248]
S3 DCamUSBSony4;Sony Visual Communication Camera;c:\windows\SYSTEM32\DRIVERS\snyucam4.sys [6/2/2004 3:36 PM 424127]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [1/29/2011 5:39 PM 19056]
S3 SvcOnlineArmor;Online Armor;c:\program files\Online Armor\oasrv.exe [2/2/2013 12:39 PM 4463864]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [5/27/2010 8:26 AM 90352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-03 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-02 23:50]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore1caf3eebc635d38.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 17:17]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 17:17]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core.job
- c:\documents and settings\Charles Carey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-07 19:51]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA.job
- c:\documents and settings\Charles Carey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-07 19:51]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.dellnet.com/
uInternet Settings,ProxyOverride = localhost
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
Trusted Zone: cars.com\siy
TCP: DhcpNameServer = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\i386\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\i386\xmldso.cab
DPF: PackageCab - hxxp://ak.imgag.com/imgag/cp/install/AxCtp2.cab
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/dsl_settings/include/vzTCPConfig.CAB
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
FF - ProfilePath - c:\documents and settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.jeepforum.com/
FF - ExtSQL: 2013-01-29 12:47; {45d8ff86-d909-11db-9705-005056c00008}; c:\documents and settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF - ExtSQL: !HIDDEN! 2010-03-07 19:27; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{E4000AC4-5E5F-4956-807A-C5854405D64F} - (no file)
ShellExecuteHooks-{EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - (no file)
AddRemove-Smart Defrag 2_is1 - c:\program files\IObit\Smart Defrag 2\unins000.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\documents and settings\Charles Carey\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
disk not found C:\
.
please note that you need administrator rights to perform deep scan
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2876)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\brss01a.exe
c:\windows\SYSTEM32\acs.exe
c:\windows\system32\CTsvcCDA.EXE
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2013-02-02 19:59:21 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-03 00:59
.
Pre-Run: 50,454,724,608 bytes free
Post-Run: 50,434,764,800 bytes free
.
- - End Of File - - 39407765EFA0578CF8DD3E95C6C3076F
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP