Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can't Downlod antivrus or malware programs nor windows update [Clo

Started by PeterHamlett , Feb 18 2013 03:31 PM

  • This topic is locked This topic is locked

#1
PeterHamlett
Posted 18 February 2013 - 03:31 PM

PeterHamlett

    New Member

  • Member
  • Pip
  • 8 posts
Reformatted disc and loaded Windows from oem software. still can not update Windows nor download any anti-virus or malware removal software.
Was able to download RKill and Helper and ran both before OTL.
Could not load VIPRE nor SuperAntiSpyware.

OTL logfile created on: 2/18/2013 4:21:53 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Peter\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.23 Mb Total Physical Memory | 531.63 Mb Available Physical Memory | 52.37% Memory free
2.39 Gb Paging File | 2.03 Gb Available in Paging File | 85.02% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.25 Gb Total Space | 6.36 Gb Free Space | 41.72% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.87 Gb Free Space | 99.68% Space Free | Partition Type: FAT32

Computer Name: PETER-E3AC03268 | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/18 15:59:59 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Peter\My Documents\Downloads\aswMBR.exe
PRC - [2013/02/18 15:25:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Peter\My Documents\Downloads\OTL.exe
PRC - [2013/02/01 13:22:34 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/02 02:39:14 | 001,401,224 | ---- | M] (CleanMyPC Software) -- C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe
PRC - [2008/08/29 19:03:24 | 000,442,477 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\STTRAY.EXE
PRC - [2008/08/29 19:03:24 | 000,237,667 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\STACSV.EXE
PRC - [2008/08/28 10:16:34 | 000,471,040 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFLTR.EXE
PRC - [2008/07/30 13:56:16 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/02 09:50:28 | 000,655,640 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe
PRC - [2008/03/25 03:28:02 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/01 13:22:37 | 003,023,256 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/07/30 13:52:10 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008/07/30 09:55:02 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/04/14 07:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/01 13:22:36 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2008/08/29 19:03:24 | 000,237,667 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STACSV.EXE -- (STacSV)
SRV - [2008/04/14 07:00:00 | 000,166,433 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\auvphori.dll -- (mvimceqpn)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Peter\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/09/08 19:53:05 | 001,294,200 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/08/29 19:03:24 | 001,388,980 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/08/28 10:16:36 | 000,112,128 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/07/24 12:37:16 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/24 12:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/06/27 13:02:00 | 000,289,024 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/05/30 06:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/03/10 13:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 12:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsof...ss/allinone.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsof...ss/allinone.asp
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-1715567821-823518204-299502267-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found


FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/18 12:19:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/18 12:18:58 | 000,000,000 | ---D | M]

[2013/02/18 12:27:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Peter\Application Data\Mozilla\Extensions
[2013/02/18 12:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/18 12:19:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/02/01 13:22:53 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/10/14 20:33:30 | 000,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2013/02/01 13:22:13 | 000,001,607 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2013/02/01 13:22:13 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/01 13:22:13 | 000,001,453 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2013/02/01 13:22:13 | 000,002,669 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2013/02/01 13:22:13 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2013/02/01 13:22:13 | 000,001,391 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2013/02/01 13:22:13 | 000,001,309 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-1715567821-823518204-299502267-1004\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1715567821-823518204-299502267-1004\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IDTSysTrayApp] C:\WINDOWS\STTRAY.EXE (IDT, Inc.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\STTRAY.EXE (IDT, Inc.)
O4 - HKU\S-1-5-21-1715567821-823518204-299502267-1004..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1715567821-823518204-299502267-1004..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1715567821-823518204-299502267-1004..\Run: [Registry Cleaner Scheduler] C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe (CleanMyPC Software)
O4 - HKU\S-1-5-21-1715567821-823518204-299502267-1004..\Run: [Uniblue ProcessQuickLink 2] C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe (Uniblue)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCMD = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-21-1715567821-823518204-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C3F5547-EE4B-4688-A6BA-6CA99D94EC08}: DhcpNameServer = 8.8.8.8
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Tempest.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Tempest.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/09/08 19:18:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/21 11:06:58 | 000,059,288 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/18 13:22:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SecTaskMan
[2013/02/18 13:22:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Security Task Manager
[2013/02/18 13:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2013/02/18 13:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2013/02/18 13:03:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\ProcessQuickLink 2
[2013/02/18 12:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\My Documents\Downloads
[2013/02/18 12:37:03 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/18 12:37:03 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/18 12:19:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Local Settings\Application Data\Mozilla
[2013/02/18 12:19:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Application Data\Mozilla
[2013/02/18 12:19:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
[2013/02/18 12:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/02/18 12:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\APN
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/18 13:47:08 | 000,401,632 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/18 13:47:08 | 000,062,746 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/18 13:42:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/18 13:42:18 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2013/02/18 13:42:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2013/02/18 13:16:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2013/02/18 13:16:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2013/02/18 12:37:03 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/18 12:37:03 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/18 12:32:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2013/02/18 12:32:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2013/02/18 12:19:16 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/02/18 11:40:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2013/02/18 11:40:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2013/02/18 11:13:18 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/18 13:42:18 | 000,000,268 | -H-- | C] () -- C:\sqmdata12.sqm
[2013/02/18 13:42:18 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2013/02/18 13:16:17 | 000,000,268 | -H-- | C] () -- C:\sqmdata11.sqm
[2013/02/18 13:16:17 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2013/02/18 12:32:01 | 000,000,268 | -H-- | C] () -- C:\sqmdata10.sqm
[2013/02/18 12:32:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2013/02/18 12:19:16 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/02/18 11:40:17 | 000,000,268 | -H-- | C] () -- C:\sqmdata09.sqm
[2013/02/18 11:40:17 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2012/09/08 20:29:21 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2012/09/08 19:52:00 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2012/09/08 19:25:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/09/08 19:11:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/09/08 15:32:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/09/08 15:30:12 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2012/09/08 20:00:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 07:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 07:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2008/04/14 07:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 07:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 07:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/14 07:00:00 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 07:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 07:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/14 07:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/04/14 07:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 07:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/14 07:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 07:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/14 04:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 07:00:00 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 07:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 07:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 07:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 07:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 07:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 07:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/14 07:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2008/04/14 07:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2008/04/14 07:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 07:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 07:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 07:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/14 07:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 07:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 07:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 07:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 07:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/14 07:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2008/04/14 07:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 07:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 07:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 07:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 07:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 07:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 07:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 07:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 07:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 07:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 07:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 07:00:00 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 07:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
No service found with a name of Wmi
SRV - [2008/04/14 07:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 07:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/14 07:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SERVICES >
[2008/04/14 07:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES._ >
[2008/04/14 15:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 -- C:\I386\SERVICES._

< MD5 for: SERVICES.EX_ >
[2008/04/14 15:00:00 | 000,049,959 | ---- | M] () MD5=EE4885163C0C0729A3C5F1416A6E5F48 -- C:\I386\SERVICES.EX_

< MD5 for: SERVICES.EXE >
[2008/04/14 07:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\system32\dllcache\services.exe
[2008/04/14 07:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\system32\services.exe

< MD5 for: SERVICES.LNK >
[2012/10/06 22:52:39 | 000,001,602 | ---- | M] () MD5=09575211980313DB86008E5582D4BD73 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
[2012/09/08 19:19:23 | 000,001,602 | ---- | M] () MD5=C19A1249E1D1AE5D6D4EC8A9C75520E9 -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.MS_ >
[2008/04/14 15:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 -- C:\I386\SERVICES.MS_

< MD5 for: SERVICES.MSC >
[2008/04/14 07:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc

< MD5 for: SVCHOST.EXE >
[2008/04/14 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 07:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 07:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008/04/14 07:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 07:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
[2013/02/18 12:49:04 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) MD5=ED0F04D5DE32FEC14E91D7DD9571580D -- C:\Documents and Settings\Peter\My Documents\Downloads\WiNlOgOn.exe

< MD5 for: WINSOCK.DL_ >
[2008/04/14 15:00:00 | 000,001,516 | ---- | M] () MD5=DBE00AC2D306E49623D471A292EF25DC -- C:\I386\WINSOCK.DL_

< MD5 for: WINSOCK.DLL >
[2008/04/14 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\WINDOWS\system32\dllcache\winsock.dll
[2008/04/14 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\WINDOWS\system32\winsock.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:ECF54A0E

< End of report >

OTL Extras logfile created on: 2/18/2013 3:25:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Peter\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.23 Mb Total Physical Memory | 574.31 Mb Available Physical Memory | 56.57% Memory free
2.39 Gb Paging File | 2.05 Gb Available in Paging File | 85.83% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.25 Gb Total Space | 6.38 Gb Free Space | 41.86% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.87 Gb Free Space | 99.68% Space Free | Partition Type: FAT32

Computer Name: PETER-E3AC03268 | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"6986:TCP" = 6986:TCP:*:Enabled:echrmj

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CleanMyPC - Registry Cleaner_is1" = CleanMyPC - Registry Cleaner
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox 18.0.2 (x86 en-US)" = Mozilla Firefox 18.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ProcessQuickLink 2_is1" = Uniblue ProcessQuickLink 2
"Security Task Manager" = Security Task Manager 1.8g
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/18/2013 1:08:31 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 2/18/2013 1:08:31 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 2/18/2013 1:08:31 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 2/18/2013 1:49:18 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved

Error - 2/18/2013 1:49:18 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 2/18/2013 2:22:02 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved

Error - 2/18/2013 2:22:02 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 2/18/2013 2:22:02 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 2/18/2013 2:22:02 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 2/18/2013 4:17:23 PM | Computer Name = PETER-E3AC03268 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

[ System Events ]
Error - 9/13/2012 9:34:00 AM | Computer Name = PETER-E3AC03268 | Source = Service Control Manager | ID = 7023
Description = The Universal Monitor service terminated with the following error:
%%1114

Error - 9/13/2012 9:50:01 AM | Computer Name = PETER-E3AC03268 | Source = Service Control Manager | ID = 7023
Description = The Universal Monitor service terminated with the following error:
%%1114

Error - 9/13/2012 11:27:53 AM | Computer Name = PETER-E3AC03268 | Source = Service Control Manager | ID = 7023
Description = The Universal Monitor service terminated with the following error:
%%1114

Error - 9/19/2012 4:01:44 PM | Computer Name = PETER-E3AC03268 | Source = Service Control Manager | ID = 7023
Description = The Universal Monitor service terminated with the following error:
%%1114

Error - 9/19/2012 4:07:42 PM | Computer Name = PETER-E3AC03268 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 9/19/2012 4:09:33 PM | Computer Name = PETER-E3AC03268 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 9/19/2012 4:14:32 PM | Computer Name = PETER-E3AC03268 | Source = Service Control Manager | ID = 7023
Description = The Universal Monitor service terminated with the following error:
%%1114

Error - 10/6/2012 8:47:51 PM | Computer Name = PETER-E3AC03268 | Source = Service Control Manager | ID = 7023
Description = The Universal Monitor service terminated with the following error:
%%1114

Error - 10/6/2012 9:06:36 PM | Computer Name = PETER-E3AC03268 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 10/6/2012 9:06:36 PM | Computer Name = PETER-E3AC03268 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.


< End of report >


Thank you for the help!
Attached File  OTL.Txt   90.64KB   182 downloads
Attached File  Extras.Txt   27.32KB   221 downloads

Edited by PeterHamlett, 18 February 2013 - 03:41 PM.

  • 0

Advertisements

#2
PeterHamlett
Posted 18 February 2013 - 03:33 PM

PeterHamlett

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
aswmbr log
Attached File  aswMBR.txt   515bytes   195 downloads

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-18 16:00:27
-----------------------------
16:00:27.593 OS Version: Windows 5.1.2600 Service Pack 3
16:00:27.593 Number of processors: 2 586 0x1C02
16:00:27.593 ComputerName: PETER-E3AC03268 UserName: Peter
16:00:30.359 Initialize success
16:00:52.437 AVAST engine download error: 0
16:32:16.656 The log file has been saved successfully to "C:\Documents and Settings\Peter\My Documents\Downloads\aswMBR.txt"

Edited by PeterHamlett, 18 February 2013 - 03:43 PM.

  • 0

#3
PeterHamlett
Posted 18 February 2013 - 03:45 PM

PeterHamlett

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Exehelper log

exeHelper by Raktor
Build 20100414
Run at 15:21:10 on 02/18/13
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

Attached File  exehelperlog.txt   414bytes   198 downloads
  • 0

#4
Essexboy
Posted 18 February 2013 - 03:52 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there aswMBR did not run correctly

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
SRV - [2008/04/14 07:00:00 | 000,166,433 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\auvphori.dll -- (mvimceqpn)

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download the latest version of TDSSKiller from here and save it to your Desktop.
Alternate link

  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#5
Essexboy
Posted 24 February 2013 - 06:20 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#6
Essexboy
Posted 28 February 2013 - 01:26 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
User returned
  • 0

#7
PeterHamlett
Posted 28 February 2013 - 01:37 PM

PeterHamlett

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Quick Scan Results & TDSSKiller Report

OTL logfile created on: 2/28/2013 2:15:14 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Peter\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.23 Mb Total Physical Memory | 689.62 Mb Available Physical Memory | 67.93% Memory free
2.39 Gb Paging File | 2.17 Gb Available in Paging File | 90.85% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.25 Gb Total Space | 2.97 Gb Free Space | 19.46% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.87 Gb Free Space | 99.68% Space Free | Partition Type: FAT32

Computer Name: PETER-E3AC03268 | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/27 19:56:02 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/02/24 20:45:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2013/02/18 15:25:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Peter\My Documents\Downloads\OTL.exe
PRC - [2011/08/02 02:39:14 | 001,401,224 | ---- | M] (CleanMyPC Software) -- C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe
PRC - [2008/08/29 19:03:24 | 000,442,477 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\STTRAY.EXE
PRC - [2008/08/29 19:03:24 | 000,442,477 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\STTRAY.EXE
PRC - [2008/08/29 19:03:24 | 000,237,667 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\STACSV.EXE
PRC - [2008/08/28 10:16:34 | 000,471,040 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFLTR.EXE
PRC - [2008/07/30 13:56:16 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/02 09:50:28 | 000,655,640 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe
PRC - [2007/05/10 22:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2007/05/04 10:39:28 | 000,910,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/05/04 10:39:12 | 000,149,040 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2008/07/30 13:52:10 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008/07/30 09:55:02 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/04/14 07:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/02/16 17:40:42 | 005,521,408 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/02/16 17:40:40 | 001,466,368 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/27 19:56:02 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/02/27 19:49:20 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/24 20:45:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/08/29 19:03:24 | 000,237,667 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STACSV.EXE -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/09/08 19:53:05 | 001,294,200 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/08/29 19:03:24 | 001,388,980 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/08/28 10:16:36 | 000,112,128 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/07/24 12:37:16 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/24 12:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/06/27 13:02:00 | 000,289,024 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/05/30 06:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/03/10 13:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 12:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsof...ss/allinone.asp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsof...ss/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/27 19:49:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/27 19:48:44 | 000,000,000 | ---D | M]

[2013/02/18 12:27:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Peter\Application Data\Mozilla\Extensions
[2013/02/27 19:48:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/27 19:49:22 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/02/20 16:04:02 | 002,463,976 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2013/02/01 13:22:13 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/27 19:49:16 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/02/28 13:55:54 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [IDTSysTrayApp] C:\WINDOWS\STTRAY.EXE (IDT, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\STTRAY.EXE (IDT, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Registry Cleaner Scheduler] C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe (CleanMyPC Software)
O4 - HKCU..\Run: [Uniblue ProcessQuickLink 2] C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe (Uniblue)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C3F5547-EE4B-4688-A6BA-6CA99D94EC08}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Tempest.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Tempest.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/09/08 19:18:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/21 11:06:58 | 000,059,288 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/27 20:15:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Local Settings\Application Data\Sun
[2013/02/27 20:07:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/27 19:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2013/02/27 19:54:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/02/27 19:51:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
[2013/02/27 19:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/24 22:10:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
[2013/02/24 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/02/24 21:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Master Collection CS3
[2013/02/24 20:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2013/02/24 18:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Local Settings\Application Data\Ahead
[2013/02/24 18:16:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LightScribe
[2013/02/24 18:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\LightScribe Direct Disc Labeling
[2013/02/24 18:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2013/02/24 18:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Nero 7 Essentials
[2013/02/24 18:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Application Data\Ahead
[2013/02/24 18:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
[2013/02/24 18:01:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2013/02/24 18:01:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2013/02/24 17:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Application Data\Adobe
[2013/02/18 13:22:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SecTaskMan
[2013/02/18 13:22:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Security Task Manager
[2013/02/18 13:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2013/02/18 13:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2013/02/18 13:03:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\ProcessQuickLink 2
[2013/02/18 12:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\My Documents\Downloads
[2013/02/18 12:19:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Local Settings\Application Data\Mozilla
[2013/02/18 12:19:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Application Data\Mozilla
[2013/02/18 12:19:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
[2013/02/18 12:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/02/18 12:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\APN

========== Files - Modified Within 30 Days ==========

[2013/02/28 14:03:45 | 000,401,632 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/28 14:03:45 | 000,062,746 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/28 13:59:40 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/28 13:59:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/28 13:58:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2013/02/28 13:58:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2013/02/28 13:55:54 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/02/27 21:54:04 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2013/02/27 21:54:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2013/02/27 20:09:03 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2013/02/27 20:09:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2013/02/27 19:39:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2013/02/27 19:39:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2013/02/24 22:11:27 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2013/02/24 22:11:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2013/02/24 22:10:03 | 001,392,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/24 21:52:14 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Acrobat 8 Professional.lnk
[2013/02/24 20:36:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2013/02/24 20:36:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2013/02/24 18:13:02 | 000,002,379 | ---- | M] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2013/02/24 18:13:02 | 000,002,361 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero StartSmart Essentials.lnk
[2013/02/24 18:13:02 | 000,002,279 | ---- | M] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2013/02/24 18:13:02 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero Home Essentials SE.lnk
[2013/02/24 18:13:02 | 000,001,879 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero Online Upgrade.lnk
[2013/02/18 16:50:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2013/02/18 16:50:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2013/02/18 13:42:18 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2013/02/18 13:42:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2013/02/18 13:16:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2013/02/18 13:16:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2013/02/18 12:32:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2013/02/18 12:32:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2013/02/18 12:19:16 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/02/18 11:40:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2013/02/18 11:40:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm

========== Files Created - No Company Name ==========

[2013/02/28 13:58:59 | 000,000,268 | -H-- | C] () -- C:\sqmdata19.sqm
[2013/02/28 13:58:59 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2013/02/27 21:54:04 | 000,000,268 | -H-- | C] () -- C:\sqmdata18.sqm
[2013/02/27 21:54:04 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2013/02/27 20:09:03 | 000,000,268 | -H-- | C] () -- C:\sqmdata17.sqm
[2013/02/27 20:09:03 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2013/02/27 19:39:14 | 000,000,268 | -H-- | C] () -- C:\sqmdata16.sqm
[2013/02/27 19:39:14 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2013/02/24 22:11:27 | 000,000,268 | -H-- | C] () -- C:\sqmdata15.sqm
[2013/02/24 22:11:27 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2013/02/24 21:52:14 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Acrobat 8 Professional.lnk
[2013/02/24 21:38:40 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2013/02/24 20:36:34 | 000,000,268 | -H-- | C] () -- C:\sqmdata14.sqm
[2013/02/24 20:36:34 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2013/02/24 18:13:02 | 000,002,379 | ---- | C] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2013/02/24 18:13:02 | 000,002,361 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero StartSmart Essentials.lnk
[2013/02/24 18:13:02 | 000,002,279 | ---- | C] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2013/02/24 18:13:02 | 000,002,261 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero Home Essentials SE.lnk
[2013/02/24 18:13:02 | 000,001,879 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero Online Upgrade.lnk
[2013/02/18 16:50:05 | 000,000,268 | -H-- | C] () -- C:\sqmdata13.sqm
[2013/02/18 16:50:05 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2013/02/18 13:42:18 | 000,000,268 | -H-- | C] () -- C:\sqmdata12.sqm
[2013/02/18 13:42:18 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2013/02/18 13:16:17 | 000,000,268 | -H-- | C] () -- C:\sqmdata11.sqm
[2013/02/18 13:16:17 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2013/02/18 12:32:01 | 000,000,268 | -H-- | C] () -- C:\sqmdata10.sqm
[2013/02/18 12:32:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2013/02/18 12:19:16 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/02/18 11:40:17 | 000,000,268 | -H-- | C] () -- C:\sqmdata09.sqm
[2013/02/18 11:40:17 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2012/09/08 20:29:21 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2012/09/08 19:52:00 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2012/09/08 19:25:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/09/08 19:11:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/09/08 15:32:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/09/08 15:30:12 | 001,392,592 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2012/09/08 20:00:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 07:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 07:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/18 12:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\APN
[2013/02/24 18:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LightScribe
[2013/02/18 13:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SecTaskMan
[2013/02/18 12:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedMaxPc
[2013/02/28 14:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2012/10/06 22:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Application Data\DriverCure
[2012/09/19 15:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Application Data\MSNInstaller
[2012/10/06 22:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Application Data\SpeedMaxPc
[2012/09/08 19:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Application Data\TMP

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:ECF54A0E

< End of report >

-----------------------------------------------------------------------------------------------------------------

14:22:26.0718 3528 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:22:27.0093 3528 ============================================================
14:22:27.0093 3528 Current date / time: 2013/02/28 14:22:27.0093
14:22:27.0093 3528 SystemInfo:
14:22:27.0093 3528
14:22:27.0093 3528 OS Version: 5.1.2600 ServicePack: 3.0
14:22:27.0093 3528 Product type: Workstation
14:22:27.0093 3528 ComputerName: PETER-E3AC03268
14:22:27.0093 3528 UserName: Peter
14:22:27.0093 3528 Windows directory: C:\WINDOWS
14:22:27.0093 3528 System windows directory: C:\WINDOWS
14:22:27.0093 3528 Processor architecture: Intel x86
14:22:27.0093 3528 Number of processors: 2
14:22:27.0093 3528 Page size: 0x1000
14:22:27.0093 3528 Boot type: Normal boot
14:22:27.0093 3528 ============================================================
14:22:30.0500 3528 Drive \Device\Harddisk0\DR0 - Size: 0x3D0FE0000 (15.27 Gb), SectorSize: 0x200, Cylinders: 0x7C8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:22:30.0500 3528 Drive \Device\Harddisk1\DR2 - Size: 0x785FFC00 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:22:30.0500 3528 ============================================================
14:22:30.0500 3528 \Device\Harddisk0\DR0:
14:22:30.0500 3528 MBR partitions:
14:22:30.0500 3528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E80EC8
14:22:30.0500 3528 \Device\Harddisk1\DR2:
14:22:30.0500 3528 MBR partitions:
14:22:30.0500 3528 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x3C0FFE
14:22:30.0500 3528 ============================================================
14:22:30.0500 3528 C: <-> \Device\Harddisk0\DR0\Partition1
14:22:30.0500 3528 ============================================================
14:22:30.0500 3528 Initialize success
14:22:30.0500 3528 ============================================================
14:23:11.0093 0912 ============================================================
14:23:11.0093 0912 Scan started
14:23:11.0093 0912 Mode: Manual; SigCheck; TDLFS;
14:23:11.0093 0912 ============================================================
14:23:12.0687 0912 ================ Scan system memory ========================
14:23:12.0687 0912 System memory - ok
14:23:12.0687 0912 ================ Scan services =============================
14:23:12.0859 0912 Abiosdsk - ok
14:23:12.0859 0912 abp480n5 - ok
14:23:12.0890 0912 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:23:14.0562 0912 ACPI - ok
14:23:14.0578 0912 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:23:14.0765 0912 ACPIEC - ok
14:23:14.0765 0912 adpu160m - ok
14:23:14.0781 0912 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:23:15.0062 0912 aec - ok
14:23:15.0078 0912 [ 20F078136F3BDC4C0405C0527B769303 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
14:23:15.0109 0912 AESTAud - ok
14:23:15.0125 0912 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:23:15.0312 0912 AFD - ok
14:23:15.0328 0912 Aha154x - ok
14:23:15.0328 0912 aic78u2 - ok
14:23:15.0343 0912 aic78xx - ok
14:23:15.0359 0912 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:23:15.0546 0912 Alerter - ok
14:23:15.0546 0912 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
14:23:15.0625 0912 ALG - ok
14:23:15.0640 0912 AliIde - ok
14:23:15.0640 0912 amsint - ok
14:23:15.0656 0912 AppMgmt - ok
14:23:15.0656 0912 asc - ok
14:23:15.0671 0912 asc3350p - ok
14:23:15.0687 0912 asc3550 - ok
14:23:15.0718 0912 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:23:15.0734 0912 aspnet_state - ok
14:23:15.0734 0912 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:23:15.0937 0912 AsyncMac - ok
14:23:16.0062 0912 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:23:16.0250 0912 atapi - ok
14:23:16.0265 0912 Atdisk - ok
14:23:16.0281 0912 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:23:16.0484 0912 Atmarpc - ok
14:23:16.0484 0912 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:23:16.0687 0912 AudioSrv - ok
14:23:16.0703 0912 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:23:16.0890 0912 audstub - ok
14:23:16.0968 0912 [ C89327377D4B62DC792E8930EA55F571 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:23:17.0265 0912 BCM43XX - ok
14:23:17.0281 0912 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:23:17.0484 0912 Beep - ok
14:23:17.0515 0912 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:23:17.0921 0912 BITS - ok
14:23:17.0937 0912 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:23:17.0968 0912 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
14:23:17.0968 0912 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
14:23:17.0984 0912 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
14:23:18.0250 0912 Browser - ok
14:23:18.0281 0912 [ 4B43DFE1C1FBB305A1DC5504EF9BB34E ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
14:23:18.0406 0912 btaudio - ok
14:23:18.0421 0912 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
14:23:18.0437 0912 BTDriver - ok
14:23:18.0484 0912 [ B4355289CB2EBCC91AE995F916D271B7 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
14:23:18.0718 0912 BTKRNL - ok
14:23:18.0750 0912 [ 31B026ADD54CBD695709E56D7677A07B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
14:23:18.0828 0912 btwdins - ok
14:23:18.0875 0912 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
14:23:19.0031 0912 BTWDNDIS - ok
14:23:19.0046 0912 [ 949ECA9C56F657C06D3166D51F3226C7 ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
14:23:19.0078 0912 btwhid - ok
14:23:19.0078 0912 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:23:19.0328 0912 cbidf2k - ok
14:23:19.0343 0912 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:23:19.0546 0912 CCDECODE - ok
14:23:19.0546 0912 cd20xrnt - ok
14:23:19.0562 0912 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:23:19.0765 0912 Cdaudio - ok
14:23:19.0781 0912 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:23:19.0984 0912 Cdfs - ok
14:23:20.0000 0912 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:23:20.0203 0912 Cdrom - ok
14:23:20.0203 0912 Changer - ok
14:23:20.0218 0912 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:23:20.0421 0912 CiSvc - ok
14:23:20.0437 0912 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:23:20.0640 0912 ClipSrv - ok
14:23:20.0640 0912 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:23:20.0656 0912 clr_optimization_v2.0.50727_32 - ok
14:23:20.0671 0912 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:23:20.0875 0912 CmBatt - ok
14:23:20.0875 0912 CmdIde - ok
14:23:20.0890 0912 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:23:21.0093 0912 Compbatt - ok
14:23:21.0109 0912 COMSysApp - ok
14:23:21.0125 0912 Cpqarray - ok
14:23:21.0140 0912 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:23:21.0343 0912 CryptSvc - ok
14:23:21.0343 0912 dac2w2k - ok
14:23:21.0359 0912 dac960nt - ok
14:23:21.0390 0912 [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:23:21.0765 0912 DcomLaunch - ok
14:23:21.0781 0912 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:23:22.0140 0912 Dhcp - ok
14:23:22.0218 0912 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:23:22.0421 0912 Disk - ok
14:23:22.0437 0912 dmadmin - ok
14:23:22.0468 0912 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:23:23.0734 0912 dmboot - ok
14:23:23.0750 0912 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:23:23.0953 0912 dmio - ok
14:23:23.0953 0912 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:23:24.0156 0912 dmload - ok
14:23:24.0156 0912 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:23:24.0359 0912 dmserver - ok
14:23:24.0375 0912 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:23:24.0578 0912 DMusic - ok
14:23:24.0578 0912 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:23:24.0781 0912 Dnscache - ok
14:23:24.0796 0912 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:23:25.0000 0912 Dot3svc - ok
14:23:25.0015 0912 dpti2o - ok
14:23:25.0031 0912 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:23:25.0218 0912 drmkaud - ok
14:23:25.0234 0912 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:23:25.0437 0912 EapHost - ok
14:23:25.0437 0912 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:23:25.0640 0912 ERSvc - ok
14:23:25.0656 0912 [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog C:\WINDOWS\system32\services.exe
14:23:25.0859 0912 Eventlog - ok
14:23:25.0875 0912 [ 19A799805B24990867B00C120D300C3A ] EventSystem C:\WINDOWS\system32\es.dll
14:23:26.0093 0912 EventSystem - ok
14:23:26.0109 0912 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:23:26.0312 0912 Fastfat - ok
14:23:26.0328 0912 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:23:26.0531 0912 FastUserSwitchingCompatibility - ok
14:23:26.0546 0912 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:23:26.0734 0912 Fdc - ok
14:23:26.0750 0912 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:23:26.0953 0912 Fips - ok
14:23:27.0000 0912 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:23:27.0203 0912 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:23:27.0203 0912 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:23:27.0203 0912 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:23:27.0406 0912 Flpydisk - ok
14:23:27.0421 0912 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:23:27.0625 0912 FltMgr - ok
14:23:27.0640 0912 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:23:27.0843 0912 Fs_Rec - ok
14:23:27.0859 0912 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:23:28.0062 0912 Ftdisk - ok
14:23:28.0062 0912 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:23:28.0265 0912 Gpc - ok
14:23:28.0281 0912 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:23:28.0468 0912 HDAudBus - ok
14:23:28.0484 0912 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:23:28.0687 0912 helpsvc - ok
14:23:28.0687 0912 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:23:28.0890 0912 HidServ - ok
14:23:28.0890 0912 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:23:29.0093 0912 hidusb - ok
14:23:29.0109 0912 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:23:29.0296 0912 hkmsvc - ok
14:23:29.0296 0912 hpn - ok
14:23:29.0328 0912 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
14:23:29.0343 0912 hpqwmiex - ok
14:23:29.0359 0912 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:23:29.0562 0912 HTTP - ok
14:23:29.0578 0912 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:23:29.0781 0912 HTTPFilter - ok
14:23:29.0781 0912 i2omgmt - ok
14:23:29.0796 0912 i2omp - ok
14:23:29.0812 0912 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:23:30.0000 0912 i8042prt - ok
14:23:30.0234 0912 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:23:31.0312 0912 ialm - ok
14:23:31.0328 0912 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:23:31.0531 0912 Imapi - ok
14:23:31.0609 0912 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:23:31.0796 0912 ImapiService - ok
14:23:31.0812 0912 ini910u - ok
14:23:31.0828 0912 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:23:32.0031 0912 IntelIde - ok
14:23:32.0031 0912 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:23:32.0234 0912 intelppm - ok
14:23:32.0234 0912 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:23:32.0437 0912 Ip6Fw - ok
14:23:32.0437 0912 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:23:32.0640 0912 IpFilterDriver - ok
14:23:32.0640 0912 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:23:32.0828 0912 IpInIp - ok
14:23:32.0843 0912 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:23:33.0046 0912 IpNat - ok
14:23:33.0062 0912 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:23:33.0250 0912 IPSec - ok
14:23:33.0265 0912 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:23:33.0328 0912 IRENUM - ok
14:23:33.0343 0912 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:23:33.0546 0912 isapnp - ok
14:23:33.0562 0912 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:23:33.0578 0912 JavaQuickStarterService - ok
14:23:33.0593 0912 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:23:33.0796 0912 Kbdclass - ok
14:23:33.0812 0912 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:23:34.0015 0912 kmixer - ok
14:23:34.0015 0912 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:23:34.0218 0912 KSecDD - ok
14:23:34.0234 0912 [ F385F4B02C535BFFE1D70CAB80838123 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:23:34.0421 0912 LanmanServer - ok
14:23:34.0437 0912 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:23:34.0640 0912 lanmanworkstation - ok
14:23:34.0656 0912 lbrtfdc - ok
14:23:34.0671 0912 [ 31D8B705DCD5F2366186E731F87C7A71 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:23:34.0687 0912 LightScribeService - ok
14:23:34.0687 0912 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:23:34.0890 0912 LmHosts - ok
14:23:34.0890 0912 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:23:35.0171 0912 Messenger - ok
14:23:35.0187 0912 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:23:35.0375 0912 mnmdd - ok
14:23:35.0390 0912 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:23:35.0578 0912 mnmsrvc - ok
14:23:35.0593 0912 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:23:35.0781 0912 Modem - ok
14:23:35.0796 0912 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:23:35.0984 0912 Mouclass - ok
14:23:35.0984 0912 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:23:36.0171 0912 mouhid - ok
14:23:36.0187 0912 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:23:36.0375 0912 MountMgr - ok
14:23:36.0390 0912 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:23:36.0421 0912 MozillaMaintenance - ok
14:23:36.0421 0912 mraid35x - ok
14:23:36.0437 0912 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:23:36.0671 0912 MRxDAV - ok
14:23:36.0718 0912 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:23:37.0078 0912 MRxSmb - ok
14:23:37.0093 0912 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:23:37.0281 0912 MSDTC - ok
14:23:37.0296 0912 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:23:37.0500 0912 Msfs - ok
14:23:37.0515 0912 MSIServer - ok
14:23:37.0515 0912 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:23:37.0703 0912 MSKSSRV - ok
14:23:37.0718 0912 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:23:37.0906 0912 MSPCLOCK - ok
14:23:37.0984 0912 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:23:38.0171 0912 MSPQM - ok
14:23:38.0187 0912 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:23:38.0375 0912 mssmbios - ok
14:23:38.0390 0912 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:23:38.0578 0912 MSTEE - ok
14:23:38.0578 0912 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:23:38.0765 0912 Mup - ok
14:23:38.0781 0912 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:23:38.0984 0912 NABTSFEC - ok
14:23:39.0000 0912 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:23:39.0218 0912 napagent - ok
14:23:39.0234 0912 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:23:39.0437 0912 NDIS - ok
14:23:39.0437 0912 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:23:39.0625 0912 NdisIP - ok
14:23:39.0640 0912 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:23:39.0828 0912 NdisTapi - ok
14:23:39.0828 0912 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:23:40.0031 0912 Ndisuio - ok
14:23:40.0046 0912 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:23:40.0218 0912 NdisWan - ok
14:23:40.0234 0912 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:23:40.0421 0912 NDProxy - ok
14:23:40.0437 0912 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:23:40.0625 0912 NetBIOS - ok
14:23:40.0640 0912 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:23:40.0828 0912 NetBT - ok
14:23:40.0843 0912 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
14:23:41.0031 0912 NetDDE - ok
14:23:41.0031 0912 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:23:41.0234 0912 NetDDEdsdm - ok
14:23:41.0234 0912 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:23:41.0421 0912 Netlogon - ok
14:23:41.0437 0912 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
14:23:41.0640 0912 Netman - ok
14:23:41.0656 0912 [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla C:\WINDOWS\System32\mswsock.dll
14:23:41.0984 0912 Nla - ok
14:23:42.0015 0912 [ DBB5F7B1A4F109CD7A1ABD3AC7A10D39 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
14:23:42.0031 0912 NMIndexingService - ok
14:23:42.0046 0912 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:23:42.0234 0912 Npfs - ok
14:23:42.0265 0912 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:23:42.0609 0912 Ntfs - ok
14:23:42.0625 0912 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:23:42.0812 0912 NtLmSsp - ok
14:23:42.0843 0912 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:23:43.0140 0912 NtmsSvc - ok
14:23:43.0218 0912 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:23:43.0656 0912 Null - ok
14:23:43.0671 0912 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:23:43.0843 0912 NwlnkFlt - ok
14:23:43.0859 0912 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:23:44.0031 0912 NwlnkFwd - ok
14:23:44.0046 0912 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:23:44.0234 0912 Parport - ok
14:23:44.0234 0912 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:23:44.0421 0912 PartMgr - ok
14:23:44.0437 0912 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:23:44.0609 0912 ParVdm - ok
14:23:44.0625 0912 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:23:44.0796 0912 PCI - ok
14:23:44.0812 0912 PCIDump - ok
14:23:44.0812 0912 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:23:45.0000 0912 PCIIde - ok
14:23:45.0015 0912 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:23:45.0203 0912 Pcmcia - ok
14:23:45.0203 0912 PDCOMP - ok
14:23:45.0218 0912 PDFRAME - ok
14:23:45.0218 0912 PDRELI - ok
14:23:45.0234 0912 PDRFRAME - ok
14:23:45.0250 0912 perc2 - ok
14:23:45.0250 0912 perc2hib - ok
14:23:45.0281 0912 [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay C:\WINDOWS\system32\services.exe
14:23:45.0468 0912 PlugPlay - ok
14:23:45.0468 0912 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:23:45.0671 0912 PolicyAgent - ok
14:23:45.0671 0912 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:23:45.0859 0912 PptpMiniport - ok
14:23:45.0859 0912 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:23:46.0046 0912 ProtectedStorage - ok
14:23:46.0062 0912 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:23:46.0234 0912 PSched - ok
14:23:46.0250 0912 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:23:46.0421 0912 Ptilink - ok
14:23:46.0437 0912 ql1080 - ok
14:23:46.0437 0912 Ql10wnt - ok
14:23:46.0453 0912 ql12160 - ok
14:23:46.0468 0912 ql1240 - ok
14:23:46.0468 0912 ql1280 - ok
14:23:46.0484 0912 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:23:46.0671 0912 RasAcd - ok
14:23:46.0671 0912 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:23:46.0859 0912 RasAuto - ok
14:23:46.0875 0912 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:23:47.0046 0912 Rasl2tp - ok
14:23:47.0062 0912 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:23:47.0250 0912 RasMan - ok
14:23:47.0265 0912 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:23:47.0437 0912 RasPppoe - ok
14:23:47.0453 0912 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:23:47.0625 0912 Raspti - ok
14:23:47.0640 0912 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:23:47.0843 0912 Rdbss - ok
14:23:47.0859 0912 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:23:48.0031 0912 RDPCDD - ok
14:23:48.0062 0912 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:23:48.0234 0912 RDPWD - ok
14:23:48.0250 0912 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:23:48.0437 0912 RDSessMgr - ok
14:23:48.0453 0912 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:23:48.0625 0912 redbook - ok
14:23:48.0640 0912 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:23:48.0812 0912 RemoteAccess - ok
14:23:48.0828 0912 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:23:49.0015 0912 RpcLocator - ok
14:23:49.0031 0912 [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:23:49.0296 0912 RpcSs - ok
14:23:49.0312 0912 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:23:49.0500 0912 RSVP - ok
14:23:49.0515 0912 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:23:49.0687 0912 SamSs - ok
14:23:49.0703 0912 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:23:49.0890 0912 SCardSvr - ok
14:23:49.0906 0912 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:23:50.0093 0912 Schedule - ok
14:23:50.0109 0912 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:23:50.0171 0912 Secdrv - ok
14:23:50.0187 0912 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:23:50.0375 0912 seclogon - ok
14:23:50.0375 0912 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
14:23:50.0562 0912 SENS - ok
14:23:50.0578 0912 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
14:23:50.0750 0912 Serial - ok
14:23:50.0765 0912 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:23:50.0937 0912 Sfloppy - ok
14:23:51.0000 0912 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:23:51.0281 0912 SharedAccess - ok
14:23:51.0296 0912 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:23:51.0468 0912 ShellHWDetection - ok
14:23:51.0484 0912 Simbad - ok
14:23:51.0484 0912 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:23:51.0687 0912 SLIP - ok
14:23:51.0703 0912 Sparrow - ok
14:23:51.0718 0912 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:23:51.0890 0912 splitter - ok
14:23:51.0906 0912 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:23:52.0296 0912 Spooler - ok
14:23:52.0312 0912 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:23:52.0390 0912 sr - ok
14:23:52.0406 0912 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:23:52.0515 0912 srservice - ok
14:23:52.0546 0912 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:23:52.0890 0912 Srv - ok
14:23:52.0984 0912 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:23:53.0109 0912 SSDPSRV - ok
14:23:53.0125 0912 [ 5AC04717DDD1A3029FB210BCE67F3DC0 ] STacSV C:\Program Files\IDT\WDM\STacSV.exe
14:23:53.0171 0912 STacSV - ok
14:23:53.0234 0912 [ 32C6DF3F7D1241FD8348498B31152131 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
14:23:53.0515 0912 STHDA - ok
14:23:53.0546 0912 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:23:53.0875 0912 stisvc - ok
14:23:53.0890 0912 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:23:54.0062 0912 streamip - ok
14:23:54.0078 0912 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:23:54.0250 0912 swenum - ok
14:23:54.0250 0912 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:23:54.0437 0912 swmidi - ok
14:23:54.0453 0912 SwPrv - ok
14:23:54.0468 0912 symc810 - ok
14:23:54.0468 0912 symc8xx - ok
14:23:54.0484 0912 sym_hi - ok
14:23:54.0484 0912 sym_u3 - ok
14:23:54.0515 0912 [ C8CC806F0506E9F168750371D37EEE18 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:23:54.0546 0912 SynTP - ok
14:23:54.0546 0912 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:23:54.0734 0912 sysaudio - ok
14:23:54.0750 0912 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:23:54.0968 0912 SysmonLog - ok
14:23:54.0984 0912 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:23:55.0171 0912 TapiSrv - ok
14:23:55.0187 0912 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:23:55.0468 0912 Tcpip - ok
14:23:55.0484 0912 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:23:55.0656 0912 TDPIPE - ok
14:23:55.0671 0912 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:23:55.0843 0912 TDTCP - ok
14:23:55.0859 0912 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:23:56.0031 0912 TermDD - ok
14:23:56.0046 0912 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
14:23:56.0234 0912 TermService - ok
14:23:56.0250 0912 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:23:56.0421 0912 Themes - ok
14:23:56.0437 0912 TosIde - ok
14:23:56.0453 0912 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:23:56.0640 0912 TrkWks - ok
14:23:56.0656 0912 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:23:56.0828 0912 Udfs - ok
14:23:56.0843 0912 ultra - ok
14:23:56.0859 0912 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:23:57.0656 0912 Update - ok
14:23:57.0671 0912 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:23:57.0750 0912 upnphost - ok
14:23:57.0750 0912 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
14:23:57.0968 0912 UPS - ok
14:23:58.0078 0912 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:23:58.0250 0912 usbccgp - ok
14:23:58.0250 0912 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:23:58.0421 0912 usbehci - ok
14:23:58.0437 0912 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:23:58.0625 0912 usbhub - ok
14:23:58.0640 0912 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:23:58.0812 0912 usbstor - ok
14:23:58.0812 0912 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:23:59.0046 0912 usbuhci - ok
14:23:59.0125 0912 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
14:23:59.0296 0912 usbvideo - ok
14:23:59.0312 0912 [ C5B70A6AA947667CE0E5FC84A05EC8B6 ] usnjsvc C:\Program Files\MSN Messenger\usnsvc.exe
14:23:59.0328 0912 usnjsvc - ok
14:23:59.0328 0912 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:23:59.0515 0912 VgaSave - ok
14:23:59.0515 0912 ViaIde - ok
14:23:59.0531 0912 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:23:59.0734 0912 VolSnap - ok
14:23:59.0765 0912 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
14:23:59.0843 0912 VSS - ok
14:23:59.0859 0912 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
14:24:00.0046 0912 W32Time - ok
14:24:00.0062 0912 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:24:00.0234 0912 Wanarp - ok
14:24:00.0234 0912 WDICA - ok
14:24:00.0250 0912 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:24:00.0421 0912 wdmaud - ok
14:24:00.0437 0912 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:24:00.0625 0912 WebClient - ok
14:24:00.0640 0912 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:24:00.0812 0912 winmgmt - ok
14:24:00.0843 0912 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:24:00.0859 0912 WmdmPmSN - ok
14:24:00.0875 0912 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:24:01.0046 0912 WmiAcpi - ok
14:24:01.0062 0912 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:24:01.0234 0912 WmiApSrv - ok
14:24:01.0281 0912 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:24:01.0546 0912 WMPNetworkSvc - ok
14:24:01.0562 0912 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:24:01.0734 0912 wscsvc - ok
14:24:01.0750 0912 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:24:01.0968 0912 WSTCODEC - ok
14:24:01.0984 0912 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:24:02.0156 0912 wuauserv - ok
14:24:02.0250 0912 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:24:02.0265 0912 WudfPf - ok
14:24:02.0281 0912 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:24:02.0296 0912 WudfRd - ok
14:24:02.0312 0912 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:24:02.0328 0912 WudfSvc - ok
14:24:02.0359 0912 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:24:02.0703 0912 WZCSVC - ok
14:24:02.0718 0912 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:24:02.0890 0912 xmlprov - ok
14:24:02.0921 0912 [ 849494D3F85A45231744CA7470246C71 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
14:24:02.0968 0912 yukonwxp - ok
14:24:03.0000 0912 ================ Scan global ===============================
14:24:03.0000 0912 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:24:03.0031 0912 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
14:24:03.0062 0912 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
14:24:03.0078 0912 [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
14:24:03.0078 0912 [Global] - ok
14:24:03.0078 0912 ================ Scan MBR ==================================
14:24:03.0078 0912 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:24:03.0343 0912 \Device\Harddisk0\DR0 - ok
14:24:03.0359 0912 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR2
14:24:03.0781 0912 \Device\Harddisk1\DR2 - ok
14:24:03.0781 0912 ================ Scan VBR ==================================
14:24:03.0796 0912 [ 69A37BAB93B1E4FB7AA8D3BBCD37D5EA ] \Device\Harddisk0\DR0\Partition1
14:24:03.0796 0912 \Device\Harddisk0\DR0\Partition1 - ok
14:24:03.0812 0912 [ CAEED1EBDB5F5BD00EE9CF1C9260C822 ] \Device\Harddisk1\DR2\Partition1
14:24:03.0812 0912 \Device\Harddisk1\DR2\Partition1 - ok
14:24:03.0812 0912 ============================================================
14:24:03.0812 0912 Scan finished
14:24:03.0812 0912 ============================================================
14:24:03.0937 2732 Detected object count: 2
14:24:03.0937 2732 Actual detected object count: 2
14:24:55.0468 2732 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:55.0468 2732 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:55.0468 2732 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:55.0468 2732 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:18.0984 3996 ============================================================
14:26:18.0984 3996 Scan started
14:26:18.0984 3996 Mode: Manual; SigCheck; TDLFS;
14:26:18.0984 3996 ============================================================
14:26:19.0500 3996 ================ Scan system memory ========================
14:26:19.0515 3996 System memory - ok
14:26:19.0515 3996 ================ Scan services =============================
14:26:19.0609 3996 Abiosdsk - ok
14:26:19.0609 3996 abp480n5 - ok
14:26:19.0625 3996 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:26:20.0468 3996 ACPI - ok
14:26:20.0468 3996 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:26:20.0656 3996 ACPIEC - ok
14:26:20.0671 3996 adpu160m - ok
14:26:20.0687 3996 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:26:20.0859 3996 aec - ok
14:26:20.0875 3996 [ 20F078136F3BDC4C0405C0527B769303 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
14:26:20.0984 3996 AESTAud - ok
14:26:21.0000 3996 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:26:21.0171 3996 AFD - ok
14:26:21.0187 3996 Aha154x - ok
14:26:21.0187 3996 aic78u2 - ok
14:26:21.0203 3996 aic78xx - ok
14:26:21.0218 3996 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:26:21.0390 3996 Alerter - ok
14:26:21.0406 3996 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
14:26:21.0468 3996 ALG - ok
14:26:21.0468 3996 AliIde - ok
14:26:21.0484 3996 amsint - ok
14:26:21.0500 3996 AppMgmt - ok
14:26:21.0500 3996 asc - ok
14:26:21.0515 3996 asc3350p - ok
14:26:21.0531 3996 asc3550 - ok
14:26:21.0562 3996 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:26:21.0578 3996 aspnet_state - ok
14:26:21.0578 3996 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:26:21.0765 3996 AsyncMac - ok
14:26:21.0781 3996 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:26:21.0984 3996 atapi - ok
14:26:21.0984 3996 Atdisk - ok
14:26:22.0000 3996 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:26:22.0171 3996 Atmarpc - ok
14:26:22.0187 3996 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:26:22.0375 3996 AudioSrv - ok
14:26:22.0375 3996 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:26:22.0546 3996 audstub - ok
14:26:22.0625 3996 [ C89327377D4B62DC792E8930EA55F571 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:26:22.0890 3996 BCM43XX - ok
14:26:22.0906 3996 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:26:23.0078 3996 Beep - ok
14:26:23.0109 3996 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:26:23.0453 3996 BITS - ok
14:26:23.0484 3996 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:26:23.0500 3996 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
14:26:23.0500 3996 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
14:26:23.0515 3996 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
14:26:23.0718 3996 Browser - ok
14:26:23.0750 3996 [ 4B43DFE1C1FBB305A1DC5504EF9BB34E ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
14:26:23.0875 3996 btaudio - ok
14:26:23.0890 3996 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
14:26:23.0890 3996 BTDriver - ok
14:26:23.0937 3996 [ B4355289CB2EBCC91AE995F916D271B7 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
14:26:24.0265 3996 BTKRNL - ok
14:26:24.0312 3996 [ 31B026ADD54CBD695709E56D7677A07B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
14:26:24.0437 3996 btwdins - ok
14:26:24.0468 3996 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
14:26:24.0500 3996 BTWDNDIS - ok
14:26:24.0515 3996 [ 949ECA9C56F657C06D3166D51F3226C7 ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
14:26:24.0546 3996 btwhid - ok
14:26:24.0562 3996 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:26:24.0765 3996 cbidf2k - ok
14:26:24.0781 3996 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:26:24.0953 3996 CCDECODE - ok
14:26:24.0968 3996 cd20xrnt - ok
14:26:24.0984 3996 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:26:25.0156 3996 Cdaudio - ok
14:26:25.0171 3996 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:26:25.0343 3996 Cdfs - ok
14:26:25.0359 3996 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:26:25.0531 3996 Cdrom - ok
14:26:25.0546 3996 Changer - ok
14:26:25.0562 3996 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:26:25.0718 3996 CiSvc - ok
14:26:25.0734 3996 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:26:25.0984 3996 ClipSrv - ok
14:26:26.0000 3996 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:26:26.0015 3996 clr_optimization_v2.0.50727_32 - ok
14:26:26.0015 3996 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:26:26.0203 3996 CmBatt - ok
14:26:26.0203 3996 CmdIde - ok
14:26:26.0218 3996 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:26:26.0390 3996 Compbatt - ok
14:26:26.0406 3996 COMSysApp - ok
14:26:26.0421 3996 Cpqarray - ok
14:26:26.0437 3996 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:26:26.0609 3996 CryptSvc - ok
14:26:26.0625 3996 dac2w2k - ok
14:26:26.0625 3996 dac960nt - ok
14:26:26.0656 3996 [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:26:26.0890 3996 DcomLaunch - ok
14:26:26.0906 3996 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:26:27.0078 3996 Dhcp - ok
14:26:27.0093 3996 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:26:27.0281 3996 Disk - ok
14:26:27.0296 3996 dmadmin - ok
14:26:27.0328 3996 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:26:27.0687 3996 dmboot - ok
14:26:27.0703 3996 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:26:27.0875 3996 dmio - ok
14:26:27.0890 3996 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:26:28.0078 3996 dmload - ok
14:26:28.0093 3996 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:26:28.0265 3996 dmserver - ok
14:26:28.0281 3996 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:26:28.0437 3996 DMusic - ok
14:26:28.0453 3996 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:26:28.0625 3996 Dnscache - ok
14:26:28.0640 3996 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:26:28.0812 3996 Dot3svc - ok
14:26:28.0828 3996 dpti2o - ok
14:26:28.0828 3996 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:26:29.0000 3996 drmkaud - ok
14:26:29.0015 3996 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:26:29.0187 3996 EapHost - ok
14:26:29.0218 3996 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:26:29.0453 3996 ERSvc - ok
14:26:29.0468 3996 [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog C:\WINDOWS\system32\services.exe
14:26:29.0640 3996 Eventlog - ok
14:26:29.0656 3996 [ 19A799805B24990867B00C120D300C3A ] EventSystem C:\WINDOWS\system32\es.dll
14:26:29.0828 3996 EventSystem - ok
14:26:29.0843 3996 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:26:30.0015 3996 Fastfat - ok
14:26:30.0031 3996 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:26:30.0218 3996 FastUserSwitchingCompatibility - ok
14:26:30.0234 3996 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:26:30.0421 3996 Fdc - ok
14:26:30.0421 3996 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:26:30.0609 3996 Fips - ok
14:26:30.0640 3996 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:26:30.0843 3996 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:26:30.0843 3996 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:26:30.0859 3996 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:26:31.0031 3996 Flpydisk - ok
14:26:31.0046 3996 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:26:31.0234 3996 FltMgr - ok
14:26:31.0250 3996 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:26:31.0437 3996 Fs_Rec - ok
14:26:31.0437 3996 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:26:31.0625 3996 Ftdisk - ok
14:26:31.0625 3996 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:26:31.0796 3996 Gpc - ok
14:26:31.0812 3996 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:26:32.0046 3996 HDAudBus - ok
14:26:32.0062 3996 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:26:32.0234 3996 helpsvc - ok
14:26:32.0250 3996 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:26:32.0421 3996 HidServ - ok
14:26:32.0421 3996 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:26:32.0593 3996 hidusb - ok
14:26:32.0609 3996 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:26:32.0781 3996 hkmsvc - ok
14:26:32.0781 3996 hpn - ok
14:26:32.0796 3996 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
14:26:32.0812 3996 hpqwmiex - ok
14:26:32.0843 3996 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:26:33.0015 3996 HTTP - ok
14:26:33.0031 3996 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:26:33.0250 3996 HTTPFilter - ok
14:26:33.0265 3996 i2omgmt - ok
14:26:33.0265 3996 i2omp - ok
14:26:33.0281 3996 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:26:33.0500 3996 i8042prt - ok
14:26:33.0734 3996 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:26:34.0609 3996 ialm - ok
14:26:34.0625 3996 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:26:34.0796 3996 Imapi - ok
14:26:34.0812 3996 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:26:35.0046 3996 ImapiService - ok
14:26:35.0062 3996 ini910u - ok
14:26:35.0078 3996 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:26:35.0250 3996 IntelIde - ok
14:26:35.0265 3996 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:26:35.0437 3996 intelppm - ok
14:26:35.0453 3996 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:26:35.0640 3996 Ip6Fw - ok
14:26:35.0656 3996 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:26:35.0828 3996 IpFilterDriver - ok
14:26:35.0828 3996 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:26:36.0000 3996 IpInIp - ok
14:26:36.0015 3996 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:26:36.0203 3996 IpNat - ok
14:26:36.0328 3996 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:26:36.0531 3996 IPSec - ok
14:26:36.0546 3996 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:26:36.0609 3996 IRENUM - ok
14:26:36.0625 3996 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:26:36.0812 3996 isapnp - ok
14:26:36.0828 3996 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:26:36.0843 3996 JavaQuickStarterService - ok
14:26:36.0859 3996 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:26:37.0062 3996 Kbdclass - ok
14:26:37.0078 3996 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:26:37.0250 3996 kmixer - ok
14:26:37.0265 3996 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:26:37.0437 3996 KSecDD - ok
14:26:37.0453 3996 [ F385F4B02C535BFFE1D70CAB80838123 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:26:37.0640 3996 LanmanServer - ok
14:26:37.0656 3996 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:26:37.0828 3996 lanmanworkstation - ok
14:26:37.0843 3996 lbrtfdc - ok
14:26:37.0859 3996 [ 31D8B705DCD5F2366186E731F87C7A71 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:26:37.0875 3996 LightScribeService - ok
14:26:37.0875 3996 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:26:38.0046 3996 LmHosts - ok
14:26:38.0062 3996 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:26:38.0234 3996 Messenger - ok
14:26:38.0421 3996 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:26:38.0593 3996 mnmdd - ok
14:26:38.0890 3996 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:26:39.0109 3996 mnmsrvc - ok
14:26:39.0109 3996 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:26:39.0312 3996 Modem - ok
14:26:39.0468 3996 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:26:39.0687 3996 Mouclass - ok
14:26:39.0687 3996 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:26:39.0859 3996 mouhid - ok
14:26:39.0875 3996 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:26:40.0046 3996 MountMgr - ok
14:26:40.0062 3996 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:26:40.0078 3996 MozillaMaintenance - ok
14:26:40.0093 3996 mraid35x - ok
14:26:40.0109 3996 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:26:40.0281 3996 MRxDAV - ok
14:26:40.0312 3996 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:26:40.0656 3996 MRxSmb - ok
14:26:40.0671 3996 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:26:40.0843 3996 MSDTC - ok
14:26:40.0843 3996 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:26:41.0046 3996 Msfs - ok
14:26:41.0046 3996 MSIServer - ok
14:26:41.0062 3996 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:26:41.0234 3996 MSKSSRV - ok
14:26:41.0250 3996 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:26:41.0421 3996 MSPCLOCK - ok
14:26:41.0421 3996 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:26:41.0593 3996 MSPQM - ok
14:26:41.0609 3996 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:26:41.0781 3996 mssmbios - ok
14:26:41.0796 3996 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:26:41.0984 3996 MSTEE - ok
14:26:42.0000 3996 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:26:42.0171 3996 Mup - ok
14:26:42.0187 3996 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:26:42.0359 3996 NABTSFEC - ok
14:26:42.0375 3996 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:26:42.0562 3996 napagent - ok
14:26:42.0578 3996 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:26:42.0750 3996 NDIS - ok
14:26:42.0765 3996 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:26:42.0937 3996 NdisIP - ok
14:26:42.0968 3996 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:26:43.0125 3996 NdisTapi - ok
14:26:43.0140 3996 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:26:43.0312 3996 Ndisuio - ok
14:26:43.0328 3996 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:26:43.0500 3996 NdisWan - ok
14:26:43.0500 3996 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:26:43.0671 3996 NDProxy - ok
14:26:43.0781 3996 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:26:43.0984 3996 NetBIOS - ok
14:26:44.0000 3996 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:26:44.0171 3996 NetBT - ok
14:26:44.0187 3996 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
14:26:44.0359 3996 NetDDE - ok
14:26:44.0359 3996 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:26:44.0531 3996 NetDDEdsdm - ok
14:26:44.0546 3996 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:26:44.0718 3996 Netlogon - ok
14:26:44.0734 3996 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
14:26:44.0984 3996 Netman - ok
14:26:45.0000 3996 [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla C:\WINDOWS\System32\mswsock.dll
14:26:45.0171 3996 Nla - ok
14:26:45.0203 3996 [ DBB5F7B1A4F109CD7A1ABD3AC7A10D39 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
14:26:45.0218 3996 NMIndexingService - ok
14:26:45.0234 3996 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:26:45.0406 3996 Npfs - ok
14:26:45.0437 3996 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:26:45.0703 3996 Ntfs - ok
14:26:45.0718 3996 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:26:45.0890 3996 NtLmSsp - ok
14:26:45.0906 3996 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:26:46.0187 3996 NtmsSvc - ok
14:26:46.0187 3996 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:26:46.0359 3996 Null - ok
14:26:46.0375 3996 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:26:46.0546 3996 NwlnkFlt - ok
14:26:46.0546 3996 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:26:46.0718 3996 NwlnkFwd - ok
14:26:46.0734 3996 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:26:46.0984 3996 Parport - ok
14:26:47.0000 3996 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:26:47.0156 3996 PartMgr - ok
14:26:47.0171 3996 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:26:47.0343 3996 ParVdm - ok
14:26:47.0359 3996 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:26:47.0515 3996 PCI - ok
14:26:47.0531 3996 PCIDump - ok
14:26:47.0546 3996 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:26:47.0718 3996 PCIIde - ok
14:26:47.0734 3996 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:26:47.0890 3996 Pcmcia - ok
14:26:47.0906 3996 PDCOMP - ok
14:26:47.0921 3996 PDFRAME - ok
14:26:47.0921 3996 PDRELI - ok
14:26:47.0937 3996 PDRFRAME - ok
14:26:47.0953 3996 perc2 - ok
14:26:47.0953 3996 perc2hib - ok
14:26:47.0984 3996 [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay C:\WINDOWS\system32\services.exe
14:26:48.0156 3996 PlugPlay - ok
14:26:48.0171 3996 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:26:48.0343 3996 PolicyAgent - ok
14:26:48.0343 3996 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:26:48.0515 3996 PptpMiniport - ok
14:26:48.0531 3996 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:26:48.0703 3996 ProtectedStorage - ok
14:26:48.0718 3996 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:26:48.0875 3996 PSched - ok
14:26:48.0890 3996 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:26:49.0062 3996 Ptilink - ok
14:26:49.0062 3996 ql1080 - ok
14:26:49.0078 3996 Ql10wnt - ok
14:26:49.0093 3996 ql12160 - ok
14:26:49.0093 3996 ql1240 - ok
14:26:49.0109 3996 ql1280 - ok
14:26:49.0125 3996 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:26:49.0296 3996 RasAcd - ok
14:26:49.0296 3996 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:26:49.0546 3996 RasAuto - ok
14:26:49.0562 3996 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:26:49.0734 3996 Rasl2tp - ok
14:26:49.0750 3996 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:26:49.0953 3996 RasMan - ok
14:26:49.0968 3996 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:26:50.0140 3996 RasPppoe - ok
14:26:50.0156 3996 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:26:50.0312 3996 Raspti - ok
14:26:50.0328 3996 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:26:50.0515 3996 Rdbss - ok
14:26:50.0515 3996 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:26:50.0703 3996 RDPCDD - ok
14:26:50.0718 3996 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:26:50.0890 3996 RDPWD - ok
14:26:50.0906 3996 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:26:51.0078 3996 RDSessMgr - ok
14:26:51.0093 3996 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:26:51.0265 3996 redbook - ok
14:26:51.0281 3996 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:26:51.0453 3996 RemoteAccess - ok
14:26:51.0453 3996 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:26:51.0625 3996 RpcLocator - ok
14:26:51.0656 3996 [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:26:51.0968 3996 RpcSs - ok
14:26:52.0000 3996 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:26:52.0171 3996 RSVP - ok
14:26:52.0171 3996 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:26:52.0343 3996 SamSs - ok
14:26:52.0359 3996 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:26:52.0531 3996 SCardSvr - ok
14:26:52.0546 3996 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:26:52.0718 3996 Schedule - ok
14:26:52.0734 3996 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:26:52.0796 3996 Secdrv - ok
14:26:52.0812 3996 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:26:53.0140 3996 seclogon - ok
14:26:53.0281 3996 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
14:26:53.0531 3996 SENS - ok
14:26:53.0546 3996 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
14:26:53.0781 3996 Serial - ok
14:26:53.0796 3996 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:26:54.0234 3996 Sfloppy - ok
14:26:54.0265 3996 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:26:54.0718 3996 SharedAccess - ok
14:26:54.0734 3996 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:26:55.0062 3996 ShellHWDetection - ok
14:26:55.0062 3996 Simbad - ok
14:26:55.0078 3996 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:26:55.0250 3996 SLIP - ok
14:26:55.0250 3996 Sparrow - ok
14:26:55.0265 3996 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:26:55.0437 3996 splitter - ok
14:26:55.0453 3996 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:26:55.0625 3996 Spooler - ok
14:26:55.0640 3996 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:26:55.0703 3996 sr - ok
14:26:55.0718 3996 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:26:55.0796 3996 srservice - ok
14:26:55.0812 3996 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:26:56.0078 3996 Srv - ok
14:26:56.0093 3996 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:26:56.0156 3996 SSDPSRV - ok
14:26:56.0171 3996 [ 5AC04717DDD1A3029FB210BCE67F3DC0 ] STacSV C:\Program Files\IDT\WDM\STacSV.exe
14:26:56.0203 3996 STacSV - ok
14:26:56.0265 3996 [ 32C6DF3F7D1241FD8348498B31152131 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
14:26:56.0531 3996 STHDA - ok
14:26:56.0546 3996 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:26:56.0859 3996 stisvc - ok
14:26:56.0875 3996 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:26:57.0093 3996 streamip - ok
14:26:57.0109 3996 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:26:57.0281 3996 swenum - ok
14:26:57.0281 3996 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:26:57.0453 3996 swmidi - ok
14:26:57.0468 3996 SwPrv - ok
14:26:57.0468 3996 symc810 - ok
14:26:57.0484 3996 symc8xx - ok
14:26:57.0500 3996 sym_hi - ok
14:26:57.0500 3996 sym_u3 - ok
14:26:57.0531 3996 [ C8CC806F0506E9F168750371D37EEE18 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:26:57.0546 3996 SynTP - ok
14:26:57.0562 3996 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:26:57.0734 3996 sysaudio - ok
14:26:57.0750 3996 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:26:57.0953 3996 SysmonLog - ok
14:26:57.0968 3996 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:26:58.0156 3996 TapiSrv - ok
14:26:58.0171 3996 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:26:58.0453 3996 Tcpip - ok
14:26:58.0468 3996 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:26:58.0625 3996 TDPIPE - ok
14:26:58.0640 3996 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:26:58.0812 3996 TDTCP - ok
14:26:58.0828 3996 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:26:59.0000 3996 TermDD - ok
14:26:59.0015 3996 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
14:26:59.0203 3996 TermService - ok
14:26:59.0203 3996 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:26:59.0375 3996 Themes - ok
14:26:59.0390 3996 TosIde - ok
14:26:59.0406 3996 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:26:59.0578 3996 TrkWks - ok
14:26:59.0593 3996 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:26:59.0765 3996 Udfs - ok
14:26:59.0781 3996 ultra - ok
14:26:59.0796 3996 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:27:00.0062 3996 Update - ok
14:27:00.0078 3996 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:27:00.0156 3996 upnphost - ok
14:27:00.0156 3996 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
14:27:00.0328 3996 UPS - ok
14:27:00.0343 3996 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:27:00.0515 3996 usbccgp - ok
14:27:00.0531 3996 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:27:00.0703 3996 usbehci - ok
14:27:00.0718 3996 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:27:00.0875 3996 usbhub - ok
14:27:00.0890 3996 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:27:01.0062 3996 usbstor - ok
14:27:01.0078 3996 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:27:01.0234 3996 usbuhci - ok
14:27:01.0250 3996 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
14:27:01.0421 3996 usbvideo - ok
14:27:01.0437 3996 [ C5B70A6AA947667CE0E5FC84A05EC8B6 ] usnjsvc C:\Program Files\MSN Messenger\usnsvc.exe
14:27:01.0453 3996 usnjsvc - ok
14:27:01.0468 3996 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:27:01.0640 3996 VgaSave - ok
14:27:01.0640 3996 ViaIde - ok
14:27:01.0656 3996 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:27:01.0828 3996 VolSnap - ok
14:27:01.0843 3996 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
14:27:01.0968 3996 VSS - ok
14:27:01.0984 3996 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
14:27:02.0171 3996 W32Time - ok
14:27:02.0171 3996 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:27:02.0343 3996 Wanarp - ok
14:27:02.0359 3996 WDICA - ok
14:27:02.0375 3996 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:27:02.0546 3996 wdmaud - ok
14:27:02.0546 3996 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:27:02.0734 3996 WebClient - ok
14:27:02.0750 3996 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:27:02.0968 3996 winmgmt - ok
14:27:02.0984 3996 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:27:03.0000 3996 WmdmPmSN - ok
14:27:03.0015 3996 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:27:03.0187 3996 WmiAcpi - ok
14:27:03.0203 3996 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:27:03.0375 3996 WmiApSrv - ok
14:27:03.0406 3996 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:27:03.0656 3996 WMPNetworkSvc - ok
14:27:03.0671 3996 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:27:03.0843 3996 wscsvc - ok
14:27:03.0859 3996 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:27:04.0078 3996 WSTCODEC - ok
14:27:04.0078 3996 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:27:04.0265 3996 wuauserv - ok
14:27:04.0265 3996 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:27:04.0296 3996 WudfPf - ok
14:27:04.0312 3996 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:27:04.0328 3996 WudfRd - ok
14:27:04.0343 3996 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:27:04.0359 3996 WudfSvc - ok
14:27:04.0390 3996 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:27:04.0812 3996 WZCSVC - ok
14:27:04.0828 3996 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:27:05.0046 3996 xmlprov - ok
14:27:05.0062 3996 [ 849494D3F85A45231744CA7470246C71 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
14:27:05.0109 3996 yukonwxp - ok
14:27:05.0125 3996 ================ Scan global ===============================
14:27:05.0140 3996 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:27:05.0156 3996 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
14:27:05.0187 3996 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
14:27:05.0203 3996 [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
14:27:05.0203 3996 [Global] - ok
14:27:05.0203 3996 ================ Scan MBR ==================================
14:27:05.0203 3996 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:27:05.0468 3996 \Device\Harddisk0\DR0 - ok
14:27:05.0468 3996 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR2
14:27:05.0609 3996 \Device\Harddisk1\DR2 - ok
14:27:05.0609 3996 ================ Scan VBR ==================================
14:27:05.0609 3996 [ 69A37BAB93B1E4FB7AA8D3BBCD37D5EA ] \Device\Harddisk0\DR0\Partition1
14:27:05.0625 3996 \Device\Harddisk0\DR0\Partition1 - ok
14:27:05.0625 3996 [ CAEED1EBDB5F5BD00EE9CF1C9260C822 ] \Device\Harddisk1\DR2\Partition1
14:27:05.0625 3996 \Device\Harddisk1\DR2\Partition1 - ok
14:27:05.0625 3996 ============================================================
14:27:05.0625 3996 Scan finished
14:27:05.0625 3996 ============================================================
14:27:05.0656 3916 Detected object count: 2
14:27:05.0656 3916 Actual detected object count: 2
14:27:50.0125 3916 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:27:50.0125 3916 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:27:50.0140 3916 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:27:50.0140 3916 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#8
Essexboy
Posted 28 February 2013 - 01:40 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets check out the net connection next

Please download MiniToolBox, save it to your desktop and run it.
Posted Image
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#9
PeterHamlett
Posted 28 February 2013 - 01:48 PM

PeterHamlett

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I re-ran the aswMBR and have log if you need it.

MiniToolBox by Farbar Version:10-01-2013
Ran by Peter (administrator) on 28-02-2013 at 14:46:01
Running from "C:\Documents and Settings\Peter\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : peter-e3ac03268

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller

Physical Address. . . . . . . . . : 00-24-81-45-2D-3A



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN

Physical Address. . . . . . . . . : 00-24-2B-AD-61-7E

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.104

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Thursday, February 28, 2013 1:59:44 PM

Lease Expires . . . . . . . . . . : Sunday, February 26, 2023 1:59:44 PM

Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.137.139, 74.125.137.100, 74.125.137.101, 74.125.137.102
74.125.137.113, 74.125.137.138



Pinging google.com [74.125.137.102] with 32 bytes of data:



Reply from 74.125.137.102: bytes=32 time=17ms TTL=48

Reply from 74.125.137.102: bytes=32 time=18ms TTL=48



Ping statistics for 74.125.137.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 17ms, Maximum = 18ms, Average = 17ms

Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 206.190.36.45



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=144ms TTL=49

Reply from 98.139.183.24: bytes=32 time=146ms TTL=49



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 144ms, Maximum = 146ms, Average = 145ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 24 81 45 2d 3a ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
0x3 ...00 24 2b ad 61 7e ...... Broadcom 802.11b/g WLAN - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.104 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.2.104 192.168.2.104 30
192.168.2.0 255.255.255.0 192.168.2.104 192.168.2.104 25
192.168.2.104 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.104 192.168.2.104 25
224.0.0.0 240.0.0.0 192.168.2.104 192.168.2.104 25
255.255.255.255 255.255.255.255 192.168.2.104 2 1
255.255.255.255 255.255.255.255 192.168.2.104 192.168.2.104 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/27/2013 07:45:39 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (02/27/2013 07:45:39 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (02/27/2013 07:45:39 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (02/27/2013 07:45:39 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (02/27/2013 07:36:56 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (02/27/2013 07:36:56 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (02/27/2013 07:36:00 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (02/27/2013 07:36:00 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (02/24/2013 09:38:14 PM) (Source: MsiInstaller) (User: PETER-E3AC03268)
Description: Product: Adobe Flash Player 9 ActiveX -- Error 1904.Module C:\WINDOWS\system32\Macromed\Flash\FlDbg9c.ocx failed to register. HRESULT -2147220473. Contact your support personnel.

Error: (02/24/2013 06:15:31 PM) (Source: Application Error) (User: )
Description: Faulting application SetupX.exe, version 1.5.35.6, faulting module SetupX.exe, version 1.5.35.6, fault address 0x0004efa9.
Processing media-specific event for [SetupX.exe!ws!]


System errors:
=============
Error: (02/28/2013 01:55:54 PM) (Source: Service Control Manager) (User: )
Description: The FLEXnet Licensing Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2013 01:55:54 PM) (Source: Service Control Manager) (User: )
Description: The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2013 01:55:53 PM) (Source: Service Control Manager) (User: )
Description: The hpqwmiex service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2013 01:55:52 PM) (Source: Service Control Manager) (User: )
Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2013 01:55:52 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2013 01:55:52 PM) (Source: Service Control Manager) (User: )
Description: The ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2013 01:55:52 PM) (Source: Service Control Manager) (User: )
Description: The Audio Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2013 01:55:52 PM) (Source: Service Control Manager) (User: )
Description: The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/27/2013 08:07:38 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

Error: (02/27/2013 08:07:37 PM) (Source: Service Control Manager) (User: )
Description: The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (02/27/2013 07:45:39 PM) (Source: crypt32)(User: )
Description: http://www.download....rootseq.txtThis network connection does not exist.

Error: (02/27/2013 07:45:39 PM) (Source: crypt32)(User: )
Description: http://www.download....rootseq.txtThis network connection does not exist.

Error: (02/27/2013 07:45:39 PM) (Source: crypt32)(User: )
Description: http://www.download....rootseq.txtThis network connection does not exist.

Error: (02/27/2013 07:45:39 PM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (02/27/2013 07:36:56 PM) (Source: crypt32)(User: )
Description: http://www.download....rootseq.txtThis network connection does not exist.

Error: (02/27/2013 07:36:56 PM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (02/27/2013 07:36:00 PM) (Source: crypt32)(User: )
Description: http://www.download....rootseq.txtThis network connection does not exist.

Error: (02/27/2013 07:36:00 PM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (02/24/2013 09:38:14 PM) (Source: MsiInstaller)(User: PETER-E3AC03268)
Description: Product: Adobe Flash Player 9 ActiveX -- Error 1904.Module C:\WINDOWS\system32\Macromed\Flash\FlDbg9c.ocx failed to register. HRESULT -2147220473. Contact your support personnel.(NULL)(NULL)(NULL)

Error: (02/24/2013 06:15:31 PM) (Source: Application Error)(User: )
Description: SetupX.exe1.5.35.6SetupX.exe1.5.35.60004efa9


=========================== Installed Programs ============================

Add or Remove Adobe Creative Suite 3 Master Collection (Version: 1.0)
Adobe Acrobat 8 Professional (Version: 8.1.0)
Adobe After Effects CS3 Presets (Version: 8)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Fireworks CS3 (Version: 9.0)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.168)
Adobe Flash Player 9 ActiveX (Version: 9.0.45.0)
Adobe Flash Player 9 Plugin (Version: 9.0.45.0)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Reader 8.1.2 (Version: 8.1.2)
Adobe Setup (Version: 1.0)
Adobe SING CS3 (Version: 0.1)
Adobe Soundbooth CS3 (Version: 1)
Adobe Soundbooth CS3 Codecs (Version: 3)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe Video Profiles (Version: 1.0)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP DVA Panels CS3 (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
AHV content for Acrobat and Flash (Version: 1)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.170.77.3)
CleanMyPC - Registry Cleaner
HP Help and Support (Version: 4.4.0003)
HP Wireless Assistant (Version: 3.00 K2)
IDT Audio (Version: 1.0.5927.3)
Intel® Graphics Media Accelerator Driver
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
LightScribe 1.6.43.1 (Version: 1.6.43.1)
Marvell Miniport Driver (Version: 10.62.1.3)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 (Version: 2.0.50727)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
Nero 7 Essentials (Version: 7.02.8078)
PDF Settings (Version: 1.0)
Security Task Manager 1.8g (Version: 1.8g)
Synaptics Pointing Device Driver (Version: 11.2.2.0)
Uniblue ProcessQuickLink 2
Update for Windows XP (KB898461) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
WIDCOMM Bluetooth Software (Version: 5.5.0.4100)
Windows Live Messenger (Version: 8.1.0178.00)
Windows Media Format 11 runtime
Windows Media Player 11

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 1015.23 MB
Available physical RAM: 650.57 MB
Total Pagefile: 2442.62 MB
Available Pagefile: 2182.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.61 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:15.25 GB) (Free:2.82 GB) NTFS
2 Drive d: () (Removable) (Total:1.87 GB) (Free:1.87 GB) FAT32

========================= Users: ========================================

User accounts for \\PETER-E3AC03268

Administrator Guest HelpAssistant
Peter SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
  • 0

#10
Essexboy
Posted 28 February 2013 - 01:54 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes if you could post the aswMBR log please

What error does windows give for windows updates ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 "6986:TCP"=

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

Advertisements

#11
PeterHamlett
Posted 28 February 2013 - 02:01 PM

PeterHamlett

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-18 16:00:27
-----------------------------
16:00:27.593 OS Version: Windows 5.1.2600 Service Pack 3
16:00:27.593 Number of processors: 2 586 0x1C02
16:00:27.593 ComputerName: PETER-E3AC03268 UserName: Peter
16:00:30.359 Initialize success
16:00:52.437 AVAST engine download error: 0
16:32:16.656 The log file has been saved successfully to "C:\Documents and Settings\Peter\My Documents\Downloads\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-28 14:31:18
-----------------------------
14:31:18.578 OS Version: Windows 5.1.2600 Service Pack 3
14:31:18.578 Number of processors: 2 586 0x1C02
14:31:18.578 ComputerName: PETER-E3AC03268 UserName: Peter
14:31:20.890 Initialize success
14:38:18.484 AVAST engine defs: 13022800
14:39:54.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:39:54.250 Disk 0 Vendor: SanDisk_pSSD_16GB SSD_4.46 Size: 15631MB BusType: 3
14:39:54.250 Disk 0 MBR read successfully
14:39:54.250 Disk 0 MBR scan
14:39:54.265 Disk 0 Windows XP default MBR code
14:39:54.265 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 15617 MB offset 63
14:39:54.281 Disk 0 scanning sectors +31985415
14:39:54.296 Disk 0 scanning C:\WINDOWS\system32\drivers
14:40:01.609 Service scanning
14:40:14.546 Modules scanning
14:40:28.718 Disk 0 trace - called modules:
14:40:28.718 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
14:40:28.718 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86544ab8]
14:40:28.734 3 CLASSPNP.SYS[f75c8fd7] -> nt!IofCallDriver -> \Device\0000005d[0x865469e8]
14:40:28.734 5 ACPI.sys[f745f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86574940]
14:40:30.640 AVAST engine scan C:\WINDOWS
14:40:33.781 AVAST engine scan C:\WINDOWS\system32
14:43:12.000 AVAST engine scan C:\WINDOWS\system32\drivers
14:43:23.093 AVAST engine scan C:\Documents and Settings\Peter
14:43:40.500 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS
14:43:45.031 Scan finished successfully
14:44:20.406 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Peter\My Documents\Downloads\MBR.dat"
14:44:20.406 The log file has been saved successfully to "C:\Documents and Settings\Peter\My Documents\Downloads\aswMBR.txt"
  • 0

#12
PeterHamlett
Posted 28 February 2013 - 02:12 PM

PeterHamlett

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OTL logfile created on: 2/28/2013 3:07:09 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Peter\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.23 Mb Total Physical Memory | 684.40 Mb Available Physical Memory | 67.41% Memory free
2.39 Gb Paging File | 2.16 Gb Available in Paging File | 90.67% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.25 Gb Total Space | 2.95 Gb Free Space | 19.34% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.87 Gb Free Space | 99.68% Space Free | Partition Type: FAT32

Computer Name: PETER-E3AC03268 | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/27 19:56:02 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/02/24 20:45:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2013/02/18 15:25:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Peter\My Documents\Downloads\OTL.exe
PRC - [2011/08/02 02:39:14 | 001,401,224 | ---- | M] (CleanMyPC Software) -- C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe
PRC - [2008/08/29 19:03:24 | 000,442,477 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\STTRAY.EXE
PRC - [2008/08/29 19:03:24 | 000,442,477 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\STTRAY.EXE
PRC - [2008/08/29 19:03:24 | 000,237,667 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\STACSV.EXE
PRC - [2008/08/28 10:16:34 | 000,471,040 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFLTR.EXE
PRC - [2008/07/30 13:56:16 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/02 09:50:28 | 000,655,640 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe
PRC - [2007/05/10 22:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2007/05/04 10:39:28 | 000,910,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/05/04 10:39:12 | 000,149,040 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2008/07/30 13:52:10 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008/07/30 09:55:02 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/04/14 07:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/02/16 17:40:42 | 005,521,408 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/02/16 17:40:40 | 001,466,368 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/27 19:56:02 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/02/27 19:49:20 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/24 20:45:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/08/29 19:03:24 | 000,237,667 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STACSV.EXE -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/09/08 19:53:05 | 001,294,200 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/08/29 19:03:24 | 001,388,980 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/08/28 10:16:36 | 000,112,128 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/07/24 12:37:16 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/24 12:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/06/27 13:02:00 | 000,289,024 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/05/30 06:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/03/10 13:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 12:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsof...ss/allinone.asp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsof...ss/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/27 19:49:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/27 19:48:44 | 000,000,000 | ---D | M]

[2013/02/18 12:27:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Peter\Application Data\Mozilla\Extensions
[2013/02/27 19:48:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/27 19:49:22 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/02/20 16:04:02 | 002,463,976 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2013/02/01 13:22:13 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/27 19:49:16 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/02/28 15:02:25 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [IDTSysTrayApp] C:\WINDOWS\STTRAY.EXE (IDT, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\STTRAY.EXE (IDT, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Registry Cleaner Scheduler] C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe (CleanMyPC Software)
O4 - HKCU..\Run: [Uniblue ProcessQuickLink 2] C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe (Uniblue)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1362081508468 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C3F5547-EE4B-4688-A6BA-6CA99D94EC08}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Tempest.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Tempest.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/09/08 19:18:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/21 11:06:58 | 000,059,288 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/28 14:58:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Peter\UserData
[2013/02/27 20:15:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Local Settings\Application Data\Sun
[2013/02/27 20:07:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/27 19:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2013/02/27 19:54:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/02/27 19:51:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
[2013/02/27 19:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/24 22:10:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
[2013/02/24 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/02/24 21:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Adobe Master Collection CS3
[2013/02/24 20:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2013/02/24 18:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Local Settings\Application Data\Ahead
[2013/02/24 18:16:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LightScribe
[2013/02/24 18:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\LightScribe Direct Disc Labeling
[2013/02/24 18:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2013/02/24 18:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Nero 7 Essentials
[2013/02/24 18:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Application Data\Ahead
[2013/02/24 18:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
[2013/02/24 18:01:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2013/02/24 18:01:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2013/02/24 17:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Application Data\Adobe
[2013/02/18 13:22:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SecTaskMan
[2013/02/18 13:22:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Security Task Manager
[2013/02/18 13:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2013/02/18 13:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2013/02/18 13:03:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\ProcessQuickLink 2
[2013/02/18 12:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\My Documents\Downloads
[2013/02/18 12:19:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Local Settings\Application Data\Mozilla
[2013/02/18 12:19:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter\Application Data\Mozilla
[2013/02/18 12:19:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
[2013/02/18 12:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/02/18 12:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\APN

========== Files - Modified Within 30 Days ==========

[2013/02/28 15:10:04 | 000,401,632 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/28 15:10:04 | 000,062,746 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/28 15:05:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/28 15:04:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2013/02/28 15:04:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2013/02/28 15:02:25 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/02/28 13:59:40 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/28 13:58:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2013/02/28 13:58:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2013/02/27 21:54:04 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2013/02/27 21:54:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2013/02/27 20:09:03 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2013/02/27 20:09:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2013/02/27 19:39:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2013/02/27 19:39:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2013/02/24 22:11:27 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2013/02/24 22:11:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2013/02/24 22:10:03 | 001,392,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/24 21:52:14 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Acrobat 8 Professional.lnk
[2013/02/24 20:36:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2013/02/24 20:36:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2013/02/24 18:13:02 | 000,002,379 | ---- | M] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2013/02/24 18:13:02 | 000,002,361 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero StartSmart Essentials.lnk
[2013/02/24 18:13:02 | 000,002,279 | ---- | M] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2013/02/24 18:13:02 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero Home Essentials SE.lnk
[2013/02/24 18:13:02 | 000,001,879 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero Online Upgrade.lnk
[2013/02/18 16:50:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2013/02/18 16:50:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2013/02/18 13:42:18 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2013/02/18 13:42:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2013/02/18 13:16:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2013/02/18 13:16:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2013/02/18 12:32:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2013/02/18 12:32:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2013/02/18 12:19:16 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/02/18 11:40:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2013/02/18 11:40:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm

========== Files Created - No Company Name ==========

[2013/02/28 13:58:59 | 000,000,268 | -H-- | C] () -- C:\sqmdata19.sqm
[2013/02/28 13:58:59 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2013/02/27 21:54:04 | 000,000,268 | -H-- | C] () -- C:\sqmdata18.sqm
[2013/02/27 21:54:04 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2013/02/27 20:09:03 | 000,000,268 | -H-- | C] () -- C:\sqmdata17.sqm
[2013/02/27 20:09:03 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2013/02/27 19:39:14 | 000,000,268 | -H-- | C] () -- C:\sqmdata16.sqm
[2013/02/27 19:39:14 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2013/02/24 22:11:27 | 000,000,268 | -H-- | C] () -- C:\sqmdata15.sqm
[2013/02/24 22:11:27 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2013/02/24 21:52:14 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Acrobat 8 Professional.lnk
[2013/02/24 21:38:40 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2013/02/24 20:36:34 | 000,000,268 | -H-- | C] () -- C:\sqmdata14.sqm
[2013/02/24 20:36:34 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2013/02/24 18:13:02 | 000,002,379 | ---- | C] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2013/02/24 18:13:02 | 000,002,361 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero StartSmart Essentials.lnk
[2013/02/24 18:13:02 | 000,002,279 | ---- | C] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2013/02/24 18:13:02 | 000,002,261 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero Home Essentials SE.lnk
[2013/02/24 18:13:02 | 000,001,879 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Nero Online Upgrade.lnk
[2013/02/18 16:50:05 | 000,000,268 | -H-- | C] () -- C:\sqmdata13.sqm
[2013/02/18 16:50:05 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2013/02/18 13:42:18 | 000,000,268 | -H-- | C] () -- C:\sqmdata12.sqm
[2013/02/18 13:42:18 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2013/02/18 13:16:17 | 000,000,268 | -H-- | C] () -- C:\sqmdata11.sqm
[2013/02/18 13:16:17 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2013/02/18 12:32:01 | 000,000,268 | -H-- | C] () -- C:\sqmdata10.sqm
[2013/02/18 12:32:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2013/02/18 12:19:16 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/18 12:19:16 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/02/18 11:40:17 | 000,000,268 | -H-- | C] () -- C:\sqmdata09.sqm
[2013/02/18 11:40:17 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2012/09/08 20:29:21 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2012/09/08 19:52:00 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2012/09/08 19:25:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/09/08 19:11:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/09/08 15:32:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/09/08 15:30:12 | 001,392,592 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2012/09/08 20:00:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 07:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 07:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/18 12:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\APN
[2013/02/24 18:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LightScribe
[2013/02/18 13:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SecTaskMan
[2013/02/18 12:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedMaxPc
[2013/02/28 15:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2012/10/06 22:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Application Data\DriverCure
[2012/09/19 15:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Application Data\MSNInstaller
[2012/10/06 22:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Application Data\SpeedMaxPc
[2012/09/08 19:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Application Data\TMP

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:ECF54A0E

< End of report >
  • 0

#13
Essexboy
Posted 28 February 2013 - 02:17 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you download the attached zip file, extract the file to your desktop and run

Then retry windows updates
  • 0

#14
PeterHamlett
Posted 28 February 2013 - 03:02 PM

PeterHamlett

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Windows Update is working! And I can surf to anti-virus and malware sites as well.

Thank you!
  • 0

#15
Essexboy
Posted 28 February 2013 - 04:05 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK a quick sweep for orphans before I tidy up

Please download Malwarebytes Anti-Malware to your desktop.

  • Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan as shown below.

    Posted Image
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.


The log can also be found here:

Windows 2000 & Windows XP:
C:\Documents and Settings\<USERNAME>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Windows Vista & Win7:
C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
----------
  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP