Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Lag & High CPU

Started by Liz2012 , Jul 03 2013 10:13 AM

  • Please log in to reply

#1
Liz2012
Posted 03 July 2013 - 10:13 AM

Liz2012

    Member

  • Member
  • PipPip
  • 42 posts
My computer is extrememly slow. There is a pronounced lag, my CPU is constantly fluctuating and running at 100%. My Belkin utility seems to get targeted, and I will close that completely and then it will run quicker mometarily, then slow again. I have run the usual programs, HiJackThis, Malwarebytes, Advanced Systemcare, IObit Malware fighter, Ad-Aware, CCleaner... I have done a system restore & have also edited my startup programs twice.

I can usually correct minor issues, but I am lost and need real help with this one.
  • 0

Advertisements

#2
RKinner
Posted 03 July 2013 - 10:51 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.



Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Ron
  • 0

#3
Liz2012
Posted 04 July 2013 - 08:05 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
OTL Extras logfile created on: 7/4/2013 9:50:35 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 226.38 Mb Available Physical Memory | 23.62% Memory free
2.26 Gb Paging File | 1.64 Gb Available in Paging File | 72.52% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.48 Gb Total Space | 14.90 Gb Free Space | 14.26% Space Free | Partition Type: NTFS
Drive D: | 7.29 Gb Total Space | 0.57 Gb Free Space | 7.82% Space Free | Partition Type: FAT32

Computer Name: YOUR-D0F670B45A | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"enablefirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"enablefirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\SteamApps\jblack187\counter-strike source\hl2.exe" = C:\Program Files\Steam\SteamApps\jblack187\counter-strike source\hl2.exe:*:Disabled:hl2 -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\HP Rhapsody\rhapsody.exe" = C:\Program Files\HP Rhapsody\rhapsody.exe:*:Disabled:Rhapsody -- (RealNetworks, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe" = C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe" = C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe:*:Enabled:FreeFileViewerUpdateChecker -- (Bitberry Software)
"C:\Documents and Settings\Compaq_Owner\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Compaq_Owner\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™
"{06E73C0B-7DE7-4F41-860B-587033B75BD9}" = iPod Updater 2004-11-15
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{174D5678-D941-433C-BD23-58A5C7B0D36D}" = Jasc Animation Shop 3
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}" = upapp
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{6314D540-E3C1-4F30-AEEB-4154C93375C3}" = HP Driver Diagnostics
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6BE73D27-5ADC-4AD9-B619-8F5188AFCF9F}" = HP Deskjet 1050 J410 series Product Improvement Study
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8A9A5FCE-E592-4E77-96F8-6B3624640D1C}" = Webassessor Sentinel Security Shield™
"{8AE2B7D4-2BAA-4B9D-A4F4-282D3D30F1D0}" = IObit Apps Toolbar v7.2
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8F7A4D82-B168-4F89-99C2-B9873EC877AF}" = HP Image Zone Express
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{9922FE96-6803-498D-A6AD-4EB5A3B956A5}" = Belkin Wireless G Plus MIMO USB Network Adapter
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BACBC990-8681-4D00-9227-F3A32123BB7A}" = Half-Life®
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{ECB35FFA-B010-45C5-9AB5-665AC7E27EE2}" = HP Deskjet 1050 J410 series Basic Device Software
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}" = The Sims Complete Collection
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Ace Utilities_is1" = Ace Utilities
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advanced SystemCare Ultimate_is1" = Advanced SystemCare Ultimate 6
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"EADM" = EA Download Manager
"ewidoantispyware4" = ewido anti-spyware 4.0
"FreeFileViewer_is1" = Free File Viewer 2011
"Hijackthis_is1" = Hijackthis 1.99.1
"hp deskjet 5550 series" = hp deskjet 5550 series (Remove only)
"HP Game Console" = HP Game Console
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photo Creations" = HP Photo Creations
"hp print screen utility" = hp print screen utility
"HP Rhapsody" = HP Rhapsody
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{06E73C0B-7DE7-4F41-860B-587033B75BD9}" = iPod Updater 2004-11-15
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"LimeWire" = LimeWire 4.12.11
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 18.0 (x86 en-US)" = Mozilla Firefox 18.0 (x86 en-US)
"MyWGU Messenger 2.5.8" = MyWGU Messenger 2.5.8
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"Revo Uninstaller" = Revo Uninstaller 1.80
"Rhapsody" = Rhapsody
"SCRABBLE" = SCRABBLE
"Steam App 440" = Team Fortress 2
"Trillian" = Trillian
"Trusted Software Assistant_is1" = File Type Assistant
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WT005538" = Tradewinds
"WT005541" = Blasterball 2 Revolution
"WT005542" = Blasterball 2 Remix
"WT005544" = Bounce Symphony
"WT005613" = Flip Words
"WT005618" = Poker Superstars
"WT005620" = Slingo Deluxe
"WT005625" = Bejeweled 2 Deluxe
"WT005627" = Bookworm Deluxe
"WT005628" = Chuzzle Deluxe
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"WinDirStat" = WinDirStat 1.1.2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/27/2013 11:07:16 AM | Computer Name = YOUR-D0F670B45A | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 6/27/2013 11:07:17 AM | Computer Name = YOUR-D0F670B45A | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 6/27/2013 11:07:17 AM | Computer Name = YOUR-D0F670B45A | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 6/27/2013 11:07:17 AM | Computer Name = YOUR-D0F670B45A | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 6/27/2013 11:07:17 AM | Computer Name = YOUR-D0F670B45A | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 6/28/2013 11:52:14 AM | Computer Name = YOUR-D0F670B45A | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 6/28/2013 11:52:15 AM | Computer Name = YOUR-D0F670B45A | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 6/30/2013 12:31:46 PM | Computer Name = YOUR-D0F670B45A | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 6/30/2013 12:31:47 PM | Computer Name = YOUR-D0F670B45A | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x80040206.

Error - 7/2/2013 3:42:21 AM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application belkinwcui.exe, version 1.0.0.17, faulting module
belkinwcui.exe, version 1.0.0.17, fault address 0x0005136d.

[ System Events ]
Error - 7/2/2013 10:24:42 AM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7034
Description = The Automatic LiveUpdate Scheduler service terminated unexpectedly.
It has done this 1 time(s).

Error - 7/2/2013 10:37:17 AM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7034
Description = The Advanced SystemCare Service 6 service terminated unexpectedly.
It has done this 1 time(s).

Error - 7/2/2013 10:37:25 AM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7034
Description = The AdvancedSystemCareAntivirus service terminated unexpectedly.
It has done this 1 time(s).

Error - 7/2/2013 10:40:00 AM | Computer Name = YOUR-D0F670B45A | Source = Schedule | ID = 7901
Description = The At3.job command failed to start due to the following error: %%2147942405

Error - 7/2/2013 2:00:00 PM | Computer Name = YOUR-D0F670B45A | Source = Schedule | ID = 7901
Description = The At4.job command failed to start due to the following error: %%2147942405

Error - 7/2/2013 8:40:00 PM | Computer Name = YOUR-D0F670B45A | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942405

Error - 7/3/2013 10:10:00 AM | Computer Name = YOUR-D0F670B45A | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942405

Error - 7/3/2013 10:40:00 AM | Computer Name = YOUR-D0F670B45A | Source = Schedule | ID = 7901
Description = The At3.job command failed to start due to the following error: %%2147942405

Error - 7/3/2013 2:00:00 PM | Computer Name = YOUR-D0F670B45A | Source = Schedule | ID = 7901
Description = The At4.job command failed to start due to the following error: %%2147942405

Error - 7/3/2013 8:40:00 PM | Computer Name = YOUR-D0F670B45A | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942405


< End of report >
  • 0

#4
Liz2012
Posted 04 July 2013 - 08:06 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
OTL logfile created on: 7/4/2013 9:50:35 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 226.38 Mb Available Physical Memory | 23.62% Memory free
2.26 Gb Paging File | 1.64 Gb Available in Paging File | 72.52% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.48 Gb Total Space | 14.90 Gb Free Space | 14.26% Space Free | Partition Type: NTFS
Drive D: | 7.29 Gb Total Space | 0.57 Gb Free Space | 7.82% Space Free | Partition Type: FAT32

Computer Name: YOUR-D0F670B45A | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/06/27 10:37:00 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2012/12/13 14:50:32 | 001,051,088 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/25 11:49:01 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/06/15 09:35:26 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
MOD - [2012/10/23 13:47:36 | 000,142,720 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCExtMenu.dll
MOD - [2011/06/18 21:35:38 | 000,090,592 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll
MOD - [2008/08/05 22:26:28 | 000,110,304 | ---- | M] () -- C:\Program Files\Ace Utilities\wipext.dll
MOD - [2006/01/24 22:15:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.exe -- (ewido anti-spyware 4.0 guard)
SRV - [2013/06/27 10:37:00 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/15 09:35:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/07 17:10:22 | 000,806,776 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2012/12/14 13:21:06 | 000,621,008 | ---- | M] (IOBit) [Auto | Stopped] -- C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe -- (ASCAntivirusSrv)
SRV - [2012/12/13 14:50:32 | 001,051,088 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCSvc.exe -- (AdvancedSystemCareService6)
SRV - [2011/06/18 21:35:27 | 001,036,104 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/09/03 02:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2006/07/25 19:03:42 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/07/25 19:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\gaopdxxenqhovc.sys -- (gaopdxserv.sys)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.sys -- (ewido anti-spyware 4.0 driver)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AWRTPD.sys -- (AdWatchDrv)
DRV - [2013/03/26 19:37:12 | 000,017,360 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 19:37:10 | 000,031,520 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 15:51:42 | 000,247,968 | ---- | M] (IObit) [File_System | Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2009/04/27 21:35:17 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/09/05 13:48:24 | 012,212,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2007/02/06 05:00:00 | 000,383,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2006/03/08 16:27:12 | 004,246,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/03/03 17:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 17:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/06 14:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 14:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/11/24 20:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/11/10 14:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)
DRV - [2005/06/29 20:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)
DRV - [2005/06/18 03:48:46 | 000,019,968 | ---- | M] (WikiTek Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ss.sys -- (StreamSurge)
DRV - [2005/03/09 17:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/02 14:47:54 | 000,015,872 | ---- | M] (Gemtek Technology Co.) [Kernel | On_Demand | Running] -- C:\Program Files\Belkin\F5D9050\BKNDIS5.sys -- (BKNDIS5)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/11/05 10:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {1F27F662-6E3E-4679-9E49-91C3D27E97C3}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{1F27F662-6E3E-4679-9E49-91C3D27E97C3}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{92B4B7F0-F2AD-4A79-9913-E8F1AD59856D}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8081

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=800236"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07076007
FF - prefs.js..keyword.URL: "http://search.yahoo....type=800236&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/25 11:48:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/25 11:48:34 | 000,000,000 | ---D | M]

[2010/02/20 20:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2013/06/15 13:37:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions
[2008/08/14 17:22:51 | 000,000,000 | ---D | M] (Coupon Manager) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\{0C7E3F01-99E9-4095-9BDC-F84724960B57}
[2013/06/11 12:15:47 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\[email protected]
[2013/01/16 13:47:29 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/06/15 13:37:27 | 000,000,904 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\searchplugins\yahoo.xml
[2013/06/25 11:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/25 11:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/25 11:49:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/01/04 23:45:48 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/25 20:22:51 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/02/25 20:22:51 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2006/01/18 12:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2009/09/11 15:36:42 | 000,067,072 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npWebSentinelHelper.dll

O1 HOSTS File: ([2007/04/04 23:48:57 | 000,000,023 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe ()
O4 - HKCU..\Run: [Advanced SystemCare Ultimate] C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe (IObit)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80443072-5384-4D29-A197-604ECE8884D8}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97DA57EB-F12A-4A3A-A37B-94252252CD58}: DhcpNameServer = 192.168.2.1 24.25.5.61 24.25.5.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB51BA5C-F6F4-4E13-B2A5-5A4842ABA078}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/05 02:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "gupdate1c8e225103c230"
MsConfig - Services: "AVGEMS"
MsConfig - Services: "Avg7UpdSvc"
MsConfig - Services: "Avg7Alrt"
MsConfig - Services: "AVG Anti-Spyware Guard"
MsConfig - Services: "Viewpoint Manager Service"
MsConfig - Services: "avast! Web Scanner"
MsConfig - Services: "avast! Mail Scanner"
MsConfig - Services: "avast! Antivirus"
MsConfig - Services: "aswUpdSv"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe - (Adobe Systems Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe - (Hewlett-Packard)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - - File not found
MsConfig - StartUpReg: Ad-Watch - hkey= - key= - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Photo Downloader - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: AdobeUpdater - hkey= - key= - File not found
MsConfig - StartUpReg: APSDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: AVG7_CC - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
MsConfig - StartUpReg: FixCamera - hkey= - key= - C:\WINDOWS\FixCamera.exe ()
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: MyWGU Messenger - hkey= - key= - C:\Program Files\MyWGU Messenger\MyWGU-Messenger.exe (Jive Software)
MsConfig - StartUpReg: nwiz - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: SearchSettings - hkey= - key= - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Spotify - hkey= - key= - C:\Documents and Settings\Compaq_Owner\Application Data\Spotify\spotify.exe (Spotify Ltd)
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
MsConfig - StartUpReg: Steam - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
MsConfig - StartUpReg: swg - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Yahoo! Pager - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AVG Anti-Spyware Driver - Driver
SafeBootMin: AVG Anti-Spyware Guard - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: IMFservice - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AVG Anti-Spyware Driver - Driver
SafeBootNet: AVG Anti-Spyware Guard - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6F7EB061-99F6-4775-DE6F-6917C00A592E} - Java (Sun)
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/07/04 09:46:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/06/28 11:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2013/06/27 10:37:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2013/06/27 10:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013/06/27 10:37:21 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/27 10:37:21 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/27 10:37:16 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/27 10:37:16 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/27 10:37:16 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/27 09:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Sun
[2013/06/25 12:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
[2013/06/25 12:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\WinDirStat
[2013/06/25 11:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/15 13:37:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Search Settings
[2013/06/15 13:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Apps Toolbar
[2013/06/15 13:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2013/06/15 09:42:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit Apps
[2013/06/15 09:35:28 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/15 09:35:28 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2013/06/11 12:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2013/06/11 12:15:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013/06/11 12:15:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\AppData
[2013/06/11 12:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013/06/11 12:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2013/06/11 12:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit
[2013/06/11 12:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare Ultimate
[2013/06/11 12:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013/06/10 12:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2013/06/09 19:15:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2013/06/09 19:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2013/06/09 19:12:38 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/09 19:12:38 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/09 18:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\HiJackThis
[2013/06/09 18:37:34 | 000,000,000 | ---D | C] -- C:\HJT
[2013/06/09 16:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2013/06/09 16:41:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\BrowserPlus
[2013/06/09 16:41:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2013/06/09 16:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Belkin Wireless Network Utility
[2013/06/09 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2013/06/09 16:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/06/09 16:41:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/06/09 16:40:59 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/06/08 08:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
[2013/06/07 14:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/06/07 14:00:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/06/05 21:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin(2)
[2013/06/05 16:56:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\BABY STUFF
[2007/12/06 01:33:46 | 002,826,275 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\zoo.exe
[2007/12/06 01:33:46 | 001,112,504 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\dwdebug.exe
[2007/12/06 01:33:46 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\SETUPENU.DLL
[2007/12/06 01:33:46 | 000,471,098 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\UNINSTAL.EXE
[2007/12/06 01:33:46 | 000,466,997 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\lang0.dll
[2007/12/06 01:33:46 | 000,161,184 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\dw.exe
[2007/12/06 01:33:46 | 000,118,784 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\res0.dll
[2007/12/06 01:33:45 | 000,053,300 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\EBUEula.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiResJpn.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiResEnu.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiRes.dll
[2007/07/25 17:24:28 | 002,826,275 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\zoo.exe
[2007/07/25 17:24:28 | 001,112,504 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dwdebug.exe
[2007/07/25 17:24:28 | 000,471,098 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UNINSTAL.EXE
[2007/07/25 17:24:28 | 000,161,184 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dw.exe
[2007/07/25 17:24:27 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Program Files\SETUPENU.DLL
[2007/07/25 17:24:27 | 000,466,997 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\lang0.dll
[2007/07/25 17:24:27 | 000,118,784 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\res0.dll
[2007/07/25 17:24:27 | 000,053,300 | ---- | C] (Microsoft Corporation) -- C:\Program Files\EBUEula.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiResJpn.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiResEnu.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiRes.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/04 09:50:00 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A9870B1F-49B9-4EB1-AAE0-82C936D2C093}.job
[2013/07/04 09:46:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/07/04 09:34:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/03 23:24:00 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\FreeFileViewerUpdateChecker.job
[2013/07/03 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/07/03 18:38:45 | 000,001,362 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2013/07/03 14:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2013/07/03 10:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2013/07/03 10:10:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/07/02 10:25:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\ASC6_PerformanceMonitor.job
[2013/07/01 21:35:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2013/07/01 10:19:54 | 000,119,139 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\401262_496775543696240_758378301_n.jpg
[2013/07/01 10:18:30 | 000,142,355 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\197943_501785559861905_199076935_n.jpg
[2013/07/01 10:18:17 | 000,150,299 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\69484_502056993168095_1732405421_n.jpg
[2013/07/01 10:18:00 | 000,206,947 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\225807_503495533024241_2005367362_n.jpg
[2013/07/01 10:17:46 | 000,074,196 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\64005_505238699516591_1559339700_n.jpg
[2013/07/01 10:17:12 | 000,141,223 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\33871_512617792112015_1547791522_n.jpg
[2013/07/01 10:14:55 | 000,082,539 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\19306_522766884430439_2135944798_n.jpg
[2013/07/01 10:14:02 | 000,149,603 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\529853_533194143387713_110433115_n.jpg
[2013/06/30 18:29:41 | 000,064,454 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\tumblr_mcs2drk8XL1qcyrsio1_500.jpg
[2013/06/30 12:33:13 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/06/30 12:33:10 | 000,000,054 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/06/30 12:33:10 | 000,000,039 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/06/30 12:33:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/30 12:32:49 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/28 11:52:28 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/06/27 10:37:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/27 10:36:59 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/27 10:36:59 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/27 10:36:59 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/27 10:36:58 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/27 10:36:58 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/27 10:36:58 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/25 18:02:07 | 000,020,753 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\1011736_10201473401227390_1224720998_n.jpg
[2013/06/24 12:22:10 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2013/06/23 12:03:58 | 000,002,395 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2013/06/20 08:18:40 | 000,232,236 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7227.JPG
[2013/06/20 08:15:36 | 000,110,232 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7226.JPG
[2013/06/20 08:15:24 | 000,112,847 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7225.JPG
[2013/06/20 08:15:04 | 000,143,246 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7224.JPG
[2013/06/20 08:14:46 | 000,110,591 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7223.JPG
[2013/06/15 09:35:29 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/15 09:35:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/14 13:56:06 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/11 12:19:43 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\IObit Malware Fighter.lnk
[2013/06/11 12:19:43 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IObit Malware Fighter.lnk
[2013/06/11 12:14:37 | 000,000,924 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare Ultimate.lnk
[2013/06/11 12:14:36 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare Ultimate.lnk
[2013/06/09 19:22:03 | 000,126,714 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20130609_192153.reg
[2013/06/09 18:56:26 | 000,000,219 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Document.rtf
[2013/06/09 17:02:21 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 16:46:19 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/08 19:46:26 | 002,094,994 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Deck Plans.bmp
[2013/06/06 09:17:18 | 000,212,786 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\census.cache
[2013/06/06 09:17:13 | 000,205,206 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ars.cache
[2013/06/05 22:20:18 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/01 10:19:53 | 000,119,139 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\401262_496775543696240_758378301_n.jpg
[2013/07/01 10:18:29 | 000,142,355 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\197943_501785559861905_199076935_n.jpg
[2013/07/01 10:18:16 | 000,150,299 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\69484_502056993168095_1732405421_n.jpg
[2013/07/01 10:18:00 | 000,206,947 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\225807_503495533024241_2005367362_n.jpg
[2013/07/01 10:17:45 | 000,074,196 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\64005_505238699516591_1559339700_n.jpg
[2013/07/01 10:17:10 | 000,141,223 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\33871_512617792112015_1547791522_n.jpg
[2013/07/01 10:14:55 | 000,082,539 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\19306_522766884430439_2135944798_n.jpg
[2013/07/01 10:14:01 | 000,149,603 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\529853_533194143387713_110433115_n.jpg
[2013/06/30 18:28:28 | 000,064,454 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\tumblr_mcs2drk8XL1qcyrsio1_500.jpg
[2013/06/27 10:37:27 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/06/25 18:01:45 | 000,020,753 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\1011736_10201473401227390_1224720998_n.jpg
[2013/06/20 10:27:01 | 000,232,236 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7227.JPG
[2013/06/20 10:27:01 | 000,143,246 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7224.JPG
[2013/06/20 10:27:01 | 000,112,847 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7225.JPG
[2013/06/20 10:27:01 | 000,110,591 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7223.JPG
[2013/06/20 10:27:01 | 000,110,232 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7226.JPG
[2013/06/15 09:35:33 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/14 13:56:06 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/14 13:56:06 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/11 12:19:43 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\IObit Malware Fighter.lnk
[2013/06/11 12:19:43 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IObit Malware Fighter.lnk
[2013/06/11 12:15:35 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\ASC6_PerformanceMonitor.job
[2013/06/11 12:14:37 | 000,000,924 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare Ultimate.lnk
[2013/06/11 12:14:36 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare Ultimate.lnk
[2013/06/09 19:21:58 | 000,126,714 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20130609_192153.reg
[2013/06/09 18:56:26 | 000,000,219 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Document.rtf
[2013/06/09 18:44:41 | 000,002,395 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2013/06/09 17:02:21 | 000,002,415 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 16:46:32 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/06/09 16:46:32 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/06/08 19:46:25 | 002,094,994 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Deck Plans.bmp
[2013/06/05 23:24:10 | 000,212,786 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\census.cache
[2013/06/05 23:19:39 | 000,205,206 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ars.cache
[2013/06/05 22:20:18 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2013/05/28 15:38:54 | 000,922,944 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\a.zip
[2009/12/06 20:21:51 | 116,264,960 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\lol
[2009/11/27 21:03:04 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\BC15C0
[2009/11/27 21:03:03 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\mcs.rma
[2009/03/03 17:43:39 | 000,003,323 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\manifest.ini
[2009/03/03 17:43:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\permdata.box
[2009/01/09 20:08:32 | 000,000,094 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Settings.ini
[2007/12/06 01:33:57 | 006,397,370 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ui.zip
[2007/12/06 01:33:57 | 000,905,097 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\terrain.zip
[2007/12/06 01:33:57 | 000,687,504 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\staff.zip
[2007/12/06 01:33:57 | 000,309,698 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn15.zoo
[2007/12/06 01:33:57 | 000,288,710 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\large.zoo
[2007/12/06 01:33:57 | 000,216,039 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn12.zoo
[2007/12/06 01:33:57 | 000,204,759 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\medium.zoo
[2007/12/06 01:33:57 | 000,201,767 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn13.zoo
[2007/12/06 01:33:57 | 000,156,617 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn04.zoo
[2007/12/06 01:33:57 | 000,138,694 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn03.zoo
[2007/12/06 01:33:57 | 000,102,319 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn02.zoo
[2007/12/06 01:33:57 | 000,102,054 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn07.zoo
[2007/12/06 01:33:57 | 000,094,755 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn11.zoo
[2007/12/06 01:33:57 | 000,094,755 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn10.zoo
[2007/12/06 01:33:57 | 000,092,319 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn01.zoo
[2007/12/06 01:33:57 | 000,091,639 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\default.zoo
[2007/12/06 01:33:57 | 000,076,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn06.zoo
[2007/12/06 01:33:57 | 000,055,809 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\tiles.zip
[2007/12/06 01:33:56 | 008,954,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\objects.zip
[2007/12/06 01:33:56 | 003,635,656 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scenario.zip
[2007/12/06 01:33:56 | 002,983,796 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scenery.zip
[2007/12/06 01:33:56 | 000,357,129 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\guests.zip
[2007/12/06 01:33:56 | 000,024,146 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\items.zip
[2007/12/06 01:33:56 | 000,007,337 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\research.zip
[2007/12/06 01:33:56 | 000,005,884 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\paths.zip
[2007/12/06 01:33:55 | 014,240,209 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\global.zip
[2007/12/06 01:33:55 | 000,135,989 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\fences.zip
[2007/12/06 01:33:55 | 000,010,043 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\fringe.zip
[2007/12/06 01:33:55 | 000,006,564 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\config.zip
[2007/12/06 01:33:54 | 009,116,930 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\animals2.zip
[2007/12/06 01:33:47 | 086,362,105 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\animals.zip
[2007/12/06 01:33:47 | 000,002,514 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ai.zip
[2007/12/06 01:33:47 | 000,000,000 | RH-- | C] () -- C:\Documents and Settings\Compaq_Owner\EBUSetup.sem
[2007/12/06 01:33:46 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\zoo.ini
[2007/12/06 01:33:45 | 001,440,056 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\splash.bmp
[2007/12/06 01:33:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\MSLOGO.AVI
[2007/12/06 01:33:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\BFLOGO.AVI
[2007/07/29 23:02:32 | 000,290,029 | ---- | C] () -- C:\Program Files\game in progress.zoo
[2007/07/25 20:05:05 | 000,739,832 | ---- | C] () -- C:\Program Files\072507.zoo
[2007/07/25 17:24:42 | 000,309,698 | ---- | C] () -- C:\Program Files\scn15.zoo
[2007/07/25 17:24:42 | 000,288,710 | ---- | C] () -- C:\Program Files\large.zoo
[2007/07/25 17:24:42 | 000,216,039 | ---- | C] () -- C:\Program Files\scn12.zoo
[2007/07/25 17:24:42 | 000,204,759 | ---- | C] () -- C:\Program Files\medium.zoo
[2007/07/25 17:24:42 | 000,201,767 | ---- | C] () -- C:\Program Files\scn13.zoo
[2007/07/25 17:24:42 | 000,156,617 | ---- | C] () -- C:\Program Files\scn04.zoo
[2007/07/25 17:24:42 | 000,138,694 | ---- | C] () -- C:\Program Files\scn03.zoo
[2007/07/25 17:24:42 | 000,102,319 | ---- | C] () -- C:\Program Files\scn02.zoo
[2007/07/25 17:24:42 | 000,102,054 | ---- | C] () -- C:\Program Files\scn07.zoo
[2007/07/25 17:24:42 | 000,094,755 | ---- | C] () -- C:\Program Files\scn11.zoo
[2007/07/25 17:24:42 | 000,094,755 | ---- | C] () -- C:\Program Files\scn10.zoo
[2007/07/25 17:24:42 | 000,092,319 | ---- | C] () -- C:\Program Files\scn01.zoo
[2007/07/25 17:24:42 | 000,091,639 | ---- | C] () -- C:\Program Files\default.zoo
[2007/07/25 17:24:42 | 000,076,880 | ---- | C] () -- C:\Program Files\scn06.zoo
[2007/07/25 17:24:41 | 006,397,370 | ---- | C] () -- C:\Program Files\ui.zip
[2007/07/25 17:24:41 | 003,635,656 | ---- | C] () -- C:\Program Files\scenario.zip
[2007/07/25 17:24:41 | 002,983,796 | ---- | C] () -- C:\Program Files\scenery.zip
[2007/07/25 17:24:41 | 000,905,097 | ---- | C] () -- C:\Program Files\terrain.zip
[2007/07/25 17:24:41 | 000,687,504 | ---- | C] () -- C:\Program Files\staff.zip
[2007/07/25 17:24:41 | 000,055,809 | ---- | C] () -- C:\Program Files\tiles.zip
[2007/07/25 17:24:41 | 000,007,337 | ---- | C] () -- C:\Program Files\research.zip
[2007/07/25 17:24:41 | 000,005,884 | ---- | C] () -- C:\Program Files\paths.zip
[2007/07/25 17:24:40 | 008,954,880 | ---- | C] () -- C:\Program Files\objects.zip
[2007/07/25 17:24:40 | 000,357,129 | ---- | C] () -- C:\Program Files\guests.zip
[2007/07/25 17:24:40 | 000,024,146 | ---- | C] () -- C:\Program Files\items.zip
[2007/07/25 17:24:39 | 014,240,209 | ---- | C] () -- C:\Program Files\global.zip
[2007/07/25 17:24:39 | 000,135,989 | ---- | C] () -- C:\Program Files\fences.zip
[2007/07/25 17:24:39 | 000,010,043 | ---- | C] () -- C:\Program Files\fringe.zip
[2007/07/25 17:24:39 | 000,006,564 | ---- | C] () -- C:\Program Files\config.zip
[2007/07/25 17:24:38 | 009,116,930 | ---- | C] () -- C:\Program Files\animals2.zip
[2007/07/25 17:24:29 | 086,362,105 | ---- | C] () -- C:\Program Files\animals.zip
[2007/07/25 17:24:29 | 000,002,514 | ---- | C] () -- C:\Program Files\ai.zip
[2007/07/25 17:24:29 | 000,000,000 | RH-- | C] () -- C:\Program Files\EBUSetup.sem
[2007/07/25 17:24:28 | 000,001,618 | ---- | C] () -- C:\Program Files\zoo.ini
[2007/07/25 17:24:27 | 001,440,056 | ---- | C] () -- C:\Program Files\splash.bmp
[2007/07/25 17:24:27 | 000,000,000 | ---- | C] () -- C:\Program Files\MSLOGO.AVI
[2007/07/25 17:24:27 | 000,000,000 | ---- | C] () -- C:\Program Files\BFLOGO.AVI
[2007/04/03 22:35:45 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/02/22 12:03:09 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2007/02/03 10:40:30 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2007/01/29 16:42:08 | 000,145,408 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 15:56:04 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

========== ZeroAccess Check ==========

[2006/07/21 06:30:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2007/08/22 08:55:40 | 001,498,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST3120213AS
Partitions: 2
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 104.00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 7.00GB
Starting Offset: 112192819200
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2013/07/03 18:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Adobe
[2007/02/05 18:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AdobeUM
[2013/06/12 10:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
[2008/03/06 19:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ashampoo
[2011/02/25 20:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Catalina Marketing Corp
[2011/09/24 11:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FreeFileViewer
[2009/05/04 09:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Google
[2007/04/07 14:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Help
[2007/02/22 12:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\HP
[2007/02/03 13:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\HPQ
[2010/12/03 19:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\HpUpdate
[2007/12/22 16:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Identities
[2007/07/18 18:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express
[2009/10/29 16:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InstallShield
[2006/07/21 07:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intuit
[2013/06/25 10:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit
[2013/06/15 09:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit Apps
[2009/02/28 16:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\iolo
[2008/05/04 01:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\iWin
[2008/05/04 01:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\iWinArcade
[2008/03/21 16:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Jasc
[2007/03/05 15:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Jasc Software Inc
[2007/04/05 10:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Lavasoft
[2007/07/14 21:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2007/01/29 16:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia
[2009/02/05 18:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
[2008/07/02 10:51:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft
[2007/06/25 19:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Miranda
[2008/02/04 01:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks
[2010/02/20 20:07:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
[2008/04/18 15:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MyPublisher
[2007/02/21 11:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MySpace
[2009/06/17 17:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Real
[2013/06/15 13:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Search Settings
[2008/06/19 16:57:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SecuROM
[2013/06/09 17:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Skype
[2013/06/09 15:50:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\skypePM
[2008/05/07 18:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Snapfish
[2007/07/14 21:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sonic
[2007/08/26 02:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony Corporation
[2009/02/05 23:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SPORE
[2008/09/28 20:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SPORE Creature Creator
[2013/06/23 11:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Spotify
[2007/02/02 00:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sun
[2007/07/06 11:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sunbelt Software
[2013/06/08 08:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
[2007/03/31 16:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Symantec
[2007/08/01 19:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Talkback
[2007/02/03 10:40:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2010/06/03 13:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue
[2013/06/12 12:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ventrilo
[2009/02/27 23:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Viewpoint
[2011/09/13 19:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WebSentinel
[2007/11/18 00:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Yahoo!
[2009/02/27 23:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ZiggyTV

< MD5 for: ATAPI.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 00:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/04 08:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 08:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/04/13 20:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\csrss.exe
[2004/08/04 07:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\system32\csrss.exe
[2004/08/04 07:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2008/06/20 13:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 13:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\system32\mswsock.dll
[2008/06/20 13:36:11 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=1DFCA7713EA5A70D5D93B436AEA0317A -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2004/08/04 07:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/06/20 13:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2008/04/13 20:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mswsock.dll
[2008/06/20 13:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NWPROVAU.DLL >
[2008/04/13 20:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\nwprovau.dll
[2006/10/13 08:41:38 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=808CB47D7F6BE51B0354CD628CF45978 -- C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
[2006/10/13 08:35:12 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=AEEB687B865E1BAB04BB9C3604F92CEF -- C:\WINDOWS\system32\dllcache\nwprovau.dll
[2006/10/13 08:35:12 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=AEEB687B865E1BAB04BB9C3604F92CEF -- C:\WINDOWS\system32\nwprovau.dll
[2004/08/04 07:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=F01D97A8E0380BA52F58249A7B3BD7F1 -- C:\WINDOWS\$NtUninstallKB923980$\nwprovau.dll

< MD5 for: PNRPNSP.DLL >
[2004/08/04 07:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\system32\dllcache\pnrpnsp.dll
[2004/08/04 07:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\system32\pnrpnsp.dll
[2008/04/13 20:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\pnrpnsp.dll

< MD5 for: SERVICES.EXE >
[2009/02/06 07:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 20:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\services.exe
[2009/02/06 06:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2004/08/04 07:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe

< MD5 for: WINRNR.DLL >
[2004/08/04 07:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\system32\dllcache\winrnr.dll
[2004/08/04 07:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\system32\winrnr.dll
[2008/04/13 20:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winrnr.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E965A533

< End of report >
  • 0

#5
Liz2012
Posted 04 July 2013 - 08:21 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 84.38 0 K 28 K 0
procexp.exe 15.63 16,268 K 22,324 K 1528 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts < 0.01 0 K 0 K n/a Hardware Interrupts and DPCs
wmiprvse.exe 2,420 K 4,860 K 2752 WMI Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
winlogon.exe 6,228 K 4,400 K 860 Windows NT Logon Application Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
vsnp2std.exe 632 K 2,580 K 2240 CameraMonitor Application Sonix (No signature was present in the subject) Sonix
tsnp2std.exe 876 K 2,920 K 2296 tsnp2std Microsoft (No signature was present in the subject)
System 0 K 236 K 4
svchost.exe 3,084 K 4,848 K 1220 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 1,900 K 4,308 K 1264 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 14,908 K 24,508 K 1388 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 1,408 K 3,596 K 1476 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 3,144 K 6,148 K 688 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
SSScheduler.exe 688 K 2,096 K 2556 McAfee Security Scanner Scheduler McAfee, Inc. (Verified) McAfee
spoolsv.exe 3,552 K 5,512 K 2024 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smss.exe 172 K 416 K 780 Windows NT Session Manager Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
services.exe 2,092 K 4,356 K 908 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Component Publisher
RTHDCPL.EXE 13,944 K 5,628 K 2248 Realtek HD Audio Control Panel Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
plugin-container.exe 42,504 K 45,752 K 3184 Plugin Container for Firefox Mozilla Corporation (Verified) Mozilla Corporation
nvsvc32.exe 2,040 K 3,568 K 560 NVIDIA Driver Helper Service, Version 82.05 NVIDIA Corporation (No signature was present in the subject) NVIDIA Corporation
MDM.EXE 968 K 2,900 K 528 Machine Debug Manager Microsoft Corporation (Verified) Microsoft Corporation
lsass.exe 3,824 K 6,152 K 920 LSA Shell (Export Version) Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
jusched.exe 844 K 2,996 K 2344 Java™ Update Scheduler Oracle Corporation (Verified) Oracle America
jqs.exe 1,988 K 1,412 K 496 Java Quick Starter Service Oracle Corporation (Verified) Oracle America
IMFsrv.exe 3,636 K 1,988 K 196 IObit Malware Fighter Service IObit (Verified) IObit Information Technology
IMF.exe 93,556 K 35,304 K 3356 IObit Malware Fighter IObit (Verified) IObit Information Technology
hpztsb12.exe 996 K 3,036 K 2264 HP (No signature was present in the subject) HP
HPZipm12.exe 536 K 1,788 K 604 PML Driver HP (No signature was present in the subject) HP
firefox.exe 175,944 K 182,396 K 3876 Firefox Mozilla Corporation (Verified) Mozilla Corporation
explorer.exe 23,976 K 33,796 K 1792 Windows Explorer Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
ctfmon.exe 928 K 3,704 K 2392 CTF Loader Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
csrss.exe 1,752 K 5,780 K 836 Client Server Runtime Process Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
Belkinwcui.exe 5,480 K 9,880 K 2280 Belkin Wireless Client Utility Belkin (No signature was present in the subject) Belkin
ASCTray.exe 9,552 K 10,984 K 2380 ASCTray IObit (Verified) IObit Information Technology
ASCSvc.exe 20,876 K 6,444 K 1084 Advanced SystemCare Service IObit (Verified) IObit Information Technology
ASCAvSvc.exe 14,072 K 11,160 K 1116 Advanced SystemCare Ultimate Service IOBit (Verified) IObit Information Technology
ASC.exe 60,140 K 2,036 K 3728 Advanced SystemCare Ultimate IObit (Verified) IObit Information Technology
ApplicationUpdater.exe 1,240 K 4,352 K 236 Application Updater Spigot, Inc. (Verified) Spigot
AluSchedulerSvc.exe 836 K 564 K 252 Automatic LiveUpdate Scheduler Service Symantec Corporation (Verified) Symantec Corporation
alg.exe 1,180 K 3,584 K 2152 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows Publisher
  • 0

#6
RKinner
Posted 04 July 2013 - 10:48 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Uninstall:
IObit Apps Toolbar v7.2
LiveUpdate 3.0 (Symantec Corporation)McAfee Security Scan Plus
LimeWire 4.12.11
IObit Malware Fighter
Yahoo! Toolbar
Ad-Aware
Spybot - Search & Destroy
ewido anti-spyware 4.0
Free File Viewer 2011


Copy the text in the code box by highlighting and Ctrl + c


:OTL
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {1F27F662-6E3E-4679-9E49-91C3D27E97C3}
IE - HKCU\..\SearchScopes\{1F27F662-6E3E-4679-9E49-91C3D27E97C3}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8081
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe (McAfee, Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

:files
type at1.job /c
at*.job

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.


Download aswMBR.exe to your desktop.
Double click aswMBR.exe
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Double click on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe and to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.
  • 0

#7
Liz2012
Posted 04 July 2013 - 11:34 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Before I do anything else, I removed everything except the following three:

Yahoo! Toolbar - I got a message each time I tried to remove it that said, "An error occured while trying to uninstall Yahoo! Toolbar."

Ad-Aware - Nothing would happen. At all.

Ewido - Not on my Add/Remove list.
  • 0

#8
RKinner
Posted 04 July 2013 - 11:38 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Don't worry about them. We will get them later. I'm going to be off line for a few hours. Got to go to a 4th of July thing.
  • 0

#9
Liz2012
Posted 06 July 2013 - 08:56 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Sorry, I was waiting for a response, which my email never told me had come. I will ignore those programs and follow the other instructions now.
  • 0

#10
Liz2012
Posted 06 July 2013 - 09:24 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
File C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F27F662-6E3E-4679-9E49-91C3D27E97C3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F27F662-6E3E-4679-9E49-91C3D27E97C3}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PCDrProfiler deleted successfully.
File move failed. C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk scheduled to be moved on reboot.
File C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== FILES ==========
< type at1.job /c >
C:\Documents and Settings\Compaq_Owner\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Compaq_Owner\Desktop\cmd.txt deleted successfully.
File\Folder at*.job not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Compaq_Owner
->Flash cache emptied: 1806 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: me
->Flash cache emptied: 1169748 bytes

User: NetworkService

Total Flash Files Cleaned = 1.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Compaq_Owner
->Java cache emptied: 0 bytes

User: Default User

User: LocalService

User: me
->Java cache emptied: 2710652 bytes

User: NetworkService

Total Java Files Cleaned = 3.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07062013_105715

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

Advertisements

#11
Liz2012
Posted 06 July 2013 - 10:25 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
ComboFix 13-07-06.03 - Compaq_Owner 07/06/2013 11:56:31.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.958.684 [GMT -4:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Compaq_Owner\Application Data\Adobe\manol.exe
c:\documents and settings\Compaq_Owner\Application Data\BC15C0
c:\documents and settings\Compaq_Owner\Application Data\Help\kernell32.dll
c:\documents and settings\Default User\WINDOWS
c:\hp\bin\cloaker.exe
c:\program files\dw.exe
C:\Thumbs.db
c:\windows\cegjkj.ini
c:\windows\gilkkj.ini
c:\windows\prtutv.ini
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\dumphive.exe
c:\windows\system32\F5D9050.dll
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\wininit.ini
.
c:\windows\system32\drivers\intelppm.sys . . . is missing!!
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_gaopdxserv.sys
-------\Legacy_USNJSVC
-------\Service_gaopdxserv.sys
-------\Service_usnjsvc
.
.
((((((((((((((((((((((((( Files Created from 2013-06-06 to 2013-07-06 )))))))))))))))))))))))))))))))
.
.
2013-07-06 15:38 . 2013-07-06 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-06 14:57 . 2013-07-06 14:57 -------- d-----w- C:\_OTL
2013-06-27 14:37 . 2013-06-27 14:36 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-27 14:37 . 2013-06-27 14:37 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-27 13:58 . 2013-06-27 13:58 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Sun
2013-06-25 16:35 . 2013-06-25 16:35 -------- d-----w- c:\program files\WinDirStat
2013-06-15 13:35 . 2013-06-15 13:35 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-15 13:35 . 2013-06-15 13:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-11 16:20 . 2013-07-04 17:25 -------- d-----w- c:\program files\Common Files\Spigot
2013-06-11 16:15 . 2013-06-11 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-06-11 16:15 . 2013-06-11 16:15 -------- d-----w- c:\documents and settings\Compaq_Owner\AppData
2013-06-11 16:15 . 2013-06-11 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
2013-06-11 16:14 . 2013-07-06 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2013-06-11 16:14 . 2013-06-25 14:42 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\IObit
2013-06-11 16:13 . 2013-07-06 15:38 -------- d-----w- c:\program files\IObit
2013-06-10 17:05 . 2013-06-10 17:05 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-10 17:05 . 2013-06-10 17:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-10 17:05 . 2013-06-10 17:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-10 17:05 . 2013-06-10 17:03 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-10 17:05 . 2013-06-10 17:02 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-06-09 23:12 . 2013-06-27 14:36 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-09 23:12 . 2013-06-27 14:36 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-09 22:44 . 2013-06-09 22:44 388096 ----a-r- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-09 22:37 . 2013-06-09 22:44 -------- d-----w- C:\HJT
2013-06-09 20:44 . 2013-06-09 20:44 -------- d-----w- c:\windows\system32\wbem\Repository
2013-06-09 20:41 . 2013-06-09 20:42 -------- d--h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2013-06-09 20:41 . 2013-06-09 20:41 -------- d-----w- c:\program files\Belkin
2013-06-09 20:41 . 2013-06-09 20:41 -------- d-----w- c:\program files\Common Files\Skype
2013-06-08 12:52 . 2013-06-08 12:52 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
2013-06-07 18:00 . 2013-06-09 20:41 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-06-07 18:00 . 2013-06-07 18:00 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 07:59 . 2013-05-01 07:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 07:59 . 2013-05-01 07:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
2001-06-15 16:30 . 2007-07-25 21:24 471098 -c----w- c:\program files\UNINSTAL.EXE
2001-06-14 17:25 . 2007-07-25 21:24 1040384 -c----w- c:\program files\SETUPENU.DLL
2001-06-12 14:51 . 2007-07-25 21:24 2826275 -c----w- c:\program files\zoo.exe
2001-06-12 14:20 . 2007-07-25 21:24 466997 -c----w- c:\program files\lang0.dll
2001-06-07 17:38 . 2007-07-25 21:24 118784 -c----w- c:\program files\res0.dll
2001-06-05 19:06 . 2007-07-25 21:24 45056 -c----w- c:\program files\ImeUiRes.dll
2001-06-05 18:24 . 2007-07-25 21:24 45056 -c----w- c:\program files\ImeUiResJpn.dll
2001-06-05 18:24 . 2007-07-25 21:24 45056 -c----w- c:\program files\ImeUiResEnu.dll
2001-05-10 15:15 . 2007-07-25 21:24 1112504 -c----w- c:\program files\dwdebug.exe
2001-03-14 18:29 . 2007-07-25 21:24 53300 -c----w- c:\program files\EBUEula.dll
2013-01-05 03:45 . 2013-06-25 15:48 262704 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp2std"="c:\windows\vsnp2std.exe" [2007-09-28 344064]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 16010240]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-25 7311360]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-12-14 176128]
"F5D9050"="c:\program files\Belkin\F5D9050\Belkinwcui.exe" [2006-02-14 1531904]
"tsnp2std"="c:\windows\tsnp2std.exe" [2007-05-10 270336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AutoLaunch"="c:\program files\Lavasoft\Ad-Aware\AutoLaunch.exe" [2011-06-19 669936]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk]
backup=c:\windows\pss\Compaq Connections.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
2011-06-19 01:35 528832 ----a-w- c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-05-11 10:37 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-04 11:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-01-09 20:11 3321856 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 20:09 20480 ----a-w- c:\windows\FixCamera.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-01 12:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWGU Messenger]
2007-11-30 15:03 172544 ----a-w- c:\program files\MyWGU Messenger\MyWGU-Messenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-01-25 02:15 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 07:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 17:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2013-06-09 20:58 4573184 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 11:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
2007-06-07 18:08 4670968 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gupdate1c8e225103c230"=2 (0x2)
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"AVG Anti-Spyware Guard"=2 (0x2)
"Viewpoint Manager Service"=2 (0x2)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\SteamApps\\jblack187\\counter-strike source\\hl2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\HP Rhapsody\\rhapsody.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Compaq_Owner\\Application Data\\Spotify\\spotify.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [1/31/2009 10:35 PM 64160]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [7/6/2013 11:38 AM 574272]
R3 BKNDIS5;BKNDIS5 NDIS Protocol Driver;c:\progra~1\Belkin\F5D9050\BKNDIS5.SYS [1/29/2008 3:59 PM 15872]
R3 StreamSurge;StreamSurge Driver (miniport);c:\windows\system32\drivers\ss.sys [1/29/2008 3:59 PM 19968]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [6/18/2011 9:35 PM 1036104]
S3 AdWatchDrv;AW Realtime Driver;\??\c:\windows\system32\drivers\AWRTPD.sys --> c:\windows\system32\drivers\AWRTPD.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [5/6/2008 4:06 PM 11520]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-06-19 01:35]
.
2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-15 13:35]
.
2013-07-06 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14 21:07]
.
2013-07-06 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14 21:07]
.
2013-07-06 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14 21:07]
.
2013-07-05 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14 21:07]
.
2013-07-06 c:\windows\Tasks\User_Feed_Synchronization-{A9870B1F-49B9-4EB1-AAE0-82C936D2C093}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = 127.0.0.1:8081
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF - ExtSQL: 2013-07-06 07:38; [email protected]; c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\[email protected]
FF - ExtSQL: !HIDDEN! 2009-09-07 03:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: dom.disable_window_status_change - true
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\Pin.lnk - c:\hp\bin\CLOAKER.EXE c:\hp\bin\PinToStart.bat
c:\documents and settings\Default User\Start Menu\Programs\Startup\Pin.lnk - c:\hp\bin\CLOAKER.EXE c:\hp\bin\PinToStart.bat
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard
MSConfigStartUp-AdobeUpdater - c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
MSConfigStartUp-APSDaemon - c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
MSConfigStartUp-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-06 12:09
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2496481031-3495026037-2938404796-1009\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2496481031-3495026037-2938404796-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{15D44A17-AC82-AD1A-8F0A-556EF45626A9}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"dbakbaaampdnlneddmjlbpoccjgbbpnmjmjajgad"=hex:69,61,66,6e,6c,66,62,6b,69,69,
69,69,70,66,69,6c,6e,61,00,00
"cbkkfcoibaeikplopigkiopdcopnkopkgojlhl"=hex:6a,61,66,6e,6c,66,67,6b,6d,66,61,
65,70,6e,6a,65,61,67,6b,6e,00,fb
"iaakbaaampdnlneddm"=hex:61,61,00,00
"hakkfcoibaeikplo"=hex:61,61,00,00
"iaelhdhfcnjjkkfblk"=hex:61,61,00,00
"abelhmakebpabannlabepfdfplpacgahpo"=hex:61,61,00,00
"maflicokfjepnmfegmgofclnkg"=hex:61,61,00,00
.
[HKEY_USERS\S-1-5-21-2496481031-3495026037-2938404796-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B29AB592-D35A-927A-CE65-EE8844743261}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"dbdmloegcfomcjhaokodppdcoldnmeafpjdjjkan"=hex:69,61,70,67,67,66,6a,64,6d,70,
68,67,6e,66,6d,62,61,67,00,00
"cbbmbejolefpbebdpejpogflddedbdolakfoep"=hex:6a,61,65,68,6c,65,68,6e,6c,63,6d,
6a,66,64,66,62,6a,6a,6f,70,00,e1
"abpmhghokoddmbccncmlkmfjccoklaapga"=hex:61,61,00,00
"maenkddmkmfhchlkefodmeipmb"=hex:61,61,00,00
.
[HKEY_USERS\S-1-5-21-2496481031-3495026037-2938404796-1009\Software\SecuROM\License information*]
"datasecu"=hex:3e,23,87,a1,ee,73,42,48,27,5c,54,39,79,7f,33,e2,54,a0,73,15,95,
5c,9f,fc,35,f3,0c,a7,34,5c,44,e1,f5,48,db,af,9e,65,37,d3,60,09,c8,9c,ce,51,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3540)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Completion time: 2013-07-06 12:15:00 - machine was rebooted
ComboFix-quarantined-files.txt 2013-07-06 16:14
.
Pre-Run: 15,761,448,960 bytes free
Post-Run: 15,961,960,448 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 64D8420C3AB602C7C52599F453C8C98C
D11C727E03BB7318DCDA069B06E652F0
  • 0

#12
Liz2012
Posted 06 July 2013 - 10:40 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
12:28:33.0046 3840 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:28:34.0000 3840 ============================================================
12:28:34.0031 3840 Current date / time: 2013/07/06 12:28:34.0000
12:28:34.0031 3840 SystemInfo:
12:28:34.0031 3840
12:28:34.0031 3840 OS Version: 5.1.2600 ServicePack: 2.0
12:28:34.0031 3840 Product type: Workstation
12:28:34.0031 3840 ComputerName: YOUR-D0F670B45A
12:28:34.0062 3840 UserName: Compaq_Owner
12:28:34.0062 3840 Windows directory: C:\WINDOWS
12:28:34.0062 3840 System windows directory: C:\WINDOWS
12:28:34.0062 3840 Processor architecture: Intel x86
12:28:34.0093 3840 Number of processors: 1
12:28:34.0093 3840 Page size: 0x1000
12:28:34.0093 3840 Boot type: Normal boot
12:28:34.0093 3840 ============================================================
12:28:40.0562 3840 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:28:40.0625 3840 ============================================================
12:28:40.0625 3840 \Device\Harddisk0\DR0:
12:28:40.0656 3840 MBR partitions:
12:28:40.0687 3840 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0F5C48
12:28:40.0687 3840 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F9B48, BlocksNum 0xE99C79
12:28:40.0687 3840 ============================================================
12:28:41.0734 3840 C: <-> \Device\Harddisk0\DR0\Partition1
12:28:41.0765 3840 D: <-> \Device\Harddisk0\DR0\Partition2
12:28:41.0796 3840 ============================================================
12:28:41.0796 3840 Initialize success
12:28:41.0796 3840 ============================================================
12:28:55.0468 2776 ============================================================
12:28:55.0468 2776 Scan started
12:28:55.0468 2776 Mode: Manual;
12:28:55.0468 2776 ============================================================
12:28:55.0656 2776 ================ Scan system memory ========================
12:28:55.0656 2776 System memory - ok
12:28:55.0656 2776 ================ Scan services =============================
12:28:56.0062 2776 Abiosdsk - ok
12:28:56.0062 2776 abp480n5 - ok
12:28:56.0140 2776 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:28:56.0140 2776 ACPI - ok
12:28:56.0171 2776 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:28:56.0171 2776 ACPIEC - ok
12:28:56.0312 2776 [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
12:28:56.0312 2776 Adobe LM Service - ok
12:28:56.0406 2776 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:28:56.0421 2776 AdobeFlashPlayerUpdateSvc - ok
12:28:56.0421 2776 adpu160m - ok
12:28:56.0578 2776 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
12:28:56.0593 2776 AdvancedSystemCareService6 - ok
12:28:56.0593 2776 AdWatchDrv - ok
12:28:56.0718 2776 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
12:28:56.0718 2776 aec - ok
12:28:56.0765 2776 [ 2F7F3E8DA380325866E566F5D5EC23D5 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:28:56.0765 2776 AegisP - ok
12:28:56.0843 2776 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:28:56.0843 2776 AFD - ok
12:28:56.0843 2776 Aha154x - ok
12:28:56.0890 2776 aic78u2 - ok
12:28:56.0890 2776 aic78xx - ok
12:28:56.0937 2776 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:28:56.0937 2776 Alerter - ok
12:28:57.0000 2776 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
12:28:57.0000 2776 ALG - ok
12:28:57.0015 2776 AliIde - ok
12:28:57.0093 2776 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
12:28:57.0093 2776 AmdK8 - ok
12:28:57.0109 2776 amsint - ok
12:28:57.0125 2776 AppMgmt - ok
12:28:57.0171 2776 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:28:57.0171 2776 Arp1394 - ok
12:28:57.0203 2776 asc - ok
12:28:57.0203 2776 asc3350p - ok
12:28:57.0218 2776 asc3550 - ok
12:28:57.0390 2776 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:28:57.0390 2776 aspnet_state - ok
12:28:57.0453 2776 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:28:57.0453 2776 AsyncMac - ok
12:28:57.0500 2776 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:28:57.0500 2776 atapi - ok
12:28:57.0515 2776 Atdisk - ok
12:28:57.0531 2776 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:28:57.0531 2776 Atmarpc - ok
12:28:57.0593 2776 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:28:57.0593 2776 AudioSrv - ok
12:28:57.0671 2776 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:28:57.0671 2776 audstub - ok
12:28:57.0687 2776 [ 7270D070173B20AC9487EA16BB08B45F ] bb-run C:\WINDOWS\system32\DRIVERS\bb-run.sys
12:28:57.0687 2776 bb-run - ok
12:28:57.0703 2776 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:28:57.0703 2776 Beep - ok
12:28:57.0781 2776 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
12:28:57.0781 2776 BITS - ok
12:28:57.0875 2776 [ A40A990E37F6688012C5AD2AF2568116 ] BKNDIS5 C:\PROGRA~1\Belkin\F5D9050\BKNDIS5.SYS
12:28:57.0875 2776 BKNDIS5 - ok
12:28:57.0921 2776 [ ED910B63A75863A89AAB65F2763D5B71 ] BLKWGU(Belkin) C:\WINDOWS\system32\DRIVERS\BLKWGU.sys
12:28:57.0953 2776 BLKWGU(Belkin) - ok
12:28:58.0031 2776 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
12:28:58.0031 2776 Browser - ok
12:28:58.0046 2776 catchme - ok
12:28:58.0078 2776 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:28:58.0078 2776 cbidf2k - ok
12:28:58.0109 2776 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:28:58.0109 2776 CCDECODE - ok
12:28:58.0125 2776 cd20xrnt - ok
12:28:58.0171 2776 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:28:58.0171 2776 Cdaudio - ok
12:28:58.0187 2776 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:28:58.0218 2776 Cdfs - ok
12:28:58.0265 2776 [ 7B53584D94E9D8716B2DE91D5F1CB42D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:28:58.0265 2776 Cdrom - ok
12:28:58.0281 2776 Changer - ok
12:28:58.0328 2776 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:28:58.0328 2776 CiSvc - ok
12:28:58.0359 2776 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:28:58.0359 2776 ClipSrv - ok
12:28:58.0406 2776 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:28:58.0406 2776 clr_optimization_v2.0.50727_32 - ok
12:28:58.0421 2776 CmdIde - ok
12:28:58.0421 2776 COMSysApp - ok
12:28:58.0437 2776 Cpqarray - ok
12:28:58.0515 2776 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:28:58.0515 2776 CryptSvc - ok
12:28:58.0515 2776 dac2w2k - ok
12:28:58.0531 2776 dac960nt - ok
12:28:58.0609 2776 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:28:58.0609 2776 DcomLaunch - ok
12:28:58.0687 2776 [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:28:58.0687 2776 Dhcp - ok
12:28:58.0765 2776 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:28:58.0765 2776 Disk - ok
12:28:58.0781 2776 dmadmin - ok
12:28:58.0843 2776 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:28:58.0875 2776 dmboot - ok
12:28:58.0921 2776 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:28:58.0921 2776 dmio - ok
12:28:58.0937 2776 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:28:58.0937 2776 dmload - ok
12:28:58.0968 2776 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
12:28:58.0984 2776 dmserver - ok
12:28:59.0046 2776 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:28:59.0046 2776 DMusic - ok
12:28:59.0109 2776 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:28:59.0109 2776 Dnscache - ok
12:28:59.0109 2776 dpti2o - ok
12:28:59.0125 2776 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:28:59.0125 2776 drmkaud - ok
12:28:59.0234 2776 [ 1DF3D1BE3403D663827496E62D24CA4C ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:28:59.0234 2776 eeCtrl - ok
12:28:59.0281 2776 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:28:59.0281 2776 ERSvc - ok
12:28:59.0343 2776 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
12:28:59.0343 2776 Eventlog - ok
12:28:59.0406 2776 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
12:28:59.0406 2776 EventSystem - ok
12:28:59.0531 2776 ewido anti-spyware 4.0 driver - ok
12:28:59.0531 2776 ewido anti-spyware 4.0 guard - ok
12:28:59.0609 2776 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:28:59.0609 2776 Fastfat - ok
12:28:59.0671 2776 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:28:59.0671 2776 FastUserSwitchingCompatibility - ok
12:28:59.0718 2776 [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:28:59.0750 2776 Fax - ok
12:28:59.0765 2776 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
12:28:59.0765 2776 Fdc - ok
12:28:59.0812 2776 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:28:59.0812 2776 Fips - ok
12:28:59.0875 2776 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
12:28:59.0875 2776 Flpydisk - ok
12:28:59.0968 2776 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:29:00.0000 2776 FltMgr - ok
12:29:00.0093 2776 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:29:00.0093 2776 FontCache3.0.0.0 - ok
12:29:00.0140 2776 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:29:00.0156 2776 Fs_Rec - ok
12:29:00.0187 2776 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:29:00.0187 2776 Ftdisk - ok
12:29:00.0234 2776 [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2 C:\WINDOWS\system32\DRIVERS\ftsata2.sys
12:29:00.0265 2776 ftsata2 - ok
12:29:00.0312 2776 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:29:00.0312 2776 GEARAspiWDM - ok
12:29:00.0359 2776 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:29:00.0359 2776 Gpc - ok
12:29:00.0437 2776 gusvc - ok
12:29:00.0484 2776 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:29:00.0484 2776 HDAudBus - ok
12:29:00.0578 2776 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:29:00.0578 2776 helpsvc - ok
12:29:00.0593 2776 HidServ - ok
12:29:00.0640 2776 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:29:00.0656 2776 HidUsb - ok
12:29:00.0656 2776 hpn - ok
12:29:00.0718 2776 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:29:00.0750 2776 HPZid412 - ok
12:29:00.0796 2776 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:29:00.0796 2776 HPZipr12 - ok
12:29:00.0843 2776 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:29:00.0843 2776 HPZius12 - ok
12:29:00.0875 2776 [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] HSXHWBS2 C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
12:29:00.0875 2776 HSXHWBS2 - ok
12:29:00.0906 2776 [ A7F8C9228898A1E871D2AE7082F50AC3 ] HSX_DP C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
12:29:00.0921 2776 HSX_DP - ok
12:29:00.0968 2776 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:29:01.0000 2776 HTTP - ok
12:29:01.0031 2776 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:29:01.0031 2776 HTTPFilter - ok
12:29:01.0031 2776 i2omgmt - ok
12:29:01.0062 2776 i2omp - ok
12:29:01.0093 2776 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:29:01.0093 2776 i8042prt - ok
12:29:01.0171 2776 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
12:29:01.0187 2776 iaStor - ok
12:29:01.0281 2776 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:29:01.0281 2776 IDriverT - ok
12:29:01.0468 2776 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:29:01.0562 2776 idsvc - ok
12:29:01.0609 2776 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:29:01.0609 2776 Imapi - ok
12:29:01.0671 2776 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:29:01.0671 2776 ImapiService - ok
12:29:01.0687 2776 ini910u - ok
12:29:01.0906 2776 [ 64BE56B8858CA0153C725C720FFD194F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:29:01.0937 2776 IntcAzAudAddService - ok
12:29:01.0953 2776 [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:29:01.0953 2776 IntelIde - ok
12:29:01.0953 2776 intelppm - ok
12:29:02.0015 2776 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:29:02.0015 2776 Ip6Fw - ok
12:29:02.0031 2776 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:29:02.0031 2776 IpFilterDriver - ok
12:29:02.0046 2776 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:29:02.0046 2776 IpInIp - ok
12:29:02.0093 2776 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:29:02.0125 2776 IpNat - ok
12:29:02.0203 2776 [ DCB3796E0169419618C72F0CE34C68ED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:29:02.0234 2776 iPod Service - ok
12:29:02.0296 2776 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:29:02.0296 2776 IPSec - ok
12:29:02.0328 2776 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:29:02.0328 2776 IRENUM - ok
12:29:02.0375 2776 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:29:02.0375 2776 isapnp - ok
12:29:02.0421 2776 Isbuunhep - ok
12:29:02.0656 2776 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:29:02.0703 2776 JavaQuickStarterService - ok
12:29:02.0750 2776 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:29:02.0750 2776 Kbdclass - ok
12:29:02.0828 2776 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:29:02.0828 2776 kmixer - ok
12:29:02.0875 2776 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:29:02.0875 2776 KSecDD - ok
12:29:02.0937 2776 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:29:02.0937 2776 lanmanserver - ok
12:29:02.0984 2776 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:29:03.0000 2776 lanmanworkstation - ok
12:29:03.0109 2776 [ 193146149076B331C008C1C0AF6FA5B9 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
12:29:03.0171 2776 Lavasoft Ad-Aware Service - ok
12:29:03.0218 2776 [ 419590EBE7855215BB157EA0CF0D0531 ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
12:29:03.0218 2776 Lbd - ok
12:29:03.0218 2776 lbrtfdc - ok
12:29:03.0296 2776 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:29:03.0296 2776 LmHosts - ok
12:29:03.0296 2776 MCSTRM - ok
12:29:03.0390 2776 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:29:03.0437 2776 MDM - ok
12:29:03.0484 2776 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:29:03.0500 2776 mdmxsdk - ok
12:29:03.0546 2776 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:29:03.0546 2776 Messenger - ok
12:29:03.0578 2776 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:29:03.0578 2776 mnmdd - ok
12:29:03.0625 2776 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:29:03.0625 2776 mnmsrvc - ok
12:29:03.0671 2776 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:29:03.0671 2776 Modem - ok
12:29:03.0703 2776 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:29:03.0703 2776 Mouclass - ok
12:29:03.0750 2776 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:29:03.0750 2776 mouhid - ok
12:29:03.0765 2776 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:29:03.0765 2776 MountMgr - ok
12:29:03.0765 2776 mraid35x - ok
12:29:03.0875 2776 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:29:03.0875 2776 MRxDAV - ok
12:29:03.0968 2776 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:29:03.0984 2776 MRxSmb - ok
12:29:04.0000 2776 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:29:04.0000 2776 Msfs - ok
12:29:04.0031 2776 MSIServer - ok
12:29:04.0078 2776 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:29:04.0078 2776 MSKSSRV - ok
12:29:04.0093 2776 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:29:04.0093 2776 MSPCLOCK - ok
12:29:04.0093 2776 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:29:04.0093 2776 MSPQM - ok
12:29:04.0140 2776 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:29:04.0140 2776 mssmbios - ok
12:29:04.0171 2776 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:29:04.0171 2776 MSTEE - ok
12:29:04.0203 2776 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:29:04.0218 2776 Mup - ok
12:29:04.0281 2776 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:29:04.0281 2776 NABTSFEC - ok
12:29:04.0281 2776 navapsvc - ok
12:29:04.0328 2776 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:29:04.0328 2776 NDIS - ok
12:29:04.0359 2776 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:29:04.0375 2776 NdisIP - ok
12:29:04.0406 2776 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:29:04.0406 2776 NdisTapi - ok
12:29:04.0453 2776 [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:29:04.0453 2776 Ndisuio - ok
12:29:04.0500 2776 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:29:04.0500 2776 NdisWan - ok
12:29:04.0546 2776 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:29:04.0546 2776 NDProxy - ok
12:29:04.0593 2776 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:29:04.0593 2776 NetBIOS - ok
12:29:04.0609 2776 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:29:04.0625 2776 NetBT - ok
12:29:04.0656 2776 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
12:29:04.0703 2776 NetDDE - ok
12:29:04.0718 2776 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:29:04.0718 2776 NetDDEdsdm - ok
12:29:04.0765 2776 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:29:04.0765 2776 Netlogon - ok
12:29:04.0812 2776 [ 36739B39267914BA69AD0610A0299732 ] Netman C:\WINDOWS\System32\netman.dll
12:29:04.0812 2776 Netman - ok
12:29:04.0890 2776 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:29:04.0921 2776 NetTcpPortSharing - ok
12:29:04.0984 2776 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:29:04.0984 2776 NIC1394 - ok
12:29:05.0031 2776 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
12:29:05.0031 2776 Nla - ok
12:29:05.0078 2776 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:29:05.0093 2776 Npfs - ok
12:29:05.0156 2776 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:29:05.0171 2776 Ntfs - ok
12:29:05.0171 2776 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:29:05.0187 2776 NtLmSsp - ok
12:29:05.0250 2776 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:29:05.0250 2776 NtmsSvc - ok
12:29:05.0328 2776 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:29:05.0328 2776 Null - ok
12:29:05.0515 2776 [ CE58F42B11BE20A47C3D8D2F38DA254E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:29:05.0734 2776 nv - ok
12:29:05.0765 2776 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
12:29:05.0765 2776 NVENETFD - ok
12:29:05.0781 2776 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
12:29:05.0781 2776 nvnetbus - ok
12:29:05.0828 2776 [ 95CAEC95D6777CE7D6B7091BC4D91CEB ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
12:29:05.0828 2776 NVSvc - ok
12:29:05.0906 2776 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:29:05.0906 2776 NwlnkFlt - ok
12:29:05.0937 2776 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:29:05.0937 2776 NwlnkFwd - ok
12:29:05.0968 2776 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:29:05.0968 2776 ohci1394 - ok
12:29:06.0015 2776 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:29:06.0015 2776 Parport - ok
12:29:06.0046 2776 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:29:06.0046 2776 PartMgr - ok
12:29:06.0078 2776 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:29:06.0078 2776 ParVdm - ok
12:29:06.0109 2776 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:29:06.0109 2776 PCI - ok
12:29:06.0109 2776 PCIDump - ok
12:29:06.0187 2776 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:29:06.0187 2776 PCIIde - ok
12:29:06.0234 2776 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:29:06.0234 2776 Pcmcia - ok
12:29:06.0281 2776 PDCOMP - ok
12:29:06.0343 2776 PDFRAME - ok
12:29:06.0406 2776 PDRELI - ok
12:29:06.0437 2776 PDRFRAME - ok
12:29:06.0500 2776 perc2 - ok
12:29:06.0562 2776 perc2hib - ok
12:29:06.0734 2776 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
12:29:06.0734 2776 PlugPlay - ok
12:29:06.0812 2776 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
12:29:06.0812 2776 Pml Driver HPZ12 - ok
12:29:06.0828 2776 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:29:06.0828 2776 PolicyAgent - ok
12:29:06.0875 2776 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:29:06.0875 2776 PptpMiniport - ok
12:29:06.0890 2776 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
12:29:06.0890 2776 Processor - ok
12:29:07.0000 2776 Profos - ok
12:29:07.0031 2776 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:29:07.0031 2776 ProtectedStorage - ok
12:29:07.0078 2776 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:29:07.0093 2776 PSched - ok
12:29:07.0109 2776 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:29:07.0109 2776 Ptilink - ok
12:29:07.0125 2776 [ 0457E25BB122B854E267CF552DCDC370 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:29:07.0125 2776 PxHelp20 - ok
12:29:07.0125 2776 ql1080 - ok
12:29:07.0140 2776 Ql10wnt - ok
12:29:07.0140 2776 ql12160 - ok
12:29:07.0171 2776 ql1240 - ok
12:29:07.0187 2776 ql1280 - ok
12:29:07.0203 2776 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:29:07.0203 2776 RasAcd - ok
12:29:07.0234 2776 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:29:07.0250 2776 RasAuto - ok
12:29:07.0265 2776 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:29:07.0265 2776 Rasl2tp - ok
12:29:07.0312 2776 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan C:\WINDOWS\System32\rasmans.dll
12:29:07.0328 2776 RasMan - ok
12:29:07.0343 2776 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:29:07.0343 2776 RasPppoe - ok
12:29:07.0406 2776 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:29:07.0406 2776 Raspti - ok
12:29:07.0468 2776 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:29:07.0468 2776 Rdbss - ok
12:29:07.0484 2776 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:29:07.0515 2776 RDPCDD - ok
12:29:07.0562 2776 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:29:07.0562 2776 RDPWD - ok
12:29:07.0625 2776 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:29:07.0625 2776 RDSessMgr - ok
12:29:07.0671 2776 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:29:07.0671 2776 redbook - ok
12:29:07.0734 2776 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:29:07.0734 2776 RemoteAccess - ok
12:29:07.0781 2776 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
12:29:07.0812 2776 RpcLocator - ok
12:29:07.0828 2776 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\System32\rpcss.dll
12:29:07.0828 2776 RpcSs - ok
12:29:07.0890 2776 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:29:07.0906 2776 RSVP - ok
12:29:07.0953 2776 [ 7436BFD3A542CF6FF55097200031B293 ] RT73 C:\WINDOWS\system32\DRIVERS\rt73.sys
12:29:07.0953 2776 RT73 - ok
12:29:07.0984 2776 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:29:07.0984 2776 rtl8139 - ok
12:29:08.0015 2776 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
12:29:08.0015 2776 SamSs - ok
12:29:08.0078 2776 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:29:08.0078 2776 SCardSvr - ok
12:29:08.0093 2776 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:29:08.0093 2776 Schedule - ok
12:29:08.0140 2776 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:29:08.0140 2776 Secdrv - ok
12:29:08.0187 2776 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
12:29:08.0187 2776 seclogon - ok
12:29:08.0203 2776 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
12:29:08.0203 2776 SENS - ok
12:29:08.0265 2776 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
12:29:08.0265 2776 Serial - ok
12:29:08.0328 2776 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:29:08.0328 2776 Sfloppy - ok
12:29:08.0375 2776 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:29:08.0421 2776 SharedAccess - ok
12:29:08.0453 2776 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:29:08.0453 2776 ShellHWDetection - ok
12:29:08.0484 2776 Simbad - ok
12:29:08.0531 2776 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:29:08.0531 2776 SLIP - ok
12:29:09.0031 2776 [ 11FEB56E945687BD356CADB4F62DA199 ] SNP2STD C:\WINDOWS\system32\DRIVERS\snp2sxp.sys
12:29:09.0593 2776 SNP2STD - ok
12:29:09.0640 2776 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
12:29:09.0640 2776 SONYPVU1 - ok
12:29:09.0640 2776 Sparrow - ok
12:29:09.0671 2776 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:29:09.0687 2776 splitter - ok
12:29:09.0734 2776 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:29:09.0734 2776 Spooler - ok
12:29:09.0781 2776 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:29:09.0781 2776 sr - ok
12:29:09.0828 2776 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
12:29:09.0843 2776 srservice - ok
12:29:09.0890 2776 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:29:09.0906 2776 Srv - ok
12:29:09.0937 2776 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:29:09.0937 2776 SSDPSRV - ok
12:29:09.0984 2776 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:29:10.0000 2776 stisvc - ok
12:29:10.0031 2776 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:29:10.0031 2776 streamip - ok
12:29:10.0078 2776 [ 21017E14E92B65F157AE30BE7BADAF5E ] StreamSurge C:\WINDOWS\system32\DRIVERS\ss.sys
12:29:10.0078 2776 StreamSurge - ok
12:29:10.0140 2776 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:29:10.0140 2776 swenum - ok
12:29:10.0187 2776 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:29:10.0187 2776 swmidi - ok
12:29:10.0203 2776 SwPrv - ok
12:29:10.0203 2776 symc810 - ok
12:29:10.0250 2776 symc8xx - ok
12:29:10.0250 2776 sym_hi - ok
12:29:10.0265 2776 sym_u3 - ok
12:29:10.0312 2776 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:29:10.0312 2776 sysaudio - ok
12:29:10.0359 2776 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:29:10.0375 2776 SysmonLog - ok
12:29:10.0421 2776 [ FB78839B36025AA286A51289ED28B73E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:29:10.0421 2776 TapiSrv - ok
12:29:10.0484 2776 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:29:10.0484 2776 Tcpip - ok
12:29:10.0531 2776 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:29:10.0562 2776 TDPIPE - ok
12:29:10.0578 2776 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:29:10.0578 2776 TDTCP - ok
12:29:10.0609 2776 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:29:10.0609 2776 TermDD - ok
12:29:10.0671 2776 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
12:29:10.0671 2776 TermService - ok
12:29:10.0718 2776 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes C:\WINDOWS\System32\shsvcs.dll
12:29:10.0718 2776 Themes - ok
12:29:10.0734 2776 TosIde - ok
12:29:10.0781 2776 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:29:10.0781 2776 TrkWks - ok
12:29:10.0843 2776 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:29:10.0843 2776 Udfs - ok
12:29:10.0843 2776 ultra - ok
12:29:10.0875 2776 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:29:10.0875 2776 Update - ok
12:29:10.0937 2776 [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:29:10.0937 2776 upnphost - ok
12:29:10.0968 2776 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
12:29:10.0984 2776 UPS - ok
12:29:10.0984 2776 USBAAPL - ok
12:29:11.0031 2776 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:29:11.0046 2776 usbaudio - ok
12:29:11.0078 2776 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:29:11.0078 2776 usbccgp - ok
12:29:11.0125 2776 [ 7481D843E672B51039B7E8A161B746B8 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:29:11.0125 2776 usbehci - ok
12:29:11.0140 2776 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:29:11.0140 2776 usbhub - ok
12:29:11.0187 2776 [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:29:11.0187 2776 usbohci - ok
12:29:11.0234 2776 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:29:11.0234 2776 usbprint - ok
12:29:11.0296 2776 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:29:11.0296 2776 usbscan - ok
12:29:11.0296 2776 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:29:11.0312 2776 usbstor - ok
12:29:11.0343 2776 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:29:11.0343 2776 usbuhci - ok
12:29:11.0406 2776 [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
12:29:11.0406 2776 usbvideo - ok
12:29:11.0421 2776 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:29:11.0437 2776 VgaSave - ok
12:29:11.0468 2776 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:29:11.0468 2776 ViaIde - ok
12:29:11.0515 2776 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:29:11.0515 2776 VolSnap - ok
12:29:11.0578 2776 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
12:29:11.0625 2776 VSS - ok
12:29:11.0671 2776 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
12:29:11.0671 2776 W32Time - ok
12:29:11.0718 2776 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:29:11.0718 2776 Wanarp - ok
12:29:11.0796 2776 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
12:29:11.0796 2776 WDC_SAM - ok
12:29:11.0796 2776 WDICA - ok
12:29:11.0812 2776 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:29:11.0812 2776 wdmaud - ok
12:29:11.0859 2776 [ 265F534EF76832435AFBF771EC97176D ] WebClient C:\WINDOWS\System32\webclnt.dll
12:29:11.0875 2776 WebClient - ok
12:29:11.0906 2776 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsx C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
12:29:11.0937 2776 winachsx - ok
12:29:12.0031 2776 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:29:12.0031 2776 winmgmt - ok
12:29:12.0234 2776 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:29:12.0234 2776 WmdmPmSN - ok
12:29:12.0281 2776 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:29:12.0281 2776 WmiApSrv - ok
12:29:12.0312 2776 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:29:12.0312 2776 WS2IFSL - ok
12:29:12.0359 2776 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:29:12.0359 2776 wscsvc - ok
12:29:12.0406 2776 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:29:12.0406 2776 WSTCODEC - ok
12:29:12.0453 2776 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:29:12.0453 2776 wuauserv - ok
12:29:12.0500 2776 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:29:12.0515 2776 WudfPf - ok
12:29:12.0531 2776 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:29:12.0531 2776 WudfRd - ok
12:29:12.0562 2776 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:29:12.0578 2776 WudfSvc - ok
12:29:12.0625 2776 [ 9BE3612A127478B34700BEF4ACBA554D ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:29:12.0640 2776 WZCSVC - ok
12:29:12.0687 2776 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:29:12.0687 2776 xmlprov - ok
12:29:12.0687 2776 ZDPSp50 - ok
12:29:12.0765 2776 ================ Scan global ===============================
12:29:12.0796 2776 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
12:29:12.0843 2776 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
12:29:12.0875 2776 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
12:29:12.0890 2776 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
12:29:12.0890 2776 [Global] - ok
12:29:12.0890 2776 ================ Scan MBR ==================================
12:29:12.0921 2776 [ D11C727E03BB7318DCDA069B06E652F0 ] \Device\Harddisk0\DR0
12:29:14.0000 2776 \Device\Harddisk0\DR0 - ok
12:29:14.0000 2776 ================ Scan VBR ==================================
12:29:14.0015 2776 [ 339C5D80EA5904C134C712F8B6A45F2B ] \Device\Harddisk0\DR0\Partition1
12:29:14.0015 2776 \Device\Harddisk0\DR0\Partition1 - ok
12:29:14.0062 2776 [ 536328695D353981C626A49AFDCAF915 ] \Device\Harddisk0\DR0\Partition2
12:29:14.0062 2776 \Device\Harddisk0\DR0\Partition2 - ok
12:29:14.0078 2776 ============================================================
12:29:14.0078 2776 Scan finished
12:29:14.0078 2776 ============================================================
12:29:14.0078 1648 Detected object count: 0
12:29:14.0078 1648 Actual detected object count: 0
12:29:39.0828 3748 ============================================================
12:29:39.0828 3748 Scan started
12:29:39.0828 3748 Mode: Manual; SigCheck; TDLFS;
12:29:39.0828 3748 ============================================================
12:29:39.0968 3748 ================ Scan system memory ========================
12:29:39.0968 3748 System memory - ok
12:29:39.0968 3748 ================ Scan services =============================
12:29:40.0390 3748 Abiosdsk - ok
12:29:40.0390 3748 abp480n5 - ok
12:29:40.0453 3748 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:29:42.0671 3748 ACPI - ok
12:29:42.0687 3748 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:29:43.0031 3748 ACPIEC - ok
12:29:43.0203 3748 [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
12:29:43.0406 3748 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
12:29:43.0406 3748 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
12:29:43.0515 3748 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:29:43.0546 3748 AdobeFlashPlayerUpdateSvc - ok
12:29:43.0578 3748 adpu160m - ok
12:29:43.0750 3748 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
12:29:43.0812 3748 AdvancedSystemCareService6 - ok
12:29:43.0812 3748 AdWatchDrv - ok
12:29:43.0890 3748 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
12:29:44.0546 3748 aec - ok
12:29:44.0578 3748 [ 2F7F3E8DA380325866E566F5D5EC23D5 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:29:44.0703 3748 AegisP ( UnsignedFile.Multi.Generic ) - warning
12:29:44.0703 3748 AegisP - detected UnsignedFile.Multi.Generic (1)
12:29:44.0750 3748 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:29:45.0015 3748 AFD - ok
12:29:45.0015 3748 Aha154x - ok
12:29:45.0046 3748 aic78u2 - ok
12:29:45.0109 3748 aic78xx - ok
12:29:45.0203 3748 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:29:45.0625 3748 Alerter - ok
12:29:45.0656 3748 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
12:29:46.0000 3748 ALG - ok
12:29:46.0000 3748 AliIde - ok
12:29:46.0093 3748 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
12:29:46.0218 3748 AmdK8 - ok
12:29:46.0218 3748 amsint - ok
12:29:46.0234 3748 AppMgmt - ok
12:29:46.0265 3748 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:29:46.0671 3748 Arp1394 - ok
12:29:46.0703 3748 asc - ok
12:29:46.0718 3748 asc3350p - ok
12:29:46.0718 3748 asc3550 - ok
12:29:46.0890 3748 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:29:46.0968 3748 aspnet_state - ok
12:29:46.0984 3748 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:29:47.0359 3748 AsyncMac - ok
12:29:47.0390 3748 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:29:47.0796 3748 atapi - ok
12:29:47.0796 3748 Atdisk - ok
12:29:47.0890 3748 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:29:48.0328 3748 Atmarpc - ok
12:29:48.0359 3748 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:29:48.0687 3748 AudioSrv - ok
12:29:48.0703 3748 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:29:49.0125 3748 audstub - ok
12:29:49.0156 3748 [ 7270D070173B20AC9487EA16BB08B45F ] bb-run C:\WINDOWS\system32\DRIVERS\bb-run.sys
12:29:49.0375 3748 bb-run - ok
12:29:49.0390 3748 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:29:49.0750 3748 Beep - ok
12:29:49.0796 3748 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
12:29:50.0187 3748 BITS - ok
12:29:50.0296 3748 [ A40A990E37F6688012C5AD2AF2568116 ] BKNDIS5 C:\PROGRA~1\Belkin\F5D9050\BKNDIS5.SYS
12:29:50.0406 3748 BKNDIS5 ( UnsignedFile.Multi.Generic ) - warning
12:29:50.0406 3748 BKNDIS5 - detected UnsignedFile.Multi.Generic (1)
12:29:50.0453 3748 [ ED910B63A75863A89AAB65F2763D5B71 ] BLKWGU(Belkin) C:\WINDOWS\system32\DRIVERS\BLKWGU.sys
12:29:50.0687 3748 BLKWGU(Belkin) ( UnsignedFile.Multi.Generic ) - warning
12:29:50.0687 3748 BLKWGU(Belkin) - detected UnsignedFile.Multi.Generic (1)
12:29:50.0718 3748 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
12:29:51.0109 3748 Browser - ok
12:29:51.0109 3748 catchme - ok
12:29:51.0140 3748 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:29:51.0546 3748 cbidf2k - ok
12:29:51.0578 3748 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:29:51.0953 3748 CCDECODE - ok
12:29:51.0953 3748 cd20xrnt - ok
12:29:52.0000 3748 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:29:52.0390 3748 Cdaudio - ok
12:29:52.0437 3748 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:29:52.0812 3748 Cdfs - ok
12:29:52.0843 3748 [ 7B53584D94E9D8716B2DE91D5F1CB42D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:29:53.0187 3748 Cdrom - ok
12:29:53.0187 3748 Changer - ok
12:29:53.0250 3748 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:29:53.0671 3748 CiSvc - ok
12:29:53.0687 3748 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:29:54.0078 3748 ClipSrv - ok
12:29:54.0109 3748 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:29:54.0140 3748 clr_optimization_v2.0.50727_32 - ok
12:29:54.0140 3748 CmdIde - ok
12:29:54.0171 3748 COMSysApp - ok
12:29:54.0296 3748 Cpqarray - ok
12:29:54.0390 3748 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:29:54.0781 3748 CryptSvc - ok
12:29:54.0781 3748 dac2w2k - ok
12:29:54.0843 3748 dac960nt - ok
12:29:54.0937 3748 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:29:55.0187 3748 DcomLaunch - ok
12:29:55.0250 3748 [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:29:56.0062 3748 Dhcp - ok
12:29:56.0093 3748 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:29:56.0468 3748 Disk - ok
12:29:56.0468 3748 dmadmin - ok
12:29:56.0531 3748 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:29:56.0984 3748 dmboot - ok
12:29:57.0000 3748 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:29:57.0406 3748 dmio - ok
12:29:57.0421 3748 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:29:57.0781 3748 dmload - ok
12:29:57.0828 3748 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
12:29:58.0250 3748 dmserver - ok
12:29:58.0281 3748 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:29:58.0609 3748 DMusic - ok
12:29:58.0640 3748 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:29:59.0468 3748 Dnscache - ok
12:29:59.0468 3748 dpti2o - ok
12:29:59.0500 3748 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:29:59.0812 3748 drmkaud - ok
12:29:59.0921 3748 [ 1DF3D1BE3403D663827496E62D24CA4C ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:30:00.0687 3748 eeCtrl - ok
12:30:00.0718 3748 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:30:01.0078 3748 ERSvc - ok
12:30:01.0125 3748 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
12:30:01.0390 3748 Eventlog - ok
12:30:01.0468 3748 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
12:30:01.0609 3748 EventSystem - ok
12:30:01.0671 3748 ewido anti-spyware 4.0 driver - ok
12:30:01.0718 3748 ewido anti-spyware 4.0 guard - ok
12:30:01.0812 3748 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:30:02.0203 3748 Fastfat - ok
12:30:02.0265 3748 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:30:03.0140 3748 FastUserSwitchingCompatibility - ok
12:30:03.0171 3748 [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:30:03.0531 3748 Fax - ok
12:30:03.0562 3748 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
12:30:03.0921 3748 Fdc - ok
12:30:03.0937 3748 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:30:04.0296 3748 Fips - ok
12:30:04.0343 3748 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
12:30:04.0703 3748 Flpydisk - ok
12:30:04.0734 3748 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:30:05.0671 3748 FltMgr - ok
12:30:05.0765 3748 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:30:05.0796 3748 FontCache3.0.0.0 - ok
12:30:05.0828 3748 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:30:06.0265 3748 Fs_Rec - ok
12:30:06.0281 3748 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:30:06.0609 3748 Ftdisk - ok
12:30:06.0640 3748 [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2 C:\WINDOWS\system32\DRIVERS\ftsata2.sys
12:30:06.0812 3748 ftsata2 - ok
12:30:06.0843 3748 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:30:06.0843 3748 GEARAspiWDM - ok
12:30:06.0890 3748 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:30:07.0265 3748 Gpc - ok
12:30:07.0343 3748 gusvc - ok
12:30:07.0375 3748 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:30:07.0546 3748 HDAudBus - ok
12:30:07.0609 3748 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:30:08.0031 3748 helpsvc - ok
12:30:08.0031 3748 HidServ - ok
12:30:08.0093 3748 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:30:08.0500 3748 HidUsb - ok
12:30:08.0500 3748 hpn - ok
12:30:08.0546 3748 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:30:08.0765 3748 HPZid412 - ok
12:30:08.0796 3748 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:30:09.0015 3748 HPZipr12 - ok
12:30:09.0046 3748 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:30:09.0296 3748 HPZius12 - ok
12:30:09.0328 3748 [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] HSXHWBS2 C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
12:30:09.0531 3748 HSXHWBS2 - ok
12:30:09.0625 3748 [ A7F8C9228898A1E871D2AE7082F50AC3 ] HSX_DP C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
12:30:09.0828 3748 HSX_DP - ok
12:30:09.0859 3748 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:30:10.0015 3748 HTTP - ok
12:30:10.0031 3748 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:30:10.0375 3748 HTTPFilter - ok
12:30:10.0375 3748 i2omgmt - ok
12:30:10.0406 3748 i2omp - ok
12:30:10.0500 3748 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:30:10.0781 3748 i8042prt - ok
12:30:10.0875 3748 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
12:30:11.0093 3748 iaStor - ok
12:30:11.0171 3748 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:30:11.0312 3748 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:30:11.0312 3748 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:30:11.0453 3748 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:30:11.0562 3748 idsvc - ok
12:30:11.0578 3748 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:30:11.0921 3748 Imapi - ok
12:30:11.0953 3748 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:30:12.0296 3748 ImapiService - ok
12:30:12.0296 3748 ini910u - ok
12:30:12.0546 3748 [ 64BE56B8858CA0153C725C720FFD194F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:30:12.0921 3748 IntcAzAudAddService - ok
12:30:12.0937 3748 [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:30:13.0281 3748 IntelIde - ok
12:30:13.0281 3748 intelppm - ok
12:30:13.0312 3748 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:30:13.0640 3748 Ip6Fw - ok
12:30:13.0656 3748 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:30:13.0984 3748 IpFilterDriver - ok
12:30:14.0000 3748 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:30:14.0406 3748 IpInIp - ok
12:30:14.0484 3748 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:30:15.0390 3748 IpNat - ok
12:30:15.0453 3748 [ DCB3796E0169419618C72F0CE34C68ED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:30:15.0546 3748 iPod Service - ok
12:30:15.0578 3748 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:30:15.0906 3748 IPSec - ok
12:30:15.0921 3748 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:30:16.0234 3748 IRENUM - ok
12:30:16.0250 3748 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:30:16.0593 3748 isapnp - ok
12:30:16.0593 3748 Isbuunhep - ok
12:30:16.0734 3748 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:30:16.0781 3748 JavaQuickStarterService - ok
12:30:16.0828 3748 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:30:17.0156 3748 Kbdclass - ok
12:30:17.0187 3748 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:30:18.0062 3748 kmixer - ok
12:30:18.0093 3748 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:30:18.0265 3748 KSecDD - ok
12:30:18.0296 3748 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:30:19.0218 3748 lanmanserver - ok
12:30:19.0250 3748 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:30:19.0609 3748 lanmanworkstation - ok
12:30:19.0718 3748 [ 193146149076B331C008C1C0AF6FA5B9 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
12:30:19.0796 3748 Lavasoft Ad-Aware Service - ok
12:30:19.0828 3748 [ 419590EBE7855215BB157EA0CF0D0531 ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
12:30:19.0859 3748 Lbd - ok
12:30:19.0859 3748 lbrtfdc - ok
12:30:19.0921 3748 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:30:20.0234 3748 LmHosts - ok
12:30:20.0234 3748 MCSTRM - ok
12:30:20.0343 3748 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:30:20.0359 3748 MDM - ok
12:30:20.0406 3748 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:30:20.0562 3748 mdmxsdk - ok
12:30:20.0578 3748 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:30:20.0937 3748 Messenger - ok
12:30:20.0984 3748 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:30:21.0359 3748 mnmdd - ok
12:30:21.0390 3748 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:30:21.0750 3748 mnmsrvc - ok
12:30:21.0781 3748 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:30:22.0140 3748 Modem - ok
12:30:22.0203 3748 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:30:22.0625 3748 Mouclass - ok
12:30:22.0656 3748 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:30:23.0000 3748 mouhid - ok
12:30:23.0015 3748 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:30:23.0343 3748 MountMgr - ok
12:30:23.0343 3748 mraid35x - ok
12:30:23.0406 3748 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:30:24.0375 3748 MRxDAV - ok
12:30:24.0421 3748 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:30:24.0687 3748 MRxSmb - ok
12:30:24.0703 3748 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:30:25.0015 3748 Msfs - ok
12:30:25.0015 3748 MSIServer - ok
12:30:25.0062 3748 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:30:25.0421 3748 MSKSSRV - ok
12:30:25.0468 3748 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:30:25.0828 3748 MSPCLOCK - ok
12:30:25.0843 3748 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:30:26.0156 3748 MSPQM - ok
12:30:26.0171 3748 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:30:26.0546 3748 mssmbios - ok
12:30:26.0562 3748 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:30:26.0921 3748 MSTEE - ok
12:30:26.0984 3748 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:30:27.0406 3748 Mup - ok
12:30:27.0453 3748 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:30:27.0765 3748 NABTSFEC - ok
12:30:27.0765 3748 navapsvc - ok
12:30:27.0843 3748 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:30:28.0203 3748 NDIS - ok
12:30:28.0250 3748 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:30:28.0656 3748 NdisIP - ok
12:30:28.0656 3748 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:30:29.0000 3748 NdisTapi - ok
12:30:29.0015 3748 [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:30:29.0921 3748 Ndisuio - ok
12:30:29.0953 3748 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:30:30.0359 3748 NdisWan - ok
12:30:30.0375 3748 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:30:30.0750 3748 NDProxy - ok
12:30:30.0765 3748 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:30:31.0109 3748 NetBIOS - ok
12:30:31.0156 3748 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:30:31.0546 3748 NetBT - ok
12:30:31.0578 3748 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
12:30:31.0937 3748 NetDDE - ok
12:30:31.0953 3748 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:30:32.0296 3748 NetDDEdsdm - ok
12:30:32.0359 3748 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:30:32.0718 3748 Netlogon - ok
12:30:32.0765 3748 [ 36739B39267914BA69AD0610A0299732 ] Netman C:\WINDOWS\System32\netman.dll
12:30:33.0625 3748 Netman - ok
12:30:33.0671 3748 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:30:33.0687 3748 NetTcpPortSharing - ok
12:30:33.0718 3748 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:30:34.0093 3748 NIC1394 - ok
12:30:34.0125 3748 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
12:30:34.0453 3748 Nla - ok
12:30:34.0468 3748 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:30:34.0859 3748 Npfs - ok
12:30:34.0906 3748 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:30:35.0734 3748 Ntfs - ok
12:30:35.0750 3748 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:30:36.0062 3748 NtLmSsp - ok
12:30:36.0109 3748 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:30:36.0515 3748 NtmsSvc - ok
12:30:36.0546 3748 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:30:36.0906 3748 Null - ok
12:30:37.0031 3748 [ CE58F42B11BE20A47C3D8D2F38DA254E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:30:37.0453 3748 nv - ok
12:30:37.0468 3748 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
12:30:37.0703 3748 NVENETFD - ok
12:30:37.0718 3748 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
12:30:37.0890 3748 nvnetbus - ok
12:30:37.0921 3748 [ 95CAEC95D6777CE7D6B7091BC4D91CEB ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
12:30:38.0140 3748 NVSvc - ok
12:30:38.0156 3748 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:30:38.0500 3748 NwlnkFlt - ok
12:30:38.0515 3748 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:30:38.0843 3748 NwlnkFwd - ok
12:30:38.0906 3748 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:30:39.0234 3748 ohci1394 - ok
12:30:39.0250 3748 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:30:39.0640 3748 Parport - ok
12:30:39.0671 3748 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:30:40.0015 3748 PartMgr - ok
12:30:40.0062 3748 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:30:40.0468 3748 ParVdm - ok
12:30:40.0484 3748 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:30:40.0796 3748 PCI - ok
12:30:40.0796 3748 PCIDump - ok
12:30:40.0843 3748 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:30:41.0187 3748 PCIIde - ok
12:30:41.0203 3748 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:30:41.0578 3748 Pcmcia - ok
12:30:41.0578 3748 PDCOMP - ok
12:30:41.0609 3748 PDFRAME - ok
12:30:41.0671 3748 PDRELI - ok
12:30:41.0734 3748 PDRFRAME - ok
12:30:41.0796 3748 perc2 - ok
12:30:41.0828 3748 perc2hib - ok
12:30:42.0031 3748 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
12:30:42.0328 3748 PlugPlay - ok
12:30:42.0359 3748 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
12:30:42.0515 3748 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:30:42.0515 3748 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:30:42.0531 3748 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:30:42.0843 3748 PolicyAgent - ok
12:30:42.0890 3748 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:30:43.0203 3748 PptpMiniport - ok
12:30:43.0218 3748 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
12:30:43.0656 3748 Processor - ok
12:30:43.0703 3748 Profos - ok
12:30:43.0750 3748 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:30:44.0062 3748 ProtectedStorage - ok
12:30:44.0109 3748 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:30:44.0468 3748 PSched - ok
12:30:44.0515 3748 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:30:44.0843 3748 Ptilink - ok
12:30:44.0843 3748 [ 0457E25BB122B854E267CF552DCDC370 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:30:45.0000 3748 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
12:30:45.0000 3748 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
12:30:45.0000 3748 ql1080 - ok
12:30:45.0031 3748 Ql10wnt - ok
12:30:45.0093 3748 ql12160 - ok
12:30:45.0156 3748 ql1240 - ok
12:30:45.0218 3748 ql1280 - ok
12:30:45.0265 3748 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:30:45.0640 3748 RasAcd - ok
12:30:45.0656 3748 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:30:46.0062 3748 RasAuto - ok
12:30:46.0078 3748 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:30:46.0390 3748 Rasl2tp - ok
12:30:46.0437 3748 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan C:\WINDOWS\System32\rasmans.dll
12:30:47.0359 3748 RasMan - ok
12:30:47.0375 3748 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:30:47.0750 3748 RasPppoe - ok
12:30:47.0781 3748 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:30:48.0140 3748 Raspti - ok
12:30:48.0171 3748 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:30:49.0078 3748 Rdbss - ok
12:30:49.0093 3748 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:30:49.0437 3748 RDPCDD - ok
12:30:49.0500 3748 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:30:50.0312 3748 RDPWD - ok
12:30:50.0375 3748 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:30:50.0718 3748 RDSessMgr - ok
12:30:50.0750 3748 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:30:51.0125 3748 redbook - ok
12:30:51.0171 3748 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:30:51.0531 3748 RemoteAccess - ok
12:30:51.0562 3748 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
12:30:51.0937 3748 RpcLocator - ok
12:30:51.0968 3748 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\System32\rpcss.dll
12:30:52.0312 3748 RpcSs - ok
12:30:52.0390 3748 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:30:52.0750 3748 RSVP - ok
12:30:52.0781 3748 [ 7436BFD3A542CF6FF55097200031B293 ] RT73 C:\WINDOWS\system32\DRIVERS\rt73.sys
12:30:52.0906 3748 RT73 ( UnsignedFile.Multi.Generic ) - warning
12:30:52.0906 3748 RT73 - detected UnsignedFile.Multi.Generic (1)
12:30:52.0921 3748 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:30:53.0281 3748 rtl8139 - ok
12:30:53.0296 3748 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
12:30:53.0656 3748 SamSs - ok
12:30:53.0718 3748 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:30:54.0156 3748 SCardSvr - ok
12:30:54.0203 3748 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:30:54.0546 3748 Schedule - ok
12:30:54.0578 3748 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:30:55.0515 3748 Secdrv - ok
12:30:55.0546 3748 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
12:30:55.0890 3748 seclogon - ok
12:30:55.0921 3748 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
12:30:56.0328 3748 SENS - ok
12:30:56.0375 3748 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
12:30:56.0734 3748 Serial - ok
12:30:56.0812 3748 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:30:57.0187 3748 Sfloppy - ok
12:30:57.0265 3748 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:30:57.0625 3748 SharedAccess - ok
12:30:57.0640 3748 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:30:58.0453 3748 ShellHWDetection - ok
12:30:58.0453 3748 Simbad - ok
12:30:58.0515 3748 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:30:58.0906 3748 SLIP - ok
12:30:59.0375 3748 [ 11FEB56E945687BD356CADB4F62DA199 ] SNP2STD C:\WINDOWS\system32\DRIVERS\snp2sxp.sys
12:31:00.0437 3748 SNP2STD ( UnsignedFile.Multi.Generic ) - warning
12:31:00.0437 3748 SNP2STD - detected UnsignedFile.Multi.Generic (1)
12:31:00.0453 3748 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
12:31:00.0812 3748 SONYPVU1 - ok
12:31:00.0843 3748 Sparrow - ok
12:31:00.0875 3748 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:31:01.0750 3748 splitter - ok
12:31:01.0781 3748 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:31:02.0765 3748 Spooler - ok
12:31:02.0796 3748 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:31:03.0109 3748 sr - ok
12:31:03.0140 3748 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
12:31:03.0453 3748 srservice - ok
12:31:03.0500 3748 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:31:03.0671 3748 Srv - ok
12:31:03.0687 3748 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:31:04.0015 3748 SSDPSRV - ok
12:31:04.0046 3748 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:31:04.0859 3748 stisvc - ok
12:31:04.0875 3748 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:31:05.0187 3748 streamip - ok
12:31:05.0218 3748 [ 21017E14E92B65F157AE30BE7BADAF5E ] StreamSurge C:\WINDOWS\system32\DRIVERS\ss.sys
12:31:05.0390 3748 StreamSurge - ok
12:31:05.0421 3748 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:31:05.0796 3748 swenum - ok
12:31:05.0843 3748 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:31:06.0234 3748 swmidi - ok
12:31:06.0234 3748 SwPrv - ok
12:31:06.0296 3748 symc810 - ok
12:31:06.0328 3748 symc8xx - ok
12:31:06.0390 3748 sym_hi - ok
12:31:06.0453 3748 sym_u3 - ok
12:31:06.0546 3748 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:31:06.0921 3748 sysaudio - ok
12:31:06.0984 3748 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:31:07.0421 3748 SysmonLog - ok
12:31:07.0468 3748 [ FB78839B36025AA286A51289ED28B73E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:31:08.0406 3748 TapiSrv - ok
12:31:08.0453 3748 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:31:08.0734 3748 Tcpip - ok
12:31:08.0750 3748 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:31:09.0171 3748 TDPIPE - ok
12:31:09.0187 3748 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:31:09.0500 3748 TDTCP - ok
12:31:09.0515 3748 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:31:09.0875 3748 TermDD - ok
12:31:09.0953 3748 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
12:31:10.0312 3748 TermService - ok
12:31:10.0328 3748 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes C:\WINDOWS\System32\shsvcs.dll
12:31:11.0187 3748 Themes - ok
12:31:11.0187 3748 TosIde - ok
12:31:11.0265 3748 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:31:11.0625 3748 TrkWks - ok
12:31:11.0687 3748 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:31:12.0062 3748 Udfs - ok
12:31:12.0062 3748 ultra - ok
12:31:12.0109 3748 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:31:12.0468 3748 Update - ok
12:31:12.0515 3748 [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:31:13.0375 3748 upnphost - ok
12:31:13.0406 3748 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
12:31:13.0812 3748 UPS - ok
12:31:13.0812 3748 USBAAPL - ok
12:31:13.0906 3748 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:31:14.0328 3748 usbaudio - ok
12:31:14.0390 3748 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:31:14.0750 3748 usbccgp - ok
12:31:14.0781 3748 [ 7481D843E672B51039B7E8A161B746B8 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:31:15.0656 3748 usbehci - ok
12:31:15.0671 3748 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:31:16.0062 3748 usbhub - ok
12:31:16.0093 3748 [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:31:16.0453 3748 usbohci - ok
12:31:16.0484 3748 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:31:16.0843 3748 usbprint - ok
12:31:16.0875 3748 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:31:17.0296 3748 usbscan - ok
12:31:17.0343 3748 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:31:17.0750 3748 usbstor - ok
12:31:17.0781 3748 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:31:18.0109 3748 usbuhci - ok
12:31:18.0140 3748 [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
12:31:18.0500 3748 usbvideo - ok
12:31:18.0515 3748 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:31:18.0875 3748 VgaSave - ok
12:31:18.0921 3748 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:31:19.0312 3748 ViaIde - ok
12:31:19.0343 3748 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:31:19.0703 3748 VolSnap - ok
12:31:19.0734 3748 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
12:31:20.0093 3748 VSS - ok
12:31:20.0109 3748 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
12:31:20.0468 3748 W32Time - ok
12:31:20.0531 3748 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:31:20.0921 3748 Wanarp - ok
12:31:20.0953 3748 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
12:31:21.0187 3748 WDC_SAM - ok
12:31:21.0187 3748 WDICA - ok
12:31:21.0234 3748 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:31:22.0171 3748 wdmaud - ok
12:31:22.0203 3748 [ 265F534EF76832435AFBF771EC97176D ] WebClient C:\WINDOWS\System32\webclnt.dll
12:31:23.0187 3748 WebClient - ok
12:31:23.0234 3748 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsx C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
12:31:23.0375 3748 winachsx - ok
12:31:23.0453 3748 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:31:23.0843 3748 winmgmt - ok
12:31:23.0968 3748 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:31:24.0156 3748 WmdmPmSN - ok
12:31:24.0218 3748 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:31:24.0593 3748 WmiApSrv - ok
12:31:24.0640 3748 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:31:25.0078 3748 WS2IFSL - ok
12:31:25.0109 3748 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:31:25.0468 3748 wscsvc - ok
12:31:25.0484 3748 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:31:25.0875 3748 WSTCODEC - ok
12:31:25.0906 3748 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:31:26.0281 3748 wuauserv - ok
12:31:26.0343 3748 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:31:26.0531 3748 WudfPf - ok
12:31:26.0593 3748 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:31:26.0781 3748 WudfRd - ok
12:31:26.0812 3748 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:31:27.0031 3748 WudfSvc - ok
12:31:27.0078 3748 [ 9BE3612A127478B34700BEF4ACBA554D ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:31:27.0953 3748 WZCSVC - ok
12:31:27.0984 3748 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:31:28.0328 3748 xmlprov - ok
12:31:28.0359 3748 ZDPSp50 - ok
12:31:28.0421 3748 ================ Scan global ===============================
12:31:28.0468 3748 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
12:31:28.0515 3748 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
12:31:28.0531 3748 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
12:31:28.0562 3748 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
12:31:28.0562 3748 [Global] - ok
12:31:28.0562 3748 ================ Scan MBR ==================================
12:31:28.0593 3748 [ D11C727E03BB7318DCDA069B06E652F0 ] \Device\Harddisk0\DR0
12:31:30.0015 3748 \Device\Harddisk0\DR0 - ok
12:31:30.0015 3748 ================ Scan VBR ==================================
12:31:30.0031 3748 [ 339C5D80EA5904C134C712F8B6A45F2B ] \Device\Harddisk0\DR0\Partition1
12:31:30.0031 3748 \Device\Harddisk0\DR0\Partition1 - ok
12:31:30.0078 3748 [ 536328695D353981C626A49AFDCAF915 ] \Device\Harddisk0\DR0\Partition2
12:31:30.0078 3748 \Device\Harddisk0\DR0\Partition2 - ok
12:31:30.0078 3748 ============================================================
12:31:30.0078 3748 Scan finished
12:31:30.0109 3748 ============================================================
12:31:30.0234 3668 Detected object count: 9
12:31:30.0234 3668 Actual detected object count: 9
12:38:13.0375 3668 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0375 3668 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:13.0406 3668 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0406 3668 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:13.0406 3668 BKNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0406 3668 BKNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:13.0437 3668 BLKWGU(Belkin) ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0437 3668 BLKWGU(Belkin) ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:13.0437 3668 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0437 3668 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:13.0468 3668 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0468 3668 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:13.0468 3668 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0468 3668 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:13.0500 3668 RT73 ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0500 3668 RT73 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:13.0531 3668 SNP2STD ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:13.0531 3668 SNP2STD ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#13
Liz2012
Posted 06 July 2013 - 10:59 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Vino's Event Viewer v01c run on Windows XP in English
Report run at 06/07/2013 12:56:10 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/07/2013 12:48:15 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: ewido anti-spyware 4.0 driver

Log: 'System' Date/Time: 06/07/2013 12:48:12 PM
Type: error Category: 0
Event: 19 Source: Print
Sharing printer failed + 1722, Printer Microsoft XPS Document Writer share name Printer.

Log: 'System' Date/Time: 06/07/2013 12:48:12 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Norton AntiVirus Auto-Protect Service service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 06/07/2013 12:48:12 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The MCSTRM service failed to start due to the following error: The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






Vino's Event Viewer v01c run on Windows XP in English
Report run at 06/07/2013 12:57:18 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#14
Liz2012
Posted 07 July 2013 - 08:29 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
OTL logfile created on: 7/6/2013 12:58:25 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 414.14 Mb Available Physical Memory | 43.21% Memory free
2.26 Gb Paging File | 1.82 Gb Available in Paging File | 80.44% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.48 Gb Total Space | 14.90 Gb Free Space | 14.26% Space Free | Partition Type: NTFS
Drive D: | 7.29 Gb Total Space | 0.57 Gb Free Space | 7.82% Space Free | Partition Type: FAT32

Computer Name: YOUR-D0F670B45A | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (All) ==========

PRC - [2013/07/04 09:46:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2013/06/27 10:37:00 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/06/25 11:48:59 | 000,017,304 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/03/12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009/02/06 12:39:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008/04/21 06:02:07 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2007/09/28 16:32:26 | 000,344,064 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 17:05:22 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp2std.exe
PRC - [2006/03/08 07:54:04 | 016,010,240 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2006/02/14 15:19:28 | 001,531,904 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
PRC - [2006/01/24 22:15:00 | 000,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2005/06/10 19:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004/12/14 12:07:44 | 000,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
PRC - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004/08/04 07:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004/08/04 07:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004/08/04 07:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/08/04 07:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004/08/04 07:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


========== Modules (No Company Name) ==========

MOD - [2013/06/25 11:49:01 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/06/15 09:35:26 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
MOD - [2013/01/15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll
MOD - [2007/05/10 17:05:22 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp2std.exe
MOD - [2006/02/14 15:16:12 | 000,106,496 | ---- | M] () -- C:\Program Files\Belkin\F5D9050\blkwcapi.dll
MOD - [2006/02/13 16:49:34 | 000,167,936 | ---- | M] () -- C:\Program Files\Belkin\F5D9050\BelkinwcuiDLL.dll
MOD - [2006/02/13 16:49:32 | 000,061,440 | ---- | M] () -- C:\Program Files\Belkin\F5D9050\BelkinHWStatus.dll
MOD - [2006/01/24 22:15:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2005/08/10 16:36:52 | 000,045,056 | ---- | M] () -- C:\Program Files\Belkin\F5D9050\Security.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.exe -- (ewido anti-spyware 4.0 guard)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/27 10:37:00 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/15 09:35:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2011/06/18 21:35:27 | 001,036,104 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\Compaq_Owner\Desktop\ewido anti-spyware 4.0\guard.sys -- (ewido anti-spyware 4.0 driver)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AWRTPD.sys -- (AdWatchDrv)
DRV - [2009/04/27 21:35:17 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/09/05 13:48:24 | 012,212,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2007/02/06 05:00:00 | 000,383,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2006/03/08 16:27:12 | 004,246,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/03/03 17:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 17:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/06 14:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 14:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/11/24 20:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/11/10 14:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)
DRV - [2005/06/29 20:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)
DRV - [2005/06/18 03:48:46 | 000,019,968 | ---- | M] (WikiTek Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ss.sys -- (StreamSurge)
DRV - [2005/03/09 17:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/02 14:47:54 | 000,015,872 | ---- | M] (Gemtek Technology Co.) [Kernel | On_Demand | Running] -- C:\Program Files\Belkin\F5D9050\BKNDIS5.sys -- (BKNDIS5)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/11/05 10:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{92B4B7F0-F2AD-4A79-9913-E8F1AD59856D}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8081

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=800236"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07076007
FF - prefs.js..keyword.URL: "http://search.yahoo....type=800236&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/25 11:48:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/25 11:48:34 | 000,000,000 | ---D | M]

[2010/02/20 20:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2013/07/06 11:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions
[2008/08/14 17:22:51 | 000,000,000 | ---D | M] (Coupon Manager) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\{0C7E3F01-99E9-4095-9BDC-F84724960B57}
[2013/07/06 11:38:23 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\[email protected]
[2013/01/16 13:47:29 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/06/15 13:37:27 | 000,000,904 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u93cldav.default\searchplugins\yahoo.xml
[2013/06/25 11:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/25 11:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/25 11:49:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES\IOBIT APPS TOOLBAR\FF
[2013/01/04 23:45:48 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/25 20:22:51 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/02/25 20:22:51 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2006/01/18 12:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2009/09/11 15:36:42 | 000,067,072 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npWebSentinelHelper.dll

O1 HOSTS File: ([2013/07/06 12:09:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80443072-5384-4D29-A197-604ECE8884D8}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97DA57EB-F12A-4A3A-A37B-94252252CD58}: DhcpNameServer = 192.168.2.1 24.25.5.61 24.25.5.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB51BA5C-F6F4-4E13-B2A5-5A4842ABA078}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/05 02:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "gupdate1c8e225103c230"
MsConfig - Services: "AVGEMS"
MsConfig - Services: "Avg7UpdSvc"
MsConfig - Services: "Avg7Alrt"
MsConfig - Services: "AVG Anti-Spyware Guard"
MsConfig - Services: "Viewpoint Manager Service"
MsConfig - Services: "avast! Web Scanner"
MsConfig - Services: "avast! Mail Scanner"
MsConfig - Services: "avast! Antivirus"
MsConfig - Services: "aswUpdSv"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe - (Adobe Systems Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe - (Hewlett-Packard)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - - File not found
MsConfig - StartUpReg: Ad-Watch - hkey= - key= - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
MsConfig - StartUpReg: FixCamera - hkey= - key= - C:\WINDOWS\FixCamera.exe ()
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: MyWGU Messenger - hkey= - key= - C:\Program Files\MyWGU Messenger\MyWGU-Messenger.exe (Jive Software)
MsConfig - StartUpReg: nwiz - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Spotify - hkey= - key= - C:\Documents and Settings\Compaq_Owner\Application Data\Spotify\spotify.exe (Spotify Ltd)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
MsConfig - StartUpReg: Yahoo! Pager - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6F7EB061-99F6-4775-DE6F-6917C00A592E} - Java (Sun)
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/07/06 12:26:53 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
[2013/07/06 11:49:46 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/07/06 11:39:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/07/06 11:39:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/07/06 11:39:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/07/06 11:39:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/07/06 11:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/07/06 11:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 6
[2013/07/06 11:34:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/07/06 11:34:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/07/06 11:31:02 | 005,086,173 | R--- | C] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2013/07/06 10:57:29 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2013/07/06 10:57:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/04 10:06:29 | 002,756,800 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Compaq_Owner\Desktop\procexp.exe
[2013/07/04 09:46:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/06/27 10:37:21 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/27 10:37:21 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/27 10:37:16 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/27 10:37:16 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/27 10:37:16 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/27 09:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Sun
[2013/06/25 12:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
[2013/06/25 12:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\WinDirStat
[2013/06/25 11:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/15 09:35:28 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/15 09:35:28 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2013/06/11 12:15:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013/06/11 12:15:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\AppData
[2013/06/11 12:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013/06/11 12:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2013/06/11 12:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit
[2013/06/11 12:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013/06/10 12:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2013/06/09 19:15:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2013/06/09 19:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2013/06/09 19:12:38 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/09 19:12:38 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/09 18:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\HiJackThis
[2013/06/09 18:37:34 | 000,000,000 | ---D | C] -- C:\HJT
[2013/06/09 16:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2013/06/09 16:41:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\BrowserPlus
[2013/06/09 16:41:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2013/06/09 16:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Belkin Wireless Network Utility
[2013/06/09 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2013/06/09 16:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/06/09 16:41:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/06/09 16:40:59 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/06/08 08:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
[2013/06/07 14:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/06/07 14:00:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2007/12/06 01:33:46 | 002,826,275 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\zoo.exe
[2007/12/06 01:33:46 | 001,112,504 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\dwdebug.exe
[2007/12/06 01:33:46 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\SETUPENU.DLL
[2007/12/06 01:33:46 | 000,471,098 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\UNINSTAL.EXE
[2007/12/06 01:33:46 | 000,466,997 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\lang0.dll
[2007/12/06 01:33:46 | 000,161,184 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\dw.exe
[2007/12/06 01:33:46 | 000,118,784 | ---- | C] (Blue Fang Games, LLC) -- C:\Documents and Settings\Compaq_Owner\res0.dll
[2007/12/06 01:33:45 | 000,053,300 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\EBUEula.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiResJpn.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiResEnu.dll
[2007/12/06 01:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\ImeUiRes.dll
[2007/07/25 17:24:28 | 002,826,275 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\zoo.exe
[2007/07/25 17:24:28 | 001,112,504 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dwdebug.exe
[2007/07/25 17:24:28 | 000,471,098 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UNINSTAL.EXE
[2007/07/25 17:24:27 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Program Files\SETUPENU.DLL
[2007/07/25 17:24:27 | 000,466,997 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\lang0.dll
[2007/07/25 17:24:27 | 000,118,784 | ---- | C] (Blue Fang Games, LLC) -- C:\Program Files\res0.dll
[2007/07/25 17:24:27 | 000,053,300 | ---- | C] (Microsoft Corporation) -- C:\Program Files\EBUEula.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiResJpn.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiResEnu.dll
[2007/07/25 17:24:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ImeUiRes.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/06 13:15:00 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A9870B1F-49B9-4EB1-AAE0-82C936D2C093}.job
[2013/07/06 12:54:36 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Compaq_Owner\Desktop\VEW.exe
[2013/07/06 12:48:18 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/07/06 12:48:16 | 000,000,054 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/07/06 12:48:16 | 000,000,039 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/07/06 12:48:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/06 12:48:03 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/06 12:46:34 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\application log.evt
[2013/07/06 12:45:57 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\system log.evt
[2013/07/06 12:34:05 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/06 12:27:11 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
[2013/07/06 12:09:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/07/06 11:49:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/07/06 11:38:13 | 000,000,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Uninstaller.lnk
[2013/07/06 11:38:13 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 6.lnk
[2013/07/06 11:38:13 | 000,000,875 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 6.lnk
[2013/07/06 11:32:59 | 005,086,173 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2013/07/06 11:28:01 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2013/07/06 10:57:39 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2013/07/06 10:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2013/07/06 10:10:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/07/05 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/07/05 14:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2013/07/04 10:06:31 | 002,756,800 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Compaq_Owner\Desktop\procexp.exe
[2013/07/04 09:46:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2013/07/03 18:38:45 | 000,001,362 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2013/07/01 21:35:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2013/07/01 10:19:54 | 000,119,139 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\401262_496775543696240_758378301_n.jpg
[2013/07/01 10:18:30 | 000,142,355 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\197943_501785559861905_199076935_n.jpg
[2013/07/01 10:18:17 | 000,150,299 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\69484_502056993168095_1732405421_n.jpg
[2013/07/01 10:18:00 | 000,206,947 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\225807_503495533024241_2005367362_n.jpg
[2013/07/01 10:17:46 | 000,074,196 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\64005_505238699516591_1559339700_n.jpg
[2013/07/01 10:17:12 | 000,141,223 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\33871_512617792112015_1547791522_n.jpg
[2013/07/01 10:14:55 | 000,082,539 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\19306_522766884430439_2135944798_n.jpg
[2013/07/01 10:14:02 | 000,149,603 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\529853_533194143387713_110433115_n.jpg
[2013/06/30 18:29:41 | 000,064,454 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\tumblr_mcs2drk8XL1qcyrsio1_500.jpg
[2013/06/27 10:37:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/06/27 10:36:59 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/06/27 10:36:59 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/06/27 10:36:59 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/06/27 10:36:58 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/06/27 10:36:58 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/06/27 10:36:58 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/06/25 18:02:07 | 000,020,753 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\1011736_10201473401227390_1224720998_n.jpg
[2013/06/24 12:22:10 | 000,000,281 | ---- | M] () -- C:\Boot.bak
[2013/06/23 12:03:58 | 000,002,395 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2013/06/20 08:18:40 | 000,232,236 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7227.JPG
[2013/06/20 08:15:36 | 000,110,232 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7226.JPG
[2013/06/20 08:15:24 | 000,112,847 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7225.JPG
[2013/06/20 08:15:04 | 000,143,246 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7224.JPG
[2013/06/20 08:14:46 | 000,110,591 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7223.JPG
[2013/06/15 09:35:29 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/15 09:35:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/14 13:56:06 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/09 19:22:03 | 000,126,714 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20130609_192153.reg
[2013/06/09 18:56:26 | 000,000,219 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Document.rtf
[2013/06/09 17:02:21 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 16:46:19 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/08 19:46:26 | 002,094,994 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Deck Plans.bmp
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/06 12:54:36 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Compaq_Owner\Desktop\VEW.exe
[2013/07/06 12:46:31 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\application log.evt
[2013/07/06 12:45:55 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\system log.evt
[2013/07/06 11:39:41 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/07/06 11:39:41 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/07/06 11:39:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/07/06 11:39:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/07/06 11:39:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/07/06 11:38:13 | 000,000,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Uninstaller.lnk
[2013/07/06 11:38:13 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 6.lnk
[2013/07/06 11:38:13 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 6.lnk
[2013/07/06 11:28:01 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2013/07/01 10:19:53 | 000,119,139 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\401262_496775543696240_758378301_n.jpg
[2013/07/01 10:18:29 | 000,142,355 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\197943_501785559861905_199076935_n.jpg
[2013/07/01 10:18:16 | 000,150,299 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\69484_502056993168095_1732405421_n.jpg
[2013/07/01 10:18:00 | 000,206,947 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\225807_503495533024241_2005367362_n.jpg
[2013/07/01 10:17:45 | 000,074,196 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\64005_505238699516591_1559339700_n.jpg
[2013/07/01 10:17:10 | 000,141,223 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\33871_512617792112015_1547791522_n.jpg
[2013/07/01 10:14:55 | 000,082,539 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\19306_522766884430439_2135944798_n.jpg
[2013/07/01 10:14:01 | 000,149,603 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\529853_533194143387713_110433115_n.jpg
[2013/06/30 18:28:28 | 000,064,454 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\tumblr_mcs2drk8XL1qcyrsio1_500.jpg
[2013/06/25 18:01:45 | 000,020,753 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\1011736_10201473401227390_1224720998_n.jpg
[2013/06/20 10:27:01 | 000,232,236 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7227.JPG
[2013/06/20 10:27:01 | 000,143,246 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7224.JPG
[2013/06/20 10:27:01 | 000,112,847 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7225.JPG
[2013/06/20 10:27:01 | 000,110,591 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7223.JPG
[2013/06/20 10:27:01 | 000,110,232 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DSC_7226.JPG
[2013/06/15 09:35:33 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/14 13:56:06 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/14 13:56:06 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/09 19:21:58 | 000,126,714 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20130609_192153.reg
[2013/06/09 18:56:26 | 000,000,219 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Document.rtf
[2013/06/09 18:44:41 | 000,002,395 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2013/06/09 17:02:21 | 000,002,415 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/06/09 16:46:32 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/06/09 16:46:32 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/06/08 19:46:25 | 002,094,994 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Deck Plans.bmp
[2013/06/05 23:24:10 | 000,212,786 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\census.cache
[2013/06/05 23:19:39 | 000,205,206 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ars.cache
[2013/06/05 22:20:18 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2013/05/28 15:38:54 | 000,922,944 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\a.zip
[2009/12/06 20:21:51 | 116,264,960 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\lol
[2009/11/27 21:03:03 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\mcs.rma
[2009/03/03 17:43:39 | 000,003,323 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\manifest.ini
[2009/03/03 17:43:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\permdata.box
[2009/01/09 20:08:32 | 000,000,094 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Settings.ini
[2007/12/06 01:33:57 | 006,397,370 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ui.zip
[2007/12/06 01:33:57 | 000,905,097 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\terrain.zip
[2007/12/06 01:33:57 | 000,687,504 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\staff.zip
[2007/12/06 01:33:57 | 000,309,698 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn15.zoo
[2007/12/06 01:33:57 | 000,288,710 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\large.zoo
[2007/12/06 01:33:57 | 000,216,039 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn12.zoo
[2007/12/06 01:33:57 | 000,204,759 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\medium.zoo
[2007/12/06 01:33:57 | 000,201,767 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn13.zoo
[2007/12/06 01:33:57 | 000,156,617 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn04.zoo
[2007/12/06 01:33:57 | 000,138,694 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn03.zoo
[2007/12/06 01:33:57 | 000,102,319 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn02.zoo
[2007/12/06 01:33:57 | 000,102,054 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn07.zoo
[2007/12/06 01:33:57 | 000,094,755 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn11.zoo
[2007/12/06 01:33:57 | 000,094,755 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn10.zoo
[2007/12/06 01:33:57 | 000,092,319 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn01.zoo
[2007/12/06 01:33:57 | 000,091,639 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\default.zoo
[2007/12/06 01:33:57 | 000,076,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scn06.zoo
[2007/12/06 01:33:57 | 000,055,809 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\tiles.zip
[2007/12/06 01:33:56 | 008,954,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\objects.zip
[2007/12/06 01:33:56 | 003,635,656 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scenario.zip
[2007/12/06 01:33:56 | 002,983,796 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\scenery.zip
[2007/12/06 01:33:56 | 000,357,129 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\guests.zip
[2007/12/06 01:33:56 | 000,024,146 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\items.zip
[2007/12/06 01:33:56 | 000,007,337 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\research.zip
[2007/12/06 01:33:56 | 000,005,884 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\paths.zip
[2007/12/06 01:33:55 | 014,240,209 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\global.zip
[2007/12/06 01:33:55 | 000,135,989 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\fences.zip
[2007/12/06 01:33:55 | 000,010,043 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\fringe.zip
[2007/12/06 01:33:55 | 000,006,564 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\config.zip
[2007/12/06 01:33:54 | 009,116,930 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\animals2.zip
[2007/12/06 01:33:47 | 086,362,105 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\animals.zip
[2007/12/06 01:33:47 | 000,002,514 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ai.zip
[2007/12/06 01:33:47 | 000,000,000 | RH-- | C] () -- C:\Documents and Settings\Compaq_Owner\EBUSetup.sem
[2007/12/06 01:33:46 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\zoo.ini
[2007/12/06 01:33:45 | 001,440,056 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\splash.bmp
[2007/12/06 01:33:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\MSLOGO.AVI
[2007/12/06 01:33:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\BFLOGO.AVI
[2007/07/29 23:02:32 | 000,290,029 | ---- | C] () -- C:\Program Files\game in progress.zoo
[2007/07/25 20:05:05 | 000,739,832 | ---- | C] () -- C:\Program Files\072507.zoo
[2007/07/25 17:24:42 | 000,309,698 | ---- | C] () -- C:\Program Files\scn15.zoo
[2007/07/25 17:24:42 | 000,288,710 | ---- | C] () -- C:\Program Files\large.zoo
[2007/07/25 17:24:42 | 000,216,039 | ---- | C] () -- C:\Program Files\scn12.zoo
[2007/07/25 17:24:42 | 000,204,759 | ---- | C] () -- C:\Program Files\medium.zoo
[2007/07/25 17:24:42 | 000,201,767 | ---- | C] () -- C:\Program Files\scn13.zoo
[2007/07/25 17:24:42 | 000,156,617 | ---- | C] () -- C:\Program Files\scn04.zoo
[2007/07/25 17:24:42 | 000,138,694 | ---- | C] () -- C:\Program Files\scn03.zoo
[2007/07/25 17:24:42 | 000,102,319 | ---- | C] () -- C:\Program Files\scn02.zoo
[2007/07/25 17:24:42 | 000,102,054 | ---- | C] () -- C:\Program Files\scn07.zoo
[2007/07/25 17:24:42 | 000,094,755 | ---- | C] () -- C:\Program Files\scn11.zoo
[2007/07/25 17:24:42 | 000,094,755 | ---- | C] () -- C:\Program Files\scn10.zoo
[2007/07/25 17:24:42 | 000,092,319 | ---- | C] () -- C:\Program Files\scn01.zoo
[2007/07/25 17:24:42 | 000,091,639 | ---- | C] () -- C:\Program Files\default.zoo
[2007/07/25 17:24:42 | 000,076,880 | ---- | C] () -- C:\Program Files\scn06.zoo
[2007/07/25 17:24:41 | 006,397,370 | ---- | C] () -- C:\Program Files\ui.zip
[2007/07/25 17:24:41 | 003,635,656 | ---- | C] () -- C:\Program Files\scenario.zip
[2007/07/25 17:24:41 | 002,983,796 | ---- | C] () -- C:\Program Files\scenery.zip
[2007/07/25 17:24:41 | 000,905,097 | ---- | C] () -- C:\Program Files\terrain.zip
[2007/07/25 17:24:41 | 000,687,504 | ---- | C] () -- C:\Program Files\staff.zip
[2007/07/25 17:24:41 | 000,055,809 | ---- | C] () -- C:\Program Files\tiles.zip
[2007/07/25 17:24:41 | 000,007,337 | ---- | C] () -- C:\Program Files\research.zip
[2007/07/25 17:24:41 | 000,005,884 | ---- | C] () -- C:\Program Files\paths.zip
[2007/07/25 17:24:40 | 008,954,880 | ---- | C] () -- C:\Program Files\objects.zip
[2007/07/25 17:24:40 | 000,357,129 | ---- | C] () -- C:\Program Files\guests.zip
[2007/07/25 17:24:40 | 000,024,146 | ---- | C] () -- C:\Program Files\items.zip
[2007/07/25 17:24:39 | 014,240,209 | ---- | C] () -- C:\Program Files\global.zip
[2007/07/25 17:24:39 | 000,135,989 | ---- | C] () -- C:\Program Files\fences.zip
[2007/07/25 17:24:39 | 000,010,043 | ---- | C] () -- C:\Program Files\fringe.zip
[2007/07/25 17:24:39 | 000,006,564 | ---- | C] () -- C:\Program Files\config.zip
[2007/07/25 17:24:38 | 009,116,930 | ---- | C] () -- C:\Program Files\animals2.zip
[2007/07/25 17:24:29 | 086,362,105 | ---- | C] () -- C:\Program Files\animals.zip
[2007/07/25 17:24:29 | 000,002,514 | ---- | C] () -- C:\Program Files\ai.zip
[2007/07/25 17:24:29 | 000,000,000 | RH-- | C] () -- C:\Program Files\EBUSetup.sem
[2007/07/25 17:24:28 | 000,001,618 | ---- | C] () -- C:\Program Files\zoo.ini
[2007/07/25 17:24:27 | 001,440,056 | ---- | C] () -- C:\Program Files\splash.bmp
[2007/07/25 17:24:27 | 000,000,000 | ---- | C] () -- C:\Program Files\MSLOGO.AVI
[2007/07/25 17:24:27 | 000,000,000 | ---- | C] () -- C:\Program Files\BFLOGO.AVI
[2007/04/03 22:35:45 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/02/22 12:03:09 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2007/02/03 10:40:30 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2007/01/29 16:42:08 | 000,145,408 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 15:56:04 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

========== ZeroAccess Check ==========

[2006/07/21 06:30:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2007/08/22 08:55:40 | 001,498,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 06:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/04 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST3120213AS
Partitions: 2
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 104.00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 7.00GB
Starting Offset: 112192819200
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2013/07/06 12:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Adobe
[2007/02/05 18:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AdobeUM
[2013/06/12 10:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
[2008/03/06 19:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ashampoo
[2011/02/25 20:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Catalina Marketing Corp
[2009/05/04 09:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Google
[2013/07/06 12:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Help
[2007/02/22 12:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\HP
[2007/02/03 13:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\HPQ
[2010/12/03 19:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\HpUpdate
[2007/12/22 16:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Identities
[2007/07/18 18:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express
[2009/10/29 16:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InstallShield
[2006/07/21 07:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intuit
[2013/06/25 10:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit
[2009/02/28 16:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\iolo
[2008/05/04 01:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\iWin
[2008/05/04 01:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\iWinArcade
[2008/03/21 16:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Jasc
[2007/03/05 15:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Jasc Software Inc
[2007/04/05 10:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Lavasoft
[2007/07/14 21:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2007/01/29 16:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia
[2009/02/05 18:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
[2008/07/02 10:51:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft
[2007/06/25 19:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Miranda
[2008/02/04 01:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks
[2010/02/20 20:07:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
[2008/04/18 15:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MyPublisher
[2007/02/21 11:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MySpace
[2009/06/17 17:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Real
[2008/06/19 16:57:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SecuROM
[2013/06/09 17:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Skype
[2013/06/09 15:50:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\skypePM
[2008/05/07 18:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Snapfish
[2007/07/14 21:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sonic
[2007/08/26 02:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony Corporation
[2009/02/05 23:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SPORE
[2008/09/28 20:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SPORE Creature Creator
[2013/06/23 11:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Spotify
[2007/02/02 00:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sun
[2007/07/06 11:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sunbelt Software
[2013/06/08 08:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
[2007/03/31 16:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Symantec
[2007/08/01 19:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Talkback
[2007/02/03 10:40:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2010/06/03 13:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue
[2013/06/12 12:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ventrilo
[2009/02/27 23:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Viewpoint
[2011/09/13 19:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WebSentinel
[2007/11/18 00:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Yahoo!
[2009/02/27 23:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ZiggyTV

< MD5 for: ATAPI.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 00:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/04 08:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2004/08/04 08:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 08:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/04/13 20:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\csrss.exe
[2004/08/04 07:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\system32\csrss.exe
[2004/08/04 07:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2008/06/20 13:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\erdnt\cache\mswsock.dll
[2008/06/20 13:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 13:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\system32\mswsock.dll
[2008/06/20 13:36:11 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=1DFCA7713EA5A70D5D93B436AEA0317A -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2004/08/04 07:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/06/20 13:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2008/04/13 20:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mswsock.dll
[2008/06/20 13:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NWPROVAU.DLL >
[2008/04/13 20:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\nwprovau.dll
[2006/10/13 08:41:38 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=808CB47D7F6BE51B0354CD628CF45978 -- C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
[2006/10/13 08:35:12 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=AEEB687B865E1BAB04BB9C3604F92CEF -- C:\WINDOWS\system32\dllcache\nwprovau.dll
[2006/10/13 08:35:12 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=AEEB687B865E1BAB04BB9C3604F92CEF -- C:\WINDOWS\system32\nwprovau.dll
[2004/08/04 07:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=F01D97A8E0380BA52F58249A7B3BD7F1 -- C:\WINDOWS\$NtUninstallKB923980$\nwprovau.dll

< MD5 for: PNRPNSP.DLL >
[2004/08/04 07:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\system32\dllcache\pnrpnsp.dll
[2004/08/04 07:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\system32\pnrpnsp.dll
[2008/04/13 20:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\pnrpnsp.dll

< MD5 for: SERVICES.EXE >
[2009/02/06 07:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 20:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\erdnt\cache\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\services.exe
[2009/02/06 06:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2004/08/04 07:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\erdnt\cache\userinit.exe
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe

< MD5 for: WINRNR.DLL >
[2004/08/04 07:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\system32\dllcache\winrnr.dll
[2004/08/04 07:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\system32\winrnr.dll
[2008/04/13 20:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winrnr.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/06/25 11:48:59 | 000,867,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/06/25 11:49:04 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >
  • 0

#15
Liz2012
Posted 07 July 2013 - 08:29 AM

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
OTL Extras logfile created on: 7/6/2013 12:58:25 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 414.14 Mb Available Physical Memory | 43.21% Memory free
2.26 Gb Paging File | 1.82 Gb Available in Paging File | 80.44% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.48 Gb Total Space | 14.90 Gb Free Space | 14.26% Space Free | Partition Type: NTFS
Drive D: | 7.29 Gb Total Space | 0.57 Gb Free Space | 7.82% Space Free | Partition Type: FAT32

Computer Name: YOUR-D0F670B45A | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"enablefirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"enablefirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\SteamApps\jblack187\counter-strike source\hl2.exe" = C:\Program Files\Steam\SteamApps\jblack187\counter-strike source\hl2.exe:*:Disabled:hl2 -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\HP Rhapsody\rhapsody.exe" = C:\Program Files\HP Rhapsody\rhapsody.exe:*:Disabled:Rhapsody -- (RealNetworks, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe" = C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Documents and Settings\Compaq_Owner\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Compaq_Owner\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™
"{06E73C0B-7DE7-4F41-860B-587033B75BD9}" = iPod Updater 2004-11-15
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{174D5678-D941-433C-BD23-58A5C7B0D36D}" = Jasc Animation Shop 3
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}" = upapp
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{6314D540-E3C1-4F30-AEEB-4154C93375C3}" = HP Driver Diagnostics
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6BE73D27-5ADC-4AD9-B619-8F5188AFCF9F}" = HP Deskjet 1050 J410 series Product Improvement Study
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8A9A5FCE-E592-4E77-96F8-6B3624640D1C}" = Webassessor Sentinel Security Shield™
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8F7A4D82-B168-4F89-99C2-B9873EC877AF}" = HP Image Zone Express
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{9922FE96-6803-498D-A6AD-4EB5A3B956A5}" = Belkin Wireless G Plus MIMO USB Network Adapter
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BACBC990-8681-4D00-9227-F3A32123BB7A}" = Half-Life®
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{ECB35FFA-B010-45C5-9AB5-665AC7E27EE2}" = HP Deskjet 1050 J410 series Basic Device Software
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}" = The Sims Complete Collection
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Ace Utilities_is1" = Ace Utilities
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"EADM" = EA Download Manager
"ewidoantispyware4" = ewido anti-spyware 4.0
"Hijackthis_is1" = Hijackthis 1.99.1
"hp deskjet 5550 series" = hp deskjet 5550 series (Remove only)
"HP Game Console" = HP Game Console
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photo Creations" = HP Photo Creations
"hp print screen utility" = hp print screen utility
"HP Rhapsody" = HP Rhapsody
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{06E73C0B-7DE7-4F41-860B-587033B75BD9}" = iPod Updater 2004-11-15
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 18.0 (x86 en-US)" = Mozilla Firefox 18.0 (x86 en-US)
"MyWGU Messenger 2.5.8" = MyWGU Messenger 2.5.8
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"Revo Uninstaller" = Revo Uninstaller 1.80
"Rhapsody" = Rhapsody
"SCRABBLE" = SCRABBLE
"Steam App 440" = Team Fortress 2
"Trillian" = Trillian
"Trusted Software Assistant_is1" = File Type Assistant
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WT005538" = Tradewinds
"WT005541" = Blasterball 2 Revolution
"WT005542" = Blasterball 2 Remix
"WT005544" = Bounce Symphony
"WT005613" = Flip Words
"WT005618" = Poker Superstars
"WT005620" = Slingo Deluxe
"WT005625" = Bejeweled 2 Deluxe
"WT005627" = Bookworm Deluxe
"WT005628" = Chuzzle Deluxe
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"WinDirStat" = WinDirStat 1.1.2

========== Last 20 Event Log Errors ==========

[ System Events ]
Error - 7/6/2013 12:48:12 PM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 7/6/2013 12:48:12 PM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7000
Description = The Norton AntiVirus Auto-Protect Service service failed to start
due to the following error: %%3

Error - 7/6/2013 12:48:12 PM | Computer Name = YOUR-D0F670B45A | Source = Print | ID = 19
Description = Sharing printer failed + 1722, Printer Microsoft XPS Document Writer
share name Printer.

Error - 7/6/2013 12:48:15 PM | Computer Name = YOUR-D0F670B45A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ewido anti-spyware 4.0 driver

Error - 7/6/2013 2:00:00 PM | Computer Name = YOUR-D0F670B45A | Source = Schedule | ID = 7901
Description = The At4.job command failed to start due to the following error: %%2147942405


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP