Thanks a lot Rob for seeing my message and for the help. I'm following the instructions. For Adware Cleaner, here's the log:
# AdwCleaner v3.007 - Report created 09/10/2013 at 17:33:35
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user - USER-AE3AC86A7F
# Running from : C:\Documents and Settings\user\Desktop\Adware Removal tools\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\saveensshare
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v
[ File : C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js ]
-\\ Google Chrome v30.0.1599.69
[ File : C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1615 octets] - [09/10/2013 17:31:47]
AdwCleaner[S0].txt - [1554 octets] - [09/10/2013 17:33:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1614 octets] ##########
For Junkware removal tool, here's the log of the report.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Microsoft Windows XP x86
Ran by user on Wed 10/09/2013 at 17:39:00.60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBB4D748-4C2C-7DF1-0B55-B9F4E054FB64}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FBB4D748-4C2C-7DF1-0B55-B9F4E054FB64}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FBB4D748-4C2C-7DF1-0B55-B9F4E054FB64}
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 10/09/2013 at 17:45:48.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For ASWMBER, I didn't get any report. No log.
I ran OTL the 2nd time and pasted the code you showed me into the box. There were 2 logs. here they are:
OTL logfile created on: 10/9/2013 7:29:57 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Desktop\Adware Removal tools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.44 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 65.87% Memory free
5.27 Gb Paging File | 3.52 Gb Available in Paging File | 66.77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292.97 Gb Total Space | 240.65 Gb Free Space | 82.14% Space Free | Partition Type: NTFS
Drive E: | 172.79 Gb Total Space | 93.44 Gb Free Space | 54.08% Space Free | Partition Type: NTFS
Drive F: | 6.68 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: USER-AE3AC86A7F | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/10/09 17:30:05 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\user\Desktop\Adware Removal tools\aswmbr.exe
PRC - [2013/10/07 08:47:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\Adware Removal tools\OTL.exe
PRC - [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/08/26 11:10:16 | 001,970,296 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2013/08/22 08:15:18 | 000,695,416 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
PRC - [2013/08/21 03:09:46 | 001,444,472 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
PRC - [2013/08/21 02:55:45 | 002,369,616 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
PRC - [2013/08/21 02:48:12 | 002,095,600 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
PRC - [2013/08/21 02:20:22 | 000,635,000 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
PRC - [2013/08/01 17:29:52 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Documents and Settings\user\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2013/03/22 03:55:34 | 001,854,928 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
PRC - [2012/11/15 16:41:08 | 000,277,744 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012/11/15 16:32:18 | 003,795,160 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\DAP\DAP.exe
PRC - [2011/05/18 16:56:08 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/12/07 18:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) -- c:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
PRC - [2010/01/21 01:18:38 | 000,226,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2008/04/14 18:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/13 16:28:14 | 000,032,768 | ---- | M] (Autodesk) -- C:\Program Files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
PRC - [2007/02/13 16:26:46 | 000,049,152 | ---- | M] (Autodesk) -- C:\Program Files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe
PRC - [2005/05/16 20:00:00 | 000,099,840 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I091.EXE
========== Modules (No Company Name) ========== MOD - [2013/10/09 17:38:06 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\YouTubeCom.dll
MOD - [2013/10/05 14:30:23 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\da28f3d44be7def2d84269f1db5718d6\System.Runtime.Remoting.ni.dll
MOD - [2013/10/05 14:05:12 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
MOD - [2013/10/05 14:05:11 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
MOD - [2013/10/05 14:05:09 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
MOD - [2013/10/05 14:05:07 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
MOD - [2013/10/05 14:05:05 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
MOD - [2013/10/03 07:03:05 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppgooglenaclpluginchrome.dll
MOD - [2013/10/03 07:03:04 | 013,611,984 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
MOD - [2013/10/03 07:03:03 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll
MOD - [2013/10/03 07:02:12 | 000,698,832 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
MOD - [2013/10/03 07:02:11 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\libegl.dll
MOD - [2013/10/03 07:02:09 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
MOD - [2013/08/31 21:00:57 | 000,003,584 | ---- | M] () -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\autodeskdm_services\f924c671\35d0f680\App_global.asax.ao2lme8w.dll
MOD - [2013/07/18 12:11:37 | 001,356,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e61655423feec8cd2248d50d104d8a54\System.WorkflowServices.ni.dll
MOD - [2013/07/18 12:11:27 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8e597a2c933e04c3deb4a906083ff5c0\System.Web.Services.ni.dll
MOD - [2013/07/18 12:11:15 | 011,816,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\616fa195ca93638850a119a54171dac1\System.Web.ni.dll
MOD - [2013/07/18 12:11:09 | 001,706,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\adb072a3cfd246b2bb19dfde16e217ca\System.ServiceModel.Web.ni.dll
MOD - [2013/07/18 12:11:09 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8f3e54440f3742da409131428ad1bce1\System.ServiceProcess.ni.dll
MOD - [2013/07/18 12:09:39 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\79533103112291e81204ca24aed19890\System.Configuration.ni.dll
MOD - [2013/07/18 12:00:05 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6e9496df269e15c52c446881e0648e0e\SMDiagnostics.ni.dll
MOD - [2013/07/18 11:59:59 | 017,403,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\d577c536166d7cd2ef47ad0896a18393\System.ServiceModel.ni.dll
MOD - [2013/07/18 11:59:47 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afbff0c4df2ddd1e111f9e594279cb19\System.Runtime.Serialization.ni.dll
MOD - [2013/07/18 10:42:07 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a1d221960bf7a0cbfd1f355595f77e83\System.Xml.ni.dll
MOD - [2013/07/18 10:42:04 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\efecb20c44117df86f2eb5f93592fdd8\System.Windows.Forms.ni.dll
MOD - [2013/07/18 10:41:53 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\82a53e923936d5f62d9af4cdfe50a4f8\System.Drawing.ni.dll
MOD - [2013/07/18 10:40:57 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\16562c54978851e92db8fec6f759bba1\System.ni.dll
MOD - [2013/07/18 10:40:52 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013/07/18 10:40:27 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2013/07/18 10:40:27 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/07/18 10:40:26 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2013/07/18 10:40:26 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/07/18 10:40:23 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2013/07/18 10:40:23 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2013/07/18 10:40:22 | 000,839,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
MOD - [2013/07/18 10:40:22 | 000,835,584 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
MOD - [2013/07/18 10:40:22 | 000,749,568 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
MOD - [2013/07/18 10:40:21 | 005,246,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2013/07/18 10:37:19 | 005,967,872 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
MOD - [2013/07/18 10:37:18 | 000,110,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll
MOD - [2012/11/18 23:04:47 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Diagnostics.ServiceModelSink\3.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Diagnostics.ServiceModelSink.dll
MOD - [2012/11/18 21:50:51 | 000,884,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Web.Services3\3.0.0.0__31bf3856ad364e35\Microsoft.Web.Services3.dll
MOD - [2012/11/15 18:29:52 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2012/11/15 16:34:27 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Plugins\AddonsCondition.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/04/14 18:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 18:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/09/11 21:43:14 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/08/26 11:10:16 | 001,970,296 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2013/08/22 08:15:18 | 000,695,416 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2013/08/21 02:55:45 | 002,369,616 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe -- (GDFwSvc)
SRV - [2013/08/21 02:48:12 | 002,095,600 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2013/08/21 02:20:22 | 000,635,000 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2013/08/01 17:29:52 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/11/18 21:53:43 | 000,079,360 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2012/11/15 16:41:08 | 000,277,744 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/12/07 18:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- c:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe -- (mitsijm2012)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2008/06/05 23:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service)
SRV - [2007/02/13 16:28:14 | 000,032,768 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe -- (Autodesk Data Management Job Dispatch)
SRV - [2007/02/13 16:26:46 | 000,049,152 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe -- (Autodesk EDM Server)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\user\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2013/10/07 10:37:51 | 000,069,176 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD)
DRV - [2013/10/07 10:29:56 | 000,096,600 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2013/10/07 10:29:56 | 000,047,832 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2013/10/07 10:29:56 | 000,045,912 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDBehave.sys -- (GDBehave)
DRV - [2013/07/13 21:28:30 | 000,053,976 | ---- | M] (G Data Software AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor)
DRV - [2013/07/13 21:28:30 | 000,030,200 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDNdisIc.sys -- (GDNdisIc)
DRV - [2012/06/11 11:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/01/09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012/01/09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012/01/09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/03/26 19:37:12 | 000,126,976 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2011/03/26 19:37:12 | 000,107,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011/03/26 19:37:12 | 000,107,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011/03/26 19:37:12 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2011/01/25 19:54:04 | 006,321,768 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/09/29 21:10:21 | 000,173,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\Yandex: "URL" =
http://yandex.ru/yan...t={searchTerms} IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/searchIE - HKCU\..\SearchScopes\{387C4286-45BA-4A01-9202-73D2EF03074F}: "URL" =
http://www.google.co...utputEncoding?}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ========== FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013/10/09 17:38:50 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\DAP\daplinkchecker [2012/11/15 16:32:44 | 000,000,000 | ---D | M]
[2013/08/15 12:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions
[2013/08/15 12:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged
[2012/11/15 00:42:04 | 000,000,000 | ---D | M] (Яндекс.Бар) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\
[email protected][2012/11/15 01:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/15 00:52:32 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.google.com/CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: DAP Link Checker = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh\1.0.1.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: World Clocks = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej\4.9_0\
CHR - Extension: Gmail = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2008/04/14 18:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4 - HKLM..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Nokia Music Player\NokiaMusicPlayer.exe (Nokia)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\user\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE}
http://download.micr...loadManager.cab (Microsoft Download Manager ActiveX control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2D9F584-6661-4116-AA36-D3B064D18D77}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\g data\internetsecurity\avkkid\avkcks.exe) - c:\Program Files\G Data\InternetSecurity\AVKKid\AvkCKS.exe ()
O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/11/15 00:31:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/12/01 15:01:14 | 000,000,647 | R--- | M] () - F:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2011/12/01 11:17:34 | 000,333,136 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011/12/01 11:17:34 | 000,000,046 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{4d5d2c10-2ebb-11e2-b176-f4716289099e}\Shell - "" = AutoRun
O33 - MountPoints2\{4d5d2c10-2ebb-11e2-b176-f4716289099e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4d5d2c10-2ebb-11e2-b176-f4716289099e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4d5d2c14-2ebb-11e2-b176-f4716289099e}\Shell - "" = AutoRun
O33 - MountPoints2\{4d5d2c14-2ebb-11e2-b176-f4716289099e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4d5d2c14-2ebb-11e2-b176-f4716289099e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ab1f8c61-2f8a-11e2-b17b-f6f8bf905d58}\Shell - "" = AutoRun
O33 - MountPoints2\{ab1f8c61-2f8a-11e2-b17b-f6f8bf905d58}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ab1f8c61-2f8a-11e2-b17b-f6f8bf905d58}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/12/01 11:17:34 | 000,333,136 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {260FACEF-C889-636F-5DE2-3479B1193B74} - Offline Browsing Pack
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {4589C707-10D6-9312-CB95-369B080A5865} - NetShow
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {518D30D6-2440-2C20-4EC5-5099B5AAD1FE} - DirectAnimation
ActiveX: {57EA121D-8B17-204E-1DD0-14CED128704B} - Vector Graphics Rendering (VML)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {80DBB839-428D-9A57-18AA-EBFABA20CF45} - Vector Graphics Rendering (VML)
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {8EE68544-94BD-3F9F-C49F-82F973BEA2E7} - Outlook Express
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {97CA8037-FE37-123C-49CF-CBD04208A83E} - Microsoft Windows Media Player
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB31EA19-7E63-B472-9C00-C14DB0250C51} - Vector Graphics Rendering (VML)
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {DA35F9DF-F858-1A2A-804D-0F0FC1A38E79} - Vector Graphics Rendering (VML)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F35FF305-0FE5-6B10-B218-90452FDF61FC} - Dynamic HTML Data Binding for Java
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (
http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2013/10/09 17:38:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/10/09 17:31:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/09 17:18:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\Adware Removal tools
[2013/10/07 18:51:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/07 10:30:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\G Data InternetSecurity 2014
[2013/10/07 08:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/10/07 08:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\My Spiritual life
[2013/10/06 20:37:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CamStudio 2.7
[2013/10/06 20:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\CamStudio 2.7
[2013/10/05 21:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\WMTools Downloaded Files
[2013/10/05 15:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Inventor Master Project
[2013/10/05 01:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Autodesk,_Inc
[2013/10/05 00:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\GrantaGateway
[2013/10/05 00:06:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Autodesk
[2013/10/05 00:01:34 | 000,000,000 | ---D | C] -- C:\MITSI 2012 Temporary Files
[2013/10/05 00:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Autodesk
[2013/10/05 00:00:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Autodesk
[2013/10/05 00:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Chart Controls
[2013/10/04 20:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Thinstall
[2013/10/04 20:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Thinstall
[2013/09/17 12:33:00 | 000,000,000 | ---D | C] -- C:\tmp
[2013/09/15 22:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Nero
[2013/09/15 21:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2013/09/15 20:35:22 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5420.dll
[2013/09/15 20:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\driveridentifier
[2013/09/15 20:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Identifier
[2013/09/15 20:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Identifier
[2013/09/15 19:35:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\001 HP PC Manual
[2013/09/14 18:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Shrink
[2013/09/14 18:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD Shrink
[2013/09/14 18:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2013/09/14 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\AutoCAD 2010
[2013/09/14 18:04:21 | 000,000,000 | ---D | C] -- C:\Program Files\x86
[2013/09/14 18:04:21 | 000,000,000 | ---D | C] -- C:\Program Files\en-US
[2013/09/14 17:55:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\Google Drive
[2013/09/14 17:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
[2013/09/12 16:43:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2013/09/11 21:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\STRUCTURAL_COMMON_DATA
[2013/09/11 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData
[2013/09/11 21:40:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2013/09/11 21:40:39 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2013/09/11 21:40:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2013/09/11 21:40:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2013/09/11 21:40:39 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2013/09/11 21:40:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2013/09/11 21:40:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2013/09/11 21:40:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2013/09/11 21:40:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2013/09/11 21:40:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2013/09/11 21:40:37 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2013/09/11 21:40:37 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2013/09/11 21:40:37 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2013/09/11 21:40:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2013/09/11 21:40:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2013/09/11 21:40:37 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2013/09/11 21:40:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2013/09/11 21:40:36 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2013/09/11 21:40:36 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2013/09/11 21:40:36 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2013/09/11 21:40:36 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2013/09/11 21:40:36 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2013/09/11 21:40:36 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2013/09/11 21:40:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2013/09/11 21:40:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2013/09/11 21:40:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2013/09/11 21:40:35 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2013/09/11 21:40:35 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2013/09/11 21:40:35 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2013/09/11 21:40:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2013/09/11 21:40:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2013/09/11 21:40:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2013/09/11 21:40:35 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2013/09/11 21:40:35 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2013/09/11 21:40:34 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2013/09/11 21:40:34 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2013/09/11 21:40:34 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2013/09/11 21:40:34 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2013/09/11 21:40:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2013/09/11 21:40:34 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2013/09/11 21:40:34 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2013/09/11 21:40:33 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2013/09/11 21:40:33 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2013/09/11 21:40:33 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2013/09/11 21:40:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2013/09/11 21:40:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2013/09/11 21:40:32 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2013/09/11 21:40:32 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2013/09/11 21:40:32 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2013/09/11 21:40:32 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2013/09/11 21:40:32 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2013/09/11 21:40:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2013/09/11 21:40:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2013/09/11 21:40:31 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2013/09/11 21:40:31 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2013/09/11 21:40:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2013/09/11 21:40:31 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2013/09/11 21:40:30 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2013/09/11 21:40:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2013/09/11 21:40:30 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2013/09/11 21:40:28 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2013/09/11 21:40:28 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2013/09/11 21:40:28 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2013/09/11 21:40:28 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2013/09/11 21:40:27 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2013/09/11 21:40:27 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2013/09/11 21:40:27 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013/09/11 21:40:27 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2013/09/11 21:40:27 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013/09/11 21:40:27 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2013/09/11 21:40:26 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013/09/11 21:40:22 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013/09/11 21:40:22 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013/09/11 21:40:22 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013/09/11 21:40:22 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013/09/11 21:40:21 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013/09/11 21:40:21 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013/09/11 21:40:21 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013/09/11 21:40:20 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013/09/11 10:43:33 | 000,009,336 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\GDScrSv.en.dll
[2013/09/11 00:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\WinRAR
[2013/09/11 00:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\WinRAR
[2013/09/11 00:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2013/09/11 00:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/09/10 11:49:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Akamai
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/10/09 19:53:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/09 17:35:21 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/09 17:35:21 | 000,000,198 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2013/10/09 17:35:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/09 17:35:09 | 3690,287,104 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/07 20:21:44 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/07 18:43:59 | 000,002,371 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nokia Music Player.lnk
[2013/10/07 10:37:52 | 000,016,048 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GdPhyMem.sys
[2013/10/07 10:37:51 | 000,069,176 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2013/10/07 10:30:12 | 000,001,681 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\G Data InternetSecurity 2014.lnk
[2013/10/07 10:29:56 | 000,096,600 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2013/10/07 10:29:56 | 000,047,832 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\HookCentre.sys
[2013/10/07 10:29:56 | 000,045,912 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2013/10/07 09:17:13 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/07 09:17:13 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Google Chrome.lnk
[2013/10/07 08:27:10 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/10/06 20:38:53 | 000,004,510 | ---- | M] () -- C:\Documents and Settings\user\Application Data\CamStudio.cfg
[2013/10/06 20:38:53 | 000,000,408 | ---- | M] () -- C:\Documents and Settings\user\Application Data\CamShapes.ini
[2013/10/06 20:38:53 | 000,000,408 | ---- | M] () -- C:\Documents and Settings\user\Application Data\CamLayout.ini
[2013/10/06 20:38:53 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Camdata.ini
[2013/10/06 20:37:19 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CamStudio.lnk
[2013/10/05 14:21:08 | 000,274,846 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Part002.adsk
[2013/10/05 14:16:34 | 000,275,063 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Part001.adsk
[2013/10/05 00:24:04 | 000,455,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/05 00:19:50 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Inventor Fusion 2012.lnk
[2013/10/05 00:18:25 | 000,000,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Vault 2012.lnk
[2013/10/05 00:16:35 | 000,001,866 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DWG TrueView 2012.lnk
[2013/10/05 00:04:58 | 000,001,964 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Inventor Professional 2012.lnk
[2013/10/04 23:30:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/03 21:37:14 | 000,000,060 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2013/10/02 20:23:47 | 000,009,662 | ---- | M] () -- C:\WINDOWS\EPISME00.SWB
[2013/09/26 20:23:24 | 000,071,790 | ---- | M] () -- C:\Documents and Settings\user\Desktop\BLOCK A 9 (1).pdf
[2013/09/19 22:45:42 | 000,288,509 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Print.pdf
[2013/09/18 15:02:50 | 000,150,490 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Enhancements_List_RME_2012_UR2.pdf
[2013/09/17 16:39:54 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/09/17 15:25:34 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/15 20:28:48 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/09/14 18:57:28 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\user\Desktop\DVD Shrink 3.2.lnk
[2013/09/14 18:16:54 | 000,001,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2010 - English.lnk
[2013/09/14 17:55:03 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Google Drive.lnk
[2013/09/14 17:53:36 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
[2013/09/14 17:53:36 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
[2013/09/14 17:53:36 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
[2013/09/13 12:05:04 | 001,406,305 | ---- | M] () -- C:\Documents and Settings\user\Desktop\storage_and_handling_of_chlorinated_solvents_4.pdf
[2013/09/12 16:50:36 | 000,272,961 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Gmail - SolidWorks 3D CAD and 3D Prototyping Seminar & Open Day.pdf
[2013/09/11 21:39:34 | 000,001,844 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Design Review 2012.lnk
[2013/09/11 10:43:33 | 000,009,336 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\GDScrSv.en.dll
[2013/09/11 01:01:30 | 000,046,614 | ---- | M] () -- C:\Documents and Settings\user\My Documents\autodesk_revit_mep_2012_system_requirements.pdf
[2013/09/10 13:09:15 | 000,000,517 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Shortcut to 03 Revit Docs.lnk
[2013/09/10 10:50:40 | 000,552,388 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/09/10 10:50:40 | 000,106,940 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/10/07 08:27:10 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/10/06 20:38:53 | 000,004,510 | ---- | C] () -- C:\Documents and Settings\user\Application Data\CamStudio.cfg
[2013/10/06 20:38:53 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\user\Application Data\CamShapes.ini
[2013/10/06 20:38:53 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\user\Application Data\CamLayout.ini
[2013/10/06 20:38:53 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Camdata.ini
[2013/10/06 20:37:19 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CamStudio.lnk
[2013/10/05 14:21:08 | 000,274,846 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Part002.adsk
[2013/10/05 14:16:34 | 000,275,063 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Part001.adsk
[2013/10/05 00:19:50 | 000,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Inventor Fusion 2012.lnk
[2013/10/05 00:18:25 | 000,000,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Vault 2012.lnk
[2013/10/05 00:16:35 | 000,001,866 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DWG TrueView 2012.lnk
[2013/10/05 00:04:58 | 000,001,964 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Inventor Professional 2012.lnk
[2013/10/04 20:31:48 | 006,469,463 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Portable Magic FLAC to MP3 Converter 3.7.exe
[2013/09/26 20:23:24 | 000,071,790 | ---- | C] () -- C:\Documents and Settings\user\Desktop\BLOCK A 9 (1).pdf
[2013/09/19 22:45:08 | 000,288,509 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Print.pdf
[2013/09/18 15:02:30 | 000,150,490 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Enhancements_List_RME_2012_UR2.pdf
[2013/09/14 18:57:28 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\user\Desktop\DVD Shrink 3.2.lnk
[2013/09/14 18:16:54 | 000,001,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2010 - English.lnk
[2013/09/14 17:55:03 | 000,001,473 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Google Drive.lnk
[2013/09/14 17:53:36 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
[2013/09/14 17:53:36 | 000,001,765 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
[2013/09/14 17:53:36 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
[2013/09/13 12:02:04 | 001,406,305 | ---- | C] () -- C:\Documents and Settings\user\Desktop\storage_and_handling_of_chlorinated_solvents_4.pdf
[2013/09/12 16:50:36 | 000,272,961 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Gmail - SolidWorks 3D CAD and 3D Prototyping Seminar & Open Day.pdf
[2013/09/11 23:33:58 | 001,692,194 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1078081533-1972579041-1801674531-1003-0.dat
[2013/09/11 23:33:58 | 000,377,474 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/09/11 21:39:34 | 000,001,844 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Design Review 2012.lnk
[2013/09/11 01:01:30 | 000,046,614 | ---- | C] () -- C:\Documents and Settings\user\My Documents\autodesk_revit_mep_2012_system_requirements.pdf
[2013/09/10 13:09:15 | 000,000,517 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Shortcut to 03 Revit Docs.lnk
[2013/08/01 22:56:35 | 002,060,008 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/07/13 19:33:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/05/06 16:27:41 | 004,870,144 | ---- | C] () -- C:\Documents and Settings\user\NTUSER.rhk
[2013/02/06 09:24:34 | 000,000,135 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2012/11/22 23:38:28 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/11/18 22:33:50 | 000,096,256 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/18 21:32:52 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/11/15 18:33:18 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2012/11/15 18:29:53 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2012/11/15 18:29:51 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2012/11/15 16:32:42 | 000,109,256 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2012/11/15 16:32:42 | 000,090,824 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2012/11/15 00:44:03 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/11/15 00:44:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2012/11/15 00:44:02 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/11/15 00:44:02 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/11/15 00:44:02 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/11/15 00:43:49 | 000,000,146 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2012/11/15 00:43:46 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2012/11/15 00:43:42 | 000,982,240 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2012/11/15 00:43:42 | 000,439,308 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2012/11/15 00:37:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/11/15 00:29:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/11/14 16:26:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/11/14 16:25:15 | 000,455,656 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== ZeroAccess Check ========== [2012/11/18 21:41:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST3500413AS
Partitions: 2
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 293.00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 173.00GB
Starting Offset: 314575833600
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe >[2007/11/07 17:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %systemroot%\assembly\GAC_32\*.ini > < %systemroot%\assembly\GAC_64\*.ini > < %SYSTEMDRIVE%\*.exe >[2007/11/07 17:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*.exe > < %APPDATA%\*. >[2012/11/15 17:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Adobe
[2012/11/18 22:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ansys
[2013/10/07 11:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Autodesk
[2013/09/15 20:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\driveridentifier
[2013/02/24 15:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\EDrawings
[2013/02/05 15:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Foxit Software
[2013/07/14 19:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\G Data
[2013/08/11 21:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Google
[2012/11/15 00:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Identities
[2012/11/15 18:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\IGC
[2012/11/15 17:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Macromedia
[2013/02/05 17:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Media Player Classic
[2013/09/04 13:46:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\user\Application Data\Microsoft
[2012/11/15 00:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla
[2013/09/15 22:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nero
[2013/08/01 22:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nokia
[2012/11/15 00:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Opera
[2013/09/22 19:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\PC Suite
[2012/11/15 18:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\pdf995
[2013/08/01 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sun
[2013/10/04 20:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Thinstall
[2013/10/09 17:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\uTorrent
[2013/09/11 00:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\WinRAR
[2013/10/07 16:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\XBMC
< MD5 for: ATAPI.SYS >[2008/04/14 18:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 18:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: CSRSS.EXE >[2008/04/14 18:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2008/04/14 18:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >[2008/04/14 18:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 18:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: MSWSOCK.DLL >[2008/06/20 17:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 17:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/14 18:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/20 18:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
< MD5 for: NWPROVAU.DLL >[2008/04/14 18:00:00 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\dllcache\nwprovau.dll
[2008/04/14 18:00:00 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\nwprovau.dll
< MD5 for: PNRPNSP.DLL >[2008/04/14 18:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\dllcache\pnrpnsp.dll
[2008/04/14 18:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\pnrpnsp.dll
< MD5 for: RSVPSP.DLL >[2008/04/14 18:00:00 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\system32\dllcache\rsvpsp.dll
[2008/04/14 18:00:00 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\system32\rsvpsp.dll
< MD5 for: SERVICES.EXE >[2009/02/06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 18:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
< MD5 for: SVCHOST.EXE >[2008/04/14 18:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 18:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USER32.DLL >[2008/04/14 18:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\dllcache\user32.dll
[2008/04/14 18:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >[2008/04/14 18:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 18:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2008/04/14 18:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 18:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINRNR.DLL >[2008/04/14 18:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\dllcache\winrnr.dll
[2008/04/14 18:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\winrnr.dll
< dir C:\ /S /A:L /C > Volume in drive C has no label.
Volume Serial Number is ACCA-D92A
Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
07/18/2013 10:40 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
07/18/2013 10:40 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
08/31/2013 08:14 PM <JUNCTION> v4.0_4.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler
08/31/2013 08:19 PM <JUNCTION> v4.0_4.0.0.0__31bf3856ad364e35
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
4 Dir(s) 258,349,154,304 bytes free
< C:\Windows\assembly\tmp\U\*.* /s > < %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 23:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 23:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/10/03 07:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/06/07 19:26:09 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 23:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 23:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %ProgramFiles%\WINDOWS NT\*.* /s >[2008/04/14 18:00:00 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\dialer.exe
[2008/04/14 18:00:00 | 000,013,312 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\htrn_jis.dll
[2008/04/14 18:00:00 | 000,028,160 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\hypertrm.exe
[2009/11/20 12:14:51 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\mswrd6.wpc
[2010/12/21 13:51:53 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\mswrd8.wpc
[2010/07/12 13:55:03 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\wordpad.exe
[2009/11/20 12:14:50 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\write.wpc
[2008/04/14 18:00:00 | 000,003,947 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\FONT.DAT
[2008/04/14 18:00:00 | 000,928,700 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.DAT
[2008/04/14 18:00:00 | 000,281,088 | ---- | M] (Cinematronics) -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.EXE
[2008/04/14 18:00:00 | 000,108,607 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.MID
[2008/04/14 18:00:00 | 000,028,888 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL2.MID
[2008/04/14 18:00:00 | 000,055,490 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND1.WAV
[2008/04/14 18:00:00 | 000,001,226 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND104.WAV
[2008/04/14 18:00:00 | 000,001,968 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND105.WAV
[2008/04/14 18:00:00 | 000,007,754 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND108.WAV
[2008/04/14 18:00:00 | 000,000,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND111.WAV
[2008/04/14 18:00:00 | 000,000,824 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND112.WAV
[2008/04/14 18:00:00 | 000,004,296 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND12.WAV
[2008/04/14 18:00:00 | 000,008,034 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND13.WAV
[2008/04/14 18:00:00 | 000,001,290 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND131.WAV
[2008/04/14 18:00:00 | 000,019,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND136.WAV
[2008/04/14 18:00:00 | 000,003,002 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND14.WAV
[2008/04/14 18:00:00 | 000,001,046 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND16.WAV
[2008/04/14 18:00:00 | 000,002,090 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND17.WAV
[2008/04/14 18:00:00 | 000,003,986 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND18.WAV
[2008/04/14 18:00:00 | 000,027,472 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND181.WAV
[2008/04/14 18:00:00 | 000,005,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND19.WAV
[2008/04/14 18:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND20.WAV
[2008/04/14 18:00:00 | 000,009,194 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND21.WAV
[2008/04/14 18:00:00 | 000,007,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND22.WAV
[2008/04/14 18:00:00 | 000,012,106 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND24.WAV
[2008/04/14 18:00:00 | 000,014,600 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND240.WAV
[2008/04/14 18:00:00 | 000,020,712 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND243.WAV
[2008/04/14 18:00:00 | 000,025,704 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND25.WAV
[2008/04/14 18:00:00 | 000,007,306 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND26.WAV
[2008/04/14 18:00:00 | 000,020,242 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND27.WAV
[2008/04/14 18:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND28.WAV
[2008/04/14 18:00:00 | 000,010,364 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND29.WAV
[2008/04/14 18:00:00 | 000,022,858 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND3.WAV
[2008/04/14 18:00:00 | 000,022,570 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND30.WAV
[2008/04/14 18:00:00 | 000,001,520 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND34.WAV
[2008/04/14 18:00:00 | 000,019,498 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND35.WAV
[2008/04/14 18:00:00 | 000,033,848 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND36.WAV
[2008/04/14 18:00:00 | 000,013,024 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND38.WAV
[2008/04/14 18:00:00 | 000,028,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND39.WAV
[2008/04/14 18:00:00 | 000,016,626 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND4.WAV
[2008/04/14 18:00:00 | 000,029,140 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND42.WAV
[2008/04/14 18:00:00 | 000,022,796 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND43.WAV
[2008/04/14 18:00:00 | 000,009,770 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND45.WAV
[2008/04/14 18:00:00 | 000,001,876 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49.WAV
[2008/04/14 18:00:00 | 000,003,330 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49D.WAV
[2008/04/14 18:00:00 | 000,003,180 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND5.WAV
[2008/04/14 18:00:00 | 000,012,074 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND50.WAV
[2008/04/14 18:00:00 | 000,008,932 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND528.WAV
[2008/04/14 18:00:00 | 000,009,022 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND53.WAV
[2008/04/14 18:00:00 | 000,018,250 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND54.WAV
[2008/04/14 18:00:00 | 000,021,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND55.WAV
[2008/04/14 18:00:00 | 000,029,004 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND560.WAV
[2008/04/14 18:00:00 | 000,024,192 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND563.WAV
[2008/04/14 18:00:00 | 000,030,502 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND57.WAV
[2008/04/14 18:00:00 | 000,003,408 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND58.WAV
[2008/04/14 18:00:00 | 000,004,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND6.WAV
[2008/04/14 18:00:00 | 000,017,676 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND65.WAV
[2008/04/14 18:00:00 | 000,032,402 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND68.WAV
[2008/04/14 18:00:00 | 000,026,442 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND7.WAV
[2008/04/14 18:00:00 | 000,014,592 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND713.WAV
[2008/04/14 18:00:00 | 000,027,268 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND735.WAV
[2008/04/14 18:00:00 | 000,002,102 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND8.WAV
[2008/04/14 18:00:00 | 000,047,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND827.WAV
[2008/04/14 18:00:00 | 000,020,098 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND9.WAV
[2008/04/14 18:00:00 | 000,006,742 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND999.WAV
[2008/04/14 18:00:00 | 000,339,178 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\table.bmp
[2008/04/14 18:00:00 | 000,002,687 | R--- | M] () -- C:\Program Files\WINDOWS NT\Pinball\wavemix.inf
< %systemroot%\system32\drivers\*.sys /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56E2E879
< End of report >
The 2nd log for OTL is this:
OTL Extras logfile created on: 10/9/2013 7:29:57 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Desktop\Adware Removal tools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.44 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 65.87% Memory free
5.27 Gb Paging File | 3.52 Gb Available in Paging File | 66.77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292.97 Gb Total Space | 240.65 Gb Free Space | 82.14% Space Free | Partition Type: NTFS
Drive E: | 172.79 Gb Total Space | 93.44 Gb Free Space | 54.08% Space Free | Partition Type: NTFS
Drive F: | 6.68 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: USER-AE3AC86A7F | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.scr [@ = AutoCADScriptFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Documents and Settings\user\Application Data\uTorrent\uTorrent.exe" = C:\Documents and Settings\user\Application Data\uTorrent\uTorrent.exe:*:Enabled:Torrent -- (BitTorrent Inc.)
"C:\Documents and Settings\user\Application Data\Allmyapps\Allmyapps.exe" = C:\Documents and Settings\user\Application Data\Allmyapps\Allmyapps.exe:*:Enabled:Allmyapps
"C:\Documents and Settings\user\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\user\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client -- (Akamai Technologies, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio version 2.7
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{207780D5-A515-4E79-B7C2-E4D32F8A6CA1}" = Eco Materials Adviser
"{23170F69-40C1-2701-0920-000001000000}" = 7-Zip 9.20
"{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012
"{25F61E72-AAA4-4607-95D2-1E5139C98FFB}" = Nokia_Multimedia_Common_Components_2_5
"{266597A9-1632-0000-0100-DCBF2B69166B}" = Autodesk Vault 2012 (Client) English Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (AUTODESKVAULT)
"{2CD6BBA0-17C8-4789-9B9B-B36F7E815F6A}" = DWG TrueView 2007
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1" = DriverIdentifier 4.2.7
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4E1A54A9-FFB3-4BE6-B59B-3CC94C3B31D2}" = Autodesk Inventor Fusion for Inventor 2012 Add-in Language Pack
"{4E3B47F2-21EB-4F20-87C8-5A0E4D5F3858}" = Autodesk Inventor Fusion for Inventor 2012 Add-in
"{4FCB1267-7380-4EBA-9A6C-69809C6E8227}" = Nokia Music Player
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5783F2D7-8001-0409-0002-0060B0CE6BBA}" = AutoCAD 2010 - English
"{5783F2D7-8001-0409-1002-0060B0CE6BBA}" = AutoCAD 2010 Language Pack - English
"{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012
"{5C8281B1-B927-495A-A0FF-AB4BDFAE505C}" = Autodesk Revit MEP 2010
"{5E8ED61B-9027-4EA3-8E5B-BC2A9EE6B020}" = Autodesk Data Management Server 2008
"{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}" = saveensshare
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{654977DB-0001-0002-0001-EABD228DDE8B}" = Microsoft Download Manager
"{6F411DB4-EC41-482B-AD46-384957928F69}" = AOEMView 2008
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7765322A-8601-47D3-AC60-B66677450D7B}" = G Data InternetSecurity 2014
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{7F4DD591-1200-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2008
"{7F4DD591-1632-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2012
"{7F4DD591-1632-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2012 English Language Pack
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{3EC77D26-799B-4CD8-914F-C1565E796173}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{6385178D-122C-446E-9893-E461F27F5DE1}" =
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{EA35370F-586C-45E1-AC6C-A4E275C6B762}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = Microsoft Office Visio 2007 Service Pack 1 (SP1)
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Visafone Hotspot
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B46DECD1-1632-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2012 (Desktop Content)
"{B5751715-EC10-43D9-8C95-62E1368433EF}" = Autodesk Material Library Medium Resolution Image Library 2012
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF526A26-1632-0000-0000-02E95019B628}" = Autodesk Vault 2012 (Client)
"{D25FF5C1-1632-469A-9794-69309387C193}" = Quick Uninstall Tool for Autodesk Inventor 2012
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E55B00B0-9DBF-4EE1-AC1D-5DEBE12BD097}" = Autodesk Vault 2008
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Alumasc_0" = Alumasc Drainage Calculators 1.07
"AOEMView 2008" = AOEMView 2008
"AutoCAD 2010 - English" = AutoCAD 2010 - English
"Autodesk Data Management Server 2008" = Autodesk Data Management Server 2008
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk Inventor Fusion for Inventor 2012 Add-in" = Autodesk Inventor Fusion for Inventor 2012 Add-in
"Autodesk Inventor Professional 2012" = Autodesk Inventor Professional 2012 English
"Autodesk Revit MEP 2010" = Autodesk Revit MEP 2010
"Autodesk Vault 2008" = Autodesk Vault 2008
"Autodesk Vault 2012 (Client)" = Autodesk Vault 2012 (Client)
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DVD Shrink_is1" = DVD Shrink 3.2
"DWG TrueView 2012" = DWG TrueView 2012
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"EPSON Printer and Utilities" = EPSON Printer Software
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.7.0 (Full)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MSNINST" = MSN
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Pdf995" = Pdf995
"pepakura_designer3en" = Pepakura Designer 3
"PROSet" = Intel® Network Connections Drivers
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"VISPRO" = Microsoft Office Visio Professional 2007
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinDjView" = WinDjView 1.0.3
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 5.00 (32-bit)
"Wise Registry Cleaner_is1" = Wise Registry Cleaner Professional V5.9.1
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"uTorrent" = Torrent
"XBMC" = XBMC
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 10/7/2013 8:57:39 AM | Computer Name = USER-AE3AC86A7F | Source = Nokia Ovi Suite | ID = 100
Description = Timestamp: 10/7/2013 12:57:38 PM Message: HandlingInstanceID: a9894f9b-c208-4181-a403-94ebfa64f175
An
exception of type 'System.Net.WebException' occurred and was caught. -----------------------------------------------------------------------
10/07/2013
13:57:38 Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089 Message : The remote name could not be resolved:
'nds1.nokia.com' Source : System Help link : Status : NameResolutionFailure Response
: Data : System.Collections.ListDictionaryInternal TargetSite : System.Net.WebResponse
EndGetResponse(System.IAsyncResult) Stack Trace : at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult
asyncResult) at System.Net.WebClient.GetWebResponse(WebRequest request, IAsyncResult
result) at System.Net.WebClient.DownloadBitsResponseCallback(IAsyncResult result)
Additional
Info: MachineName : USER-AE3AC86A7F TimeStamp : 10/7/2013 12:57:38 PM FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling,
Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a AppDomainName
: NokiaMusicPlayer.exe ThreadIdentity : WindowsIdentity : USER-AE3AC86A7F\user Category:
Error Priority: 0 EventId: 100 Severity: Error Title:Nokia Ovi Suite Machine: USER-AE3AC86A7F
App
Domain: NokiaMusicPlayer.exe ProcessId: 1756 Process Name: C:\Program Files\Nokia\Nokia
Music Player\NokiaMusicPlayer.exe Thread Name: Win32 ThreadId:2672 Extended Properties:
URL -
http://nds1.nokia.co...nokia_music.xml Error - 10/7/2013 1:20:53 PM | Computer Name = USER-AE3AC86A7F | Source = Nokia Ovi Suite | ID = 100
Description = Timestamp: 10/7/2013 5:20:53 PM Message: HandlingInstanceID: 343fb883-5811-4362-be80-0513797b19fc
An
exception of type 'System.Net.WebException' occurred and was caught. -----------------------------------------------------------------------
10/07/2013
18:20:53 Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089 Message : The remote name could not be resolved:
'nds1.nokia.com' Source : System Help link : Status : NameResolutionFailure Response
: Data : System.Collections.ListDictionaryInternal TargetSite : System.Net.WebResponse
EndGetResponse(System.IAsyncResult) Stack Trace : at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult
asyncResult) at System.Net.WebClient.GetWebResponse(WebRequest request, IAsyncResult
result) at System.Net.WebClient.DownloadBitsResponseCallback(IAsyncResult result)
Additional
Info: MachineName : USER-AE3AC86A7F TimeStamp : 10/7/2013 5:20:53 PM FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling,
Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a AppDomainName
: NokiaMusicPlayer.exe ThreadIdentity : WindowsIdentity : USER-AE3AC86A7F\user Category:
Error Priority: 0 EventId: 100 Severity: Error Title:Nokia Ovi Suite Machine: USER-AE3AC86A7F
App
Domain: NokiaMusicPlayer.exe ProcessId: 1380 Process Name: C:\Program Files\Nokia\Nokia
Music Player\NokiaMusicPlayer.exe Thread Name: Win32 ThreadId:2780 Extended Properties:
URL -
http://nds1.nokia.co...nokia_music.xml Error - 10/7/2013 1:44:28 PM | Computer Name = USER-AE3AC86A7F | Source = Nokia Ovi Suite | ID = 100
Description = Timestamp: 10/7/2013 5:44:28 PM Message: HandlingInstanceID: 597087c5-1350-4396-9efc-5cc3df144785
An
exception of type 'System.Net.WebException' occurred and was caught. -----------------------------------------------------------------------
10/07/2013
18:44:28 Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089 Message : The remote name could not be resolved:
'nds1.nokia.com' Source : System Help link : Status : NameResolutionFailure Response
: Data : System.Collections.ListDictionaryInternal TargetSite : System.Net.WebResponse
EndGetResponse(System.IAsyncResult) Stack Trace : at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult
asyncResult) at System.Net.WebClient.GetWebResponse(WebRequest request, IAsyncResult
result) at System.Net.WebClient.DownloadBitsResponseCallback(IAsyncResult result)
Additional
Info: MachineName : USER-AE3AC86A7F TimeStamp : 10/7/2013 5:44:28 PM FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling,
Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a AppDomainName
: NokiaMusicPlayer.exe ThreadIdentity : WindowsIdentity : USER-AE3AC86A7F\user Category:
Error Priority: 0 EventId: 100 Severity: Error Title:Nokia Ovi Suite Machine: USER-AE3AC86A7F
App
Domain: NokiaMusicPlayer.exe ProcessId: 2316 Process Name: C:\Program Files\Nokia\Nokia
Music Player\NokiaMusicPlayer.exe Thread Name: Win32 ThreadId:3048 Extended Properties:
URL -
http://nds1.nokia.co...nokia_music.xml Error - 10/7/2013 4:56:27 PM | Computer Name = USER-AE3AC86A7F | Source = Application Error | ID = 1000
Description = Faulting application dvd shrink 3.2.exe, version 3.2.0.15, faulting
module dvd shrink 3.2.exe, version 3.2.0.15, fault address 0x00026e15.
Error - 10/8/2013 1:52:23 PM | Computer Name = USER-AE3AC86A7F | Source = VSS | ID = 6004
Description = Sqllib error: Database KnowledgeVaultMaster is not simple.
Error - 10/8/2013 2:31:13 PM | Computer Name = USER-AE3AC86A7F | Source = VSS | ID = 6004
Description = Sqllib error: Database KnowledgeVaultMaster is not simple.
Error - 10/8/2013 2:38:07 PM | Computer Name = USER-AE3AC86A7F | Source = VSS | ID = 6004
Description = Sqllib error: Database KnowledgeVaultMaster is not simple.
Error - 10/8/2013 2:53:29 PM | Computer Name = USER-AE3AC86A7F | Source = VSS | ID = 6004
Description = Sqllib error: Database KnowledgeVaultMaster is not simple.
Error - 10/8/2013 2:58:23 PM | Computer Name = USER-AE3AC86A7F | Source = VSS | ID = 6004
Description = Sqllib error: Database KnowledgeVaultMaster is not simple.
Error - 10/8/2013 3:00:44 PM | Computer Name = USER-AE3AC86A7F | Source = VSS | ID = 6004
Description = Sqllib error: Database KnowledgeVaultMaster is not simple.
[ System Events ]
Error - 10/4/2013 1:34:25 PM | Computer Name = USER-AE3AC86A7F | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 10/4/2013 1:34:25 PM | Computer Name = USER-AE3AC86A7F | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 10/5/2013 9:17:20 AM | Computer Name = USER-AE3AC86A7F | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {61DD94EB-232F-48BE-B297-7DE6CC10AE7D}.
The
error: "%2" Happened while starting this command: C:\Program Files\Autodesk\Revit
MEP 2012\Program\LibWrapper.exe -Embedding
Error - 10/7/2013 5:13:59 AM | Computer Name = USER-AE3AC86A7F | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service AVKProxy with
arguments "-Service" in order to run the server: {9CC0C66E-A7B9-4611-8792-EE9833277273}
Error - 10/7/2013 5:27:48 AM | Computer Name = USER-AE3AC86A7F | Source = Service Control Manager | ID = 7022
Description = The G Data Personal Firewall service hung on starting.
Error - 10/7/2013 5:29:09 AM | Computer Name = USER-AE3AC86A7F | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service AVKProxy with
arguments "-Service" in order to run the server: {9CC0C66E-A7B9-4611-8792-EE9833277273}
Error - 10/7/2013 5:30:14 AM | Computer Name = USER-AE3AC86A7F | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service AVKWCtl with
arguments "-Service" in order to run the server: {BCB3CC02-761B-4C74-8B04-891A31034D19}
Error - 10/7/2013 5:33:44 AM | Computer Name = USER-AE3AC86A7F | Source = Service Control Manager | ID = 7022
Description = The G Data Personal Firewall service hung on starting.
Error - 10/7/2013 6:31:22 AM | Computer Name = USER-AE3AC86A7F | Source = Service Control Manager | ID = 7022
Description = The G Data Personal Firewall service hung on starting.
Error - 10/7/2013 11:22:05 AM | Computer Name = USER-AE3AC86A7F | Source = Service Control Manager | ID = 7022
Description = The G Data Personal Firewall service hung on starting.
< End of report >
And finally for Security Check, not much of a log: Just this:
UNSUPPORTED OPERATING SYSTEM! ABORTED!
Thanks a lot for any help. I'm still getting the double underlines.