Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow to connect to internet and 2 blue screens


  • Please log in to reply

#1
Steviep

Steviep

    Member

  • Member
  • PipPipPip
  • 311 posts
I wonder if someone could help with my wifes laptop, when turned on it takes several minutes to connect to the internet and twice last night it stopped working with a blue screen. Here is the OTL log:

OTL logfile created on: 12/11/2013 09:52:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gillian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.45 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 77.20% Memory free
5.29 Gb Paging File | 4.59 Gb Available in Paging File | 86.82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.84 Gb Total Space | 183.55 Gb Free Space | 78.83% Space Free | Partition Type: NTFS

Computer Name: E6400 | User Name: Gillian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/12 09:52:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gillian\Desktop\OTL.exe
PRC - [2013/10/08 12:08:53 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/08/29 17:31:36 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013/08/29 17:31:26 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013/08/29 17:31:25 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/08/29 17:31:25 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/08/18 13:14:13 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2008/04/13 23:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/23 07:43:21 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/08/23 09:38:24 | 000,574,840 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/02/02 21:47:42 | 000,143,360 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2010/02/02 21:45:58 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/29 17:31:36 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/08/29 17:31:25 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/08/20 20:00:30 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/18 13:14:13 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/01/09 13:46:25 | 001,122,304 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe -- (RoxMediaDB11)
SRV - [2008/08/14 00:25:24 | 000,367,088 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe -- (Roxio Upnp Server 11)
SRV - [2008/08/14 00:25:20 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe -- (Roxio UPnP Renderer 11)
SRV - [2008/08/14 00:24:06 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe -- (RoxLiveShare11)
SRV - [2008/08/14 00:24:02 | 000,170,480 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe -- (RoxWatch11)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Boot | Stopped] -- -- (cerc6)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Gillian\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AFGSp50.sys -- (AFGSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AFGMp50.sys -- (AFGMp50)
DRV - [2013/09/05 14:19:03 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/08/29 17:31:37 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/30 11:34:09 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/02/23 07:43:31 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011/12/08 04:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2011/12/08 04:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011/12/08 04:22:38 | 000,080,184 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/12/08 04:22:36 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011/12/08 04:22:36 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2011/12/08 04:22:36 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011/03/23 16:00:10 | 000,241,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress)
DRV - [2011/02/16 15:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010/02/02 21:47:32 | 002,696,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/02/23 11:08:10 | 001,545,795 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/12/16 15:41:44 | 000,112,512 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/09/22 13:40:46 | 000,109,568 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/08/11 10:53:22 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2008/04/14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/03/06 18:42:14 | 000,530,944 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/04/26 04:42:16 | 000,045,696 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/05/13 17:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E 49 73 C5 48 C4 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: [email protected]:6.4
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: ""
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/25 20:59:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/10 13:40:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/18 16:15:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/25 20:59:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\Gillian\Application Data\IDM\idmmzcc3

[2010/01/18 21:13:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gillian\Application Data\Mozilla\Extensions
[2013/05/09 15:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gillian\Application Data\Mozilla\Firefox\Profiles\4nu0v8wb.default\extensions
[2012/01/05 20:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/27 17:41:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2012/01/05 20:30:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2009/12/22 03:30:24 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/12/22 03:30:24 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/12/22 03:30:24 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/12/22 03:30:24 | 000,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

O1 HOSTS File: ([2013/11/10 18:07:05 | 000,449,836 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15468 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} http://www.partsaren...ns/IMIESRCH.cab (SearchCD Control)
O16 - DPF: {2665693B-C4F3-434B-83DB-7574CF50C8B7} http://www.kaspersky...censefinder.cab (Kaspersky License Finder)
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} http://www.partsaren...ins/GFXVIEW.cab (GrafixViewControl)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1346872701250 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://cards.hallmar...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BDDADA8-A4CB-4B1E-8758-F57923403A51}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Gillian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gillian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/18 20:56:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/12 09:52:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gillian\Desktop\OTL.exe
[2013/11/07 20:48:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/11/03 20:30:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/11/03 20:21:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/29 21:09:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer_files
[2013/10/19 14:17:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gillian\Recent
[1 C:\Documents and Settings\Gillian\Desktop\*.tmp files -> C:\Documents and Settings\Gillian\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/12 09:52:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gillian\Desktop\OTL.exe
[2013/11/12 09:48:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/12 09:48:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/11 18:18:40 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C41D49E3-3065-492C-8C9A-34C847A14A5B}.job
[2013/11/10 18:07:05 | 000,449,836 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/10 18:06:26 | 000,003,982 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/11/09 17:52:23 | 000,008,897 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\DP0821201317044083M.jpg
[2013/11/07 20:40:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20131110-180705.backup
[2013/10/29 21:12:00 | 000,079,373 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\B0047FA8D8.htm
[2013/10/29 21:10:41 | 000,215,486 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer.htm
[2013/10/29 21:06:20 | 000,007,780 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\Fiorelli.jpg
[2013/10/29 21:05:00 | 000,008,368 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\sussex.jpg
[2013/10/29 20:59:22 | 000,007,278 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\Radley.jpg
[2013/10/19 08:02:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[1 C:\Documents and Settings\Gillian\Desktop\*.tmp files -> C:\Documents and Settings\Gillian\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/10 17:29:24 | 000,003,982 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/11/09 17:52:22 | 000,008,897 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\DP0821201317044083M.jpg
[2013/10/29 21:12:00 | 000,079,373 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\B0047FA8D8.htm
[2013/10/29 21:09:41 | 000,215,486 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer.htm
[2013/10/29 21:06:20 | 000,007,780 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\Fiorelli.jpg
[2013/10/29 21:05:00 | 000,008,368 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\sussex.jpg
[2013/10/29 20:59:21 | 000,007,278 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\Radley.jpg
[2013/08/03 18:20:57 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\gcapi_dll.dll
[2012/02/16 07:22:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/30 18:05:01 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2011/12/26 20:09:04 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-IULS0.exe
[2011/12/26 19:57:50 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-R5FB6.exe
[2011/12/23 20:58:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/12/23 20:58:24 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/12/23 20:58:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/12/23 20:58:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/12/23 20:58:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/02/12 12:27:27 | 000,061,132 | ---- | C] () -- C:\Documents and Settings\Gillian\Local Settings\Application Data\rx_audio.Cache
[2011/02/12 12:27:27 | 000,002,088 | ---- | C] () -- C:\Documents and Settings\Gillian\Local Settings\Application Data\rx_image32.Cache
[2010/02/11 21:28:08 | 000,037,897 | ---- | C] () -- C:\Documents and Settings\Gillian\Application Data\Comma Separated Values (Windows).ADR
[2010/01/29 19:45:16 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Gillian\Application Data\$_hpcst$.hpc
[2010/01/22 20:34:00 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Gillian\default.pls
[2010/01/22 20:33:22 | 000,188,416 | ---- | C] () -- C:\Documents and Settings\Gillian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010/08/07 18:27:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/10/29 05:38:22 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 23:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/03/24 16:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/08/18 13:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2012/12/30 14:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FixBee
[2011/10/15 22:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2011/05/05 13:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2010/01/29 20:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/08/07 18:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/08/07 18:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Plus
[2010/08/07 18:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate Collection
[2010/12/27 23:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Recisio
[2012/01/14 18:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/10/15 23:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/08/07 18:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Studio 14
[2011/10/15 22:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/01/16 16:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2011/08/23 17:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2010/02/25 20:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2010/05/07 21:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/22 19:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/03/24 15:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Auslogics
[2012/02/25 15:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Avery
[2011/05/28 18:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/11/08 19:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\calibre
[2010/02/25 20:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\CopyTransPhoto
[2011/06/23 19:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\DMCache
[2011/08/06 17:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\ElevatedDiagnostics
[2012/12/30 14:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\FixBee
[2010/01/19 21:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Foxit
[2013/08/03 18:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Foxit Software
[2013/01/14 22:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Opera
[2012/08/05 12:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Oracle
[2010/01/29 20:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\PC Suite
[2010/08/07 19:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\proDAD
[2011/02/25 20:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Ringtone
[2012/01/14 18:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Samsung
[2012/01/14 18:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Temp
[2011/10/15 23:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Ulead Systems
[2012/12/30 14:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\uTorrent
[2010/02/11 20:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Windows Desktop Search
[2010/02/28 11:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Windows Search
[2010/02/25 20:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\WindSolutions
[2010/02/25 18:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gillian\Application Data\Zoner

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/11/12 09:53:32 | 103,837,334 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\喋啜6
[2013/11/12 09:53:32 | 103,837,334 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\喋啜6
[2013/11/11 20:48:21 | 103,792,856 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\Ề啜6
[2013/11/11 20:48:21 | 103,792,856 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\Ề啜6
[2013/11/10 15:28:22 | 103,551,423 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ਲ਼啜6
[2013/11/10 15:28:22 | 103,551,423 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ਲ਼啜6
[2013/11/09 15:14:06 | 103,387,443 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\啜6
[2013/11/09 15:14:06 | 103,387,443 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\啜6
[2013/11/07 19:22:34 | 103,000,967 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䏐ⶃ啤6
[2013/11/07 19:22:34 | 103,000,967 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䏐ⶃ啤6
[2013/10/14 15:35:28 | 100,910,526 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᵦ㱠啤6
[2013/10/14 09:36:33 | 100,910,526 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᵦ㱠啤6
[2013/10/11 20:55:17 | 100,511,085 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쨠놮啤6
[2013/10/11 17:19:48 | 100,511,085 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쨠놮啤6
[2013/10/06 13:03:45 | 099,463,930 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\┿啤6
[2013/10/06 13:03:45 | 099,463,930 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\┿啤6
[2013/10/04 14:55:39 | 099,209,434 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ﷱ痵啤6
[2013/10/04 14:55:39 | 099,209,434 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ﷱ痵啤6
[2013/09/15 17:54:59 | 097,671,483 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ƌ僁啤6
[2013/09/15 17:54:59 | 097,671,483 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ƌ僁啤6
[2013/09/14 15:38:33 | 097,581,476 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쁨଩啤6
[2013/09/14 15:38:33 | 097,581,476 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쁨଩啤6
[2013/09/08 13:56:28 | 096,566,691 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\賐鹬啤6
[2013/09/08 13:56:28 | 096,566,691 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\賐鹬啤6
[2013/09/03 12:48:13 | 095,587,704 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\꽷蕟啤6
[2013/09/03 12:48:13 | 095,587,704 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\꽷蕟啤6
[2013/09/02 14:14:59 | 095,231,388 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\咋墱啤6
[2013/09/02 14:14:59 | 095,231,388 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\咋墱啤6
[2013/08/31 20:52:48 | 095,128,664 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ಌ놭啤6
[2013/08/31 20:52:48 | 095,128,664 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ಌ놭啤6
[2013/01/02 23:41:37 | 000,014,093 | ---- | M] ()(C:\Documents and Settings\Gillian\My Documents\?ƒ ?s?.docx) -- C:\Documents and Settings\Gillian\My Documents\ɪƒ ƴσυ.docx
[2013/01/02 23:41:37 | 000,014,093 | ---- | C] ()(C:\Documents and Settings\Gillian\My Documents\?ƒ ?s?.docx) -- C:\Documents and Settings\Gillian\My Documents\ɪƒ ƴσυ.docx

< End of report >


OTL Extras logfile created on: 12/11/2013 09:52:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gillian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.45 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 77.20% Memory free
5.29 Gb Paging File | 4.59 Gb Available in Paging File | 86.82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.84 Gb Total Space | 183.55 Gb Free Space | 78.83% Space Free | Partition Type: NTFS

Computer Name: E6400 | User Name: Gillian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{00405945-70C1-4B1D-9A3C-45A2883366AF}" = PS_AIO_05_C4600_Software_Min
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0830C2E8-01B9-4CD1-B218-12B0107D5BED}" = calibre
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1D53B6F9-E66E-42D8-A221-4FF8AC134FD7}" = Roxio Activation Module
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21ABEA96-CCAB-4C40-8699-6BDFEC5FD63C}" = EMC 11 Content
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3383136B-4F86-4F05-8612-DD4BB16A1EAE}" = Roxio Central
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44C81D1A-0520-49BB-B510-98B8DD414EA1}" = HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{51D7C8E7-A7CB-46F9-B959-EFE6D59DDBE8}" = HD Writer PE 1.0
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Ver.3.53.02
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{69F56014-2C48-4885-8D72-0E069F89647F}" = Roxio Creator 2009 Special Edition
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Driver
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7919D8D9-69FB-4E94-B330-04C4AF251867}" = Roxio Creator 2009 Special Edition
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7CDD7C4C-5224-40E4-951F-51C12FEAB8AB}" = C4600
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C64C35E-093A-43B9-B7E5-9966581FC143}" = iSCC
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA749D64-3741-4D5F-B804-B0BC05D179D1}" = Roxio CinePlayer
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BC21E1FA-BD9C-4351-8EA3-4EC377B1E439}_is1" = Power CD+G Burner
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0FE37FA-0886-4B66-B01B-76CF70FB77AB}" = Roxio CinePlayer Decoder Pack
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Buzzy Bumble" = Buzzy Bumble
"CCleaner" = CCleaner
"CopyTrans Suite" = CopyTrans Suite Remove Only
"DW WLAN Card Utility" = DW WLAN Card Utility
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KaraFun_is1" = KaraFun 1.18
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"proDAD-Mercalli-1.0" = proDAD Mercalli 1.0
"Product Key Explorer_is1" = Product Key Explorer 1.0
"PROSet" = Intel® Network Connections Drivers
"Revo Uninstaller" = Revo Uninstaller 1.95
"Shop for HP Supplies" = Shop for HP Supplies
"TVEpaDrv" = Roxio Video Capture USB Driver
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZonerPhotoStudio12_EN_is1" = Zoner Photo Studio 12

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 07/11/2013 16:35:24 | Computer Name = E6400 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved

Error - 07/11/2013 16:35:25 | Computer Name = E6400 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 09/11/2013 11:43:18 | Computer Name = E6400 | Source = Chrome | ID = 1
Description =

Error - 09/11/2013 16:11:34 | Computer Name = E6400 | Source = Chrome | ID = 1
Description =

Error - 09/11/2013 16:12:35 | Computer Name = E6400 | Source = Chrome | ID = 1
Description =

Error - 09/11/2013 16:31:10 | Computer Name = E6400 | Source = Chrome | ID = 1
Description =

Error - 09/11/2013 18:05:15 | Computer Name = E6400 | Source = Userenv | ID = 1068
Description = Windows ended GPO processing because the computer shut down or the
user logged off.

Error - 10/11/2013 11:35:15 | Computer Name = E6400 | Source = Chrome | ID = 1
Description =

Error - 10/11/2013 16:51:15 | Computer Name = E6400 | Source = Chrome | ID = 1
Description =

Error - 11/11/2013 09:59:01 | Computer Name = E6400 | Source = Chrome | ID = 1
Description =

[ OSession Events ]
Error - 10/08/2010 10:25:30 | Computer Name = E6400 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 9939
seconds with 2220 seconds of active time. This session ended with a crash.

Error - 03/12/2012 11:06:51 | Computer Name = E6400 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/11/2013 16:45:43 | Computer Name = E6400 | Source = Print | ID = 23
Description = Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech
135 PS2 driver could not be found.

Error - 11/11/2013 16:45:47 | Computer Name = E6400 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.

Error - 11/11/2013 16:45:47 | Computer Name = E6400 | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053

Error - 11/11/2013 17:18:35 | Computer Name = E6400 | Source = Print | ID = 23
Description = Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech
135 PS2 driver could not be found.

Error - 11/11/2013 17:18:38 | Computer Name = E6400 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.

Error - 11/11/2013 17:18:38 | Computer Name = E6400 | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053

Error - 11/11/2013 17:19:12 | Computer Name = E6400 | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 bf86600b, parameter3
afb91ae4, parameter4 00000000.

Error - 12/11/2013 05:48:17 | Computer Name = E6400 | Source = Print | ID = 23
Description = Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech
135 PS2 driver could not be found.

Error - 12/11/2013 05:48:23 | Computer Name = E6400 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security
Center Service service to connect.

Error - 12/11/2013 05:48:23 | Computer Name = E6400 | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Security Center Service service failed to start due
to the following error: %%1053


< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Uninstall Spybot - Search & Destroy. It's having problems and it will interfere with any fixes.

Uninstall

Java™ 6 Update 30 It's obsolete and you have the latest version.
JavaFX 2.1.1

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

Auslogics Registry Cleaner - Registry cleaners do more harm than good.

Auslogics BoostSpeed


Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.



Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post. Uninstall Speccy.


Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

The disk check will run and will probably take an hour or more to finish.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#3
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
# AdwCleaner v3.012 - Report created 12/11/2013 at 22:00:09
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Gillian - E6400
# Running from : C:\Documents and Settings\Gillian\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v3.5.7 (en-GB)

[ File : C:\Documents and Settings\Gillian\Application Data\Mozilla\Firefox\Profiles\4nu0v8wb.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Gillian\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Hannah\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3093 octets] - [03/11/2013 20:21:19]
AdwCleaner[R1].txt - [1427 octets] - [07/11/2013 19:52:53]
AdwCleaner[R2].txt - [1467 octets] - [12/11/2013 21:56:59]
AdwCleaner[S0].txt - [3117 octets] - [03/11/2013 20:24:38]
AdwCleaner[S1].txt - [1490 octets] - [07/11/2013 19:56:11]
AdwCleaner[S2].txt - [1388 octets] - [12/11/2013 22:00:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1448 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Gillian on 12/11/2013 at 22:08:35.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/11/2013 at 22:20:30.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Gillian (administrator) on E6400 on 12-11-2013 22:25:19
Running from C:\Documents and Settings\Gillian\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\WINDOWS\System32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\System32\bcmwltry.exe
(Microsoft Corporation) C:\WINDOWS\System32\SCardSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\WINDOWS\system32\WLTRAY.EXE [2670592 2010-02-02] (Dell Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe"
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe"
HKU\Hannah\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2012-10-25] (Apple Inc.)
HKU\Hannah\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E4973C548C4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: {1B735B98-8010-11D5-AD0B-00500463D885} http://www.partsaren...ns/IMIESRCH.cab
DPF: {2665693B-C4F3-434B-83DB-7574CF50C8B7} http://www.kaspersky...censefinder.cab
DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} http://www.partsaren...ins/GFXVIEW.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://cards.hallmar...veX_Control.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gillian\Application Data\Mozilla\Firefox\Profiles\4nu0v8wb.default
FF Homepage: hxxp://www.google.co.uk/
FF SelectedSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF Keyword.URL: user_pref("keyword.URL", "");
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\SeaMonkey\Extensions: [[email protected]] - C:\Documents and Settings\Gillian\Application Data\IDM\idmmzcc3

Chrome:
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-29] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
S3 Roxio UPnP Renderer 11; C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe [313840 2008-08-14] (Sonic Solutions)
S2 Roxio Upnp Server 11; C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe [367088 2008-08-14] (Sonic Solutions)
S2 RoxLiveShare11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [309744 2008-08-14] (Sonic Solutions)
S3 RoxMediaDB11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [1122304 2009-01-09] (Sonic Solutions)
S2 RoxWatch11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [170480 2008-08-14] (Sonic Solutions)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2404352 2010-02-02] (Dell Inc.)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 AESTAud; C:\Windows\System32\drivers\AESTAud.sys [112512 2008-12-16] (Andrea Electronics Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-08-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-30] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [2696448 2010-02-02] (Broadcom Corporation)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 e1yexpress; C:\Windows\System32\DRIVERS\e1y5132.sys [241880 2011-03-23] (Intel Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S4 RxFilter; C:\Windows\System32\DRIVERS\RxFilter.sys [57328 2008-08-11] (Sonic Solutions)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-23] (Avira GmbH)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181432 2011-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1545795 2009-02-23] (IDT, Inc.)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [530944 2008-03-06] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [45696 2007-04-26] (eMPIA Technology, Inc.)
S3 AFGMp50; System32\Drivers\AFGMp50.sys [x]
S3 AFGSp50; System32\Drivers\AFGSp50.sys [x]
S3 catchme; \??\C:\DOCUME~1\Gillian\LOCALS~1\Temp\catchme.sys [x]
S0 cerc6; No ImagePath
S4 IntelIde; No ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-12 22:25 - 2013-11-12 22:25 - 00000000 ____D C:\FRST
2013-11-12 22:23 - 2013-11-12 22:23 - 01090275 _____ (Farbar) C:\Documents and Settings\Gillian\Desktop\FRST.exe
2013-11-12 22:22 - 2013-11-12 22:22 - 103974937 _____ C:\WINDOWS\system32\⫮�啜6
2013-11-12 22:20 - 2013-11-12 22:20 - 00000583 _____ C:\Documents and Settings\Gillian\Desktop\JRT.txt
2013-11-12 22:07 - 2013-11-12 22:07 - 01034531 _____ (Thisisu) C:\Documents and Settings\Gillian\Desktop\JRT.exe
2013-11-12 22:07 - 2013-11-12 22:07 - 00001528 _____ C:\Documents and Settings\Gillian\Desktop\AdwCleaner[S2].txt
2013-11-12 21:54 - 2013-11-12 21:54 - 01085542 _____ C:\Documents and Settings\Gillian\Desktop\AdwCleaner.exe
2013-11-12 16:22 - 2013-11-12 16:22 - 103912569 _____ C:\WINDOWS\system32\캆끅啜6
2013-11-12 09:58 - 2013-11-12 09:58 - 00082300 _____ C:\Documents and Settings\Gillian\Desktop\OTL.Txt
2013-11-12 09:58 - 2013-11-12 09:58 - 00053216 _____ C:\Documents and Settings\Gillian\Desktop\Extras.Txt
2013-11-12 09:52 - 2013-11-12 09:52 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Gillian\Desktop\OTL.exe
2013-11-11 21:18 - 2013-11-11 21:18 - 00090112 _____ C:\WINDOWS\Minidump\Mini111113-01.dmp
2013-11-11 20:48 - 2013-11-11 20:48 - 103792856 _____ C:\WINDOWS\system32\Ề啜6
2013-11-10 18:07 - 2013-11-07 20:40 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20131110-180705.backup
2013-11-10 17:29 - 2013-11-10 18:06 - 00003982 _____ C:\WINDOWS\wininit.ini
2013-11-10 15:28 - 2013-11-10 15:28 - 103551423 _____ C:\WINDOWS\system32\ਲ਼啜6
2013-11-09 15:14 - 2013-11-09 15:14 - 103387443 _____ C:\WINDOWS\system32\啜6
2013-11-07 20:45 - 2013-11-07 20:45 - 00016929 _____ C:\ComboFix.txt
2013-11-07 19:22 - 2013-11-07 19:22 - 103000967 _____ C:\WINDOWS\system32\䏐ⶃ啤6
2013-11-03 20:30 - 2013-11-03 20:30 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-03 20:21 - 2013-11-12 22:06 - 00000000 ____D C:\AdwCleaner
2013-10-29 21:12 - 2013-10-29 21:12 - 00079373 _____ C:\Documents and Settings\Gillian\Desktop\B0047FA8D8.htm
2013-10-29 21:09 - 2013-10-29 21:10 - 00215486 _____ C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer.htm
2013-10-29 21:09 - 2013-10-29 21:10 - 00000000 ____D C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer_files
2013-10-19 15:23 - 2013-04-14 15:59 - 00445502 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20131019-162327.backup
2013-10-14 09:36 - 2013-10-14 15:35 - 100910526 _____ C:\WINDOWS\system32\ᵦ㱠啤6

==================== One Month Modified Files and Folders =======

2013-11-12 22:25 - 2013-11-12 22:25 - 00000000 ____D C:\FRST
2013-11-12 22:23 - 2013-11-12 22:23 - 01090275 _____ (Farbar) C:\Documents and Settings\Gillian\Desktop\FRST.exe
2013-11-12 22:22 - 2013-11-12 22:22 - 103974937 _____ C:\WINDOWS\system32\⫮�啜6
2013-11-12 22:20 - 2013-11-12 22:20 - 00000583 _____ C:\Documents and Settings\Gillian\Desktop\JRT.txt
2013-11-12 22:07 - 2013-11-12 22:07 - 01034531 _____ (Thisisu) C:\Documents and Settings\Gillian\Desktop\JRT.exe
2013-11-12 22:07 - 2013-11-12 22:07 - 00001528 _____ C:\Documents and Settings\Gillian\Desktop\AdwCleaner[S2].txt
2013-11-12 22:06 - 2013-11-03 20:21 - 00000000 ____D C:\AdwCleaner
2013-11-12 22:05 - 2008-04-13 23:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-12 22:04 - 2010-01-18 20:55 - 01458320 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-12 22:02 - 2010-02-15 13:56 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-12 22:02 - 2010-02-15 13:56 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-12 22:02 - 2010-01-18 20:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-12 22:01 - 2013-08-03 21:18 - 00004014 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-12 22:01 - 2010-01-18 21:00 - 00000129 ___SH C:\Documents and Settings\Gillian\ntuser.ini
2013-11-12 21:54 - 2013-11-12 21:54 - 01085542 _____ C:\Documents and Settings\Gillian\Desktop\AdwCleaner.exe
2013-11-12 21:51 - 2012-09-05 19:09 - 00000000 ____D C:\Program Files\Auslogics
2013-11-12 21:51 - 2012-09-05 19:09 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2013-11-12 21:40 - 2010-01-18 20:49 - 00007340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-12 21:33 - 2012-11-21 22:06 - 00524288 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2013-11-12 21:32 - 2010-01-18 21:00 - 00000000 ____D C:\Documents and Settings\Gillian
2013-11-12 18:59 - 2010-01-19 20:33 - 00000426 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{C41D49E3-3065-492C-8C9A-34C847A14A5B}.job
2013-11-12 16:22 - 2013-11-12 16:22 - 103912569 _____ C:\WINDOWS\system32\캆끅啜6
2013-11-12 09:58 - 2013-11-12 09:58 - 00082300 _____ C:\Documents and Settings\Gillian\Desktop\OTL.Txt
2013-11-12 09:58 - 2013-11-12 09:58 - 00053216 _____ C:\Documents and Settings\Gillian\Desktop\Extras.Txt
2013-11-12 09:52 - 2013-11-12 09:52 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Gillian\Desktop\OTL.exe
2013-11-11 21:18 - 2013-11-11 21:18 - 00090112 _____ C:\WINDOWS\Minidump\Mini111113-01.dmp
2013-11-11 21:18 - 2010-01-23 15:40 - 00000000 ____D C:\WINDOWS\Minidump
2013-11-11 20:48 - 2013-11-11 20:48 - 103792856 _____ C:\WINDOWS\system32\Ề啜6
2013-11-10 19:41 - 2013-02-03 18:42 - 00013220 _____ C:\Documents and Settings\Gillian\My Documents\Book12.xlsx
2013-11-10 18:06 - 2013-11-10 17:29 - 00003982 _____ C:\WINDOWS\wininit.ini
2013-11-10 15:28 - 2013-11-10 15:28 - 103551423 _____ C:\WINDOWS\system32\ਲ਼啜6
2013-11-09 18:39 - 2010-01-18 20:58 - 00000000 ___SD C:\Documents and Settings\NetworkService
2013-11-09 16:44 - 2013-02-28 20:54 - 00020924 _____ C:\Documents and Settings\Gillian\My Documents\gmar.xlsx
2013-11-09 15:14 - 2013-11-09 15:14 - 103387443 _____ C:\WINDOWS\system32\啜6
2013-11-07 20:45 - 2013-11-07 20:45 - 00016929 _____ C:\ComboFix.txt
2013-11-07 20:40 - 2013-11-10 18:07 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20131110-180705.backup
2013-11-07 20:40 - 2008-04-13 23:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-11-07 20:24 - 2011-12-31 18:46 - 00000000 ____D C:\WINDOWS\ERDNT
2013-11-07 19:22 - 2013-11-07 19:22 - 103000967 _____ C:\WINDOWS\system32\䏐ⶃ啤6
2013-11-03 20:30 - 2013-11-03 20:30 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-29 21:12 - 2013-10-29 21:12 - 00079373 _____ C:\Documents and Settings\Gillian\Desktop\B0047FA8D8.htm
2013-10-29 21:10 - 2013-10-29 21:09 - 00215486 _____ C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer.htm
2013-10-29 21:10 - 2013-10-29 21:09 - 00000000 ____D C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer_files
2013-10-29 21:09 - 2011-03-31 17:43 - 00108032 ___SH C:\Documents and Settings\Gillian\Desktop\Thumbs.db
2013-10-19 14:20 - 2013-08-18 19:18 - 00000000 ____D C:\Program Files\MyDefrag v4.3.1
2013-10-19 08:02 - 2013-01-12 20:06 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-10-14 15:35 - 2013-10-14 09:36 - 100910526 _____ C:\WINDOWS\system32\ᵦ㱠啤6
2013-10-14 10:57 - 2010-08-07 18:26 - 00000000 ____D C:\WINDOWS\Microsoft.NET

Some content of TEMP:
====================
C:\Documents and Settings\Gillian\Local Settings\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2013 01
Ran by Gillian at 2013-11-12 22:27:37
Running from C:\Documents and Settings\Gillian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 6.1.1)
Adobe AIR (Version: 3.7.0.1530)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.4052)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
Buzzy Bumble (Version: 32.0.0.0)
C4600 (Version: 130.0.425.000)
calibre (Version: 0.9.10)
CCleaner (Version: 4.05)
Common (Version: 14.1.0.150)
Contents (Version: 14.1.0.150)
CopyTrans Suite Remove Only
Corel VideoStudio Pro X4 (Version: 14.1.0.150)
Dell Resource CD (Version: 1.00.0000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.372.000)
DeviceIO (Version: 14.1.0.150)
DirectX 9 Runtime (Version: 1.00.0000)
DW WLAN Card Utility (Version: 5.60.48.35)
EMC 11 Content (Version: 1.1.019)
FileHippo.com Update Checker
Foxit Reader (Version: 6.0.6.722)
Google Chrome (Version: 30.0.1599.101)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.165)
GPBaseService2 (Version: 130.0.371.000)
HD Writer PE 1.0 (Version: 1.00.020.1033)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
ICA (Version: 14.1.0.150)
IDT Audio (Version: 1.0.6159.0)
Intel® Graphics Media Accelerator Driver
Intel® Network Connections Drivers (Version: 16.1)
IPM_VS_Pro (Version: 13.0)
iSCC (Version: 1.80.0000)
ISCOM (Version: 14.1.0.150)
iTunes (Version: 11.0.2.26)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
KaraFun 1.18
K-Lite Codec Pack 4.0.0 (Full) (Version: 4.0.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox (3.5.7) (Version: 3.5.7 (en-GB))
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyDefrag v4.3.1 (Version: 4.0.0.0)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnLite 10 (Version: 10.0.10500.5.100)
Nero BurnLite 10 (Version: 10.0.10600)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.0.13100.3.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.15100.0.1)
Nero Update (Version: 1.0.0018)
neroxml (Version: 1.0.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Pinnacle Studio 14 (Version: 14.0.0.7255)
Pinnacle Video Driver (Version: 12.1.0.030)
PMB (Version: 5.2.00.03250)
Power CD+G Burner
proDAD Mercalli 1.0
Product Key Explorer 1.0
PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000)
PureHD (Version: 14.1.0.150)
QuickTime (Version: 7.73.80.64)
Revo Uninstaller 1.95 (Version: 1.95)
RICOH R5C83x/84x Media Driver Ver.3.53.02 (Version: 3.53.02)
Roxio Activation Module (Version: 1.0)
Roxio Central (Version: 4.5.0)
Roxio CinePlayer (Version: 5.0)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Creator 2009 Special Edition (Version: 1.1.110)
Roxio Creator 2009 Special Edition (Version: 11.0)
Roxio Update Manager (Version: 6.0.0)
Roxio Video Capture USB Driver
Samsung Kies (Version: 2.1.1.11124_17)
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG SYMBIAN USB Download Driver (Version: 1.1.808.7165)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.103.0)
SamsungConnectivityCableDriver (Version: 6.83.6.2.1)
Scan (Version: 140.0.80.000)
Setup (Version: 14.1.0.150)
Share (Version: 14.1.0.150)
Shop for HP Supplies (Version: 13.0)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.6)
SmartSound Quicktracks Plugin (Version: 3.0.8.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.373.000)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB975364) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VIO (Version: 14.1.0.150)
VSClassic (Version: 14.1.0.150)
VSPro (Version: 14.1.0.150)
WD SmartWare (Version: 1.4.5.5)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 130.0.132.017)
WinAVI Video Converter
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows Search 4.0 (Version: 04.00.6001.503)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
Zoner Photo Studio 12 (Version: 12.0.1.7)

==================== Restore Points =========================


==================== Hosts content: ==========================

2012-09-04 21:01 - 2013-11-10 18:07 - 00449836 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{C41D49E3-3065-492C-8C9A-34C847A14A5B}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2010-01-18 21:06 - 2010-02-02 21:45 - 00757760 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2013-02-23 07:48 - 2013-02-23 07:43 - 00397704 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-18 21:06 - 2010-02-02 21:47 - 00143360 _____ () C:\WINDOWS\system32\preflib.dll
2013-10-19 08:01 - 2013-10-09 00:02 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-19 08:01 - 2013-10-09 00:02 - 00415184 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-19 08:01 - 2013-10-09 00:01 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Intel® 82567LM Gigabit Network Connection
Description: Intel® 82567LM Gigabit Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: e1yexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom USH
Description: Broadcom USH
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Pinnacle Marvin Bus
Description: Pinnacle Marvin Bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Pinnacle Systems
Service: MarvinBus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2013 10:23:30 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/12/2013 10:23:11 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/12/2013 09:40:17 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The
Error code is the first DWORD in Data section.

Error: (11/12/2013 09:40:17 PM) (Source: LoadPerf) (User: )
Description: The performance strings in the Performance registry value is corrupted when
process Performance extension counter provider. BaseIndex value from Performance
registry is the first DWORD in Data section, LastCounter value is the second
DWORD in Data section, and LastHelp value is the third DWORD in Data section.

Error: (11/12/2013 08:45:45 PM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\c160339f-8e14-44ac-ab42-eb9de0ae1198.dmp

Error: (11/12/2013 10:05:48 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/11/2013 01:59:01 PM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\18b81064-f8a4-40f3-8e76-49087c078830.dmp

Error: (11/10/2013 08:51:15 PM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\41f449ee-9975-418d-a6cf-2bb00084afbc.dmp

Error: (11/10/2013 03:35:15 PM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\98e3a315-1e62-4273-af4e-97ebf10314f4.dmp

Error: (11/09/2013 10:05:15 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows ended GPO processing because the computer shut down or the user logged off.


System errors:
=============
Error: (11/12/2013 10:02:20 PM) (Source: Print) (User: NT AUTHORITY)
Description: Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech 135 PS2 driver could not be found.

Error: (11/12/2013 09:33:58 PM) (Source: Print) (User: NT AUTHORITY)
Description: Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech 135 PS2 driver could not be found.

Error: (11/12/2013 07:24:19 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (11/12/2013 07:24:19 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (11/12/2013 07:24:13 PM) (Source: Print) (User: NT AUTHORITY)
Description: Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech 135 PS2 driver could not be found.

Error: (11/12/2013 04:18:01 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (11/12/2013 04:18:01 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (11/12/2013 04:17:47 PM) (Source: Print) (User: NT AUTHORITY)
Description: Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech 135 PS2 driver could not be found.

Error: (11/12/2013 09:48:23 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (11/12/2013 09:48:23 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.


Microsoft Office Sessions:
=========================
Error: (12/03/2012 03:06:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/10/2010 02:25:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 9939 seconds with 2220 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 3535.83 MB
Available physical RAM: 2903.25 MB
Total Pagefile: 5417.67 MB
Available Pagefile: 4745.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.84 GB) (Free:184.01 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: A42D04A3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Summary
Operating System
Windows XP Professional 32-bit SP3
CPU
Intel Mobile Core 2 Duo P8600 @ 2.40GHz 36 °C
Penryn 45nm Technology
RAM
4.00GB Dual-Channel DDR2 @ 399MHz (6-6-6-18)
Motherboard
Dell Inc. 0U692R (Microprocessor) 43 °C
Graphics
Plug and Play Monitor ([email protected])
Plug and Play Monitor ([email protected])
Intel Mobile Intel 4 Series Express Chipset Family (Dell)
Intel Mobile Intel 4 Series Express Chipset Family (Dell)
Hard Drives
233GB Western Digital WDC WD2500BJKT-75F4T0 (SATA) 41 °C
Optical Drives
HL-DT-ST DVD+-RW GU10N
Audio
IDT High Definition Audio CODEC
Operating System
Windows XP Professional 32-bit SP3
Computer type: Portable
Installation Date: 18/01/2010 20:57:58
Windows Security Center
Firewall Enabled
Windows Update
AutoUpdate Not configured
Antivirus
Antivirus Disabled
Company Name Avira
Display Name Avira Desktop
Product Version 13.6.20.2100
Virus Signature Database Up to date
.NET Frameworks installed
v4.0 Full
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 8.0.6001.18702
PowerShell
Version 1.0
Java
Java Runtime Environment
Path C:\Program Files\Java\jre7\bin\java.exe
Version 7.0
Update 25
Build 16
Environment Variables
USERPROFILE C:\Documents and Settings\Gillian
SystemRoot C:\WINDOWS
User Variables
TEMP C:\Documents and Settings\Gillian\Local Settings\Temp
TMP C:\Documents and Settings\Gillian\Local Settings\Temp
MOZ_PLUGIN_PATH C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\
Machine Variables
ComSpec C:\WINDOWS\system32\cmd.exe
Path C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\system32\wbem
C:\Program Files\Pinnacle\Shared Files
C:\Program Files\Pinnacle\Shared Files\Filter
C:\Program Files\Common Files\Roxio Shared\DLLShared
C:\Program Files\Common Files\Roxio Shared\11.0\DLLShared
C:\Program Files\Common Files\Ulead Systems\MPEG
C:\WINDOWS\system32\WindowsPowerShell\v1.0
C:\Program Files\QuickTime\QTSystem
C:\Program Files\Calibre2
C:\WINDOWS\system32\gs\gs8.71\bin
C:\WINDOWS\system32\gs\gs7.05\bin
C:\Program Files\Common Files\Adobe\AGL
windir C:\WINDOWS
FP_NO_HOST_CHECK NO
OS Windows_NT
PROCESSOR_ARCHITECTURE x86
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER x86 Family 6 Model 23 Stepping 10, GenuineIntel
PROCESSOR_REVISION 170a
NUMBER_OF_PROCESSORS 2
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
asl.log Destination=file;OnFirstLog=command,environment
RCAUTOPLAY C:\Program Files\Roxio Creator 2009 Special Edition\Roxio Central 4\
EMC_AUTOPLAY C:\Program Files\Common Files\Roxio Shared\
CLASSPATH .;C:\Program Files\Java\jre7\lib\ext\QTJava.zip
QTJAVA C:\Program Files\Java\jre7\lib\ext\QTJava.zip
Battery
AC Line Online
Battery Charge % 6 %
Battery State Low
Remaining Battery Time Unknown
Power Profile
Active power scheme Portable/Laptop
Hibernation Disabled
Turn Off Monitor after: (On AC Power) 300 min
Turn Off Monitor after: (On Battery Power) 120 min
Turn Off Hard Disk after: (On AC Power) Never
Turn Off Hard Disk after: (On Battery Power) Never
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) Never
Screen saver Enabled
Uptime
Current Session
Current Time 12/11/2013 22:32:27
Current Uptime 1,839 sec (0 d, 00 h, 30 m, 39 s)
Last Boot Time 12/11/2013 22:01:48
TimeZone
TimeZone GMT
Language English (United Kingdom)
Location United Kingdom
Format English (United Kingdom)
Currency £
Date Format dd/MM/yyyy
Time Format HH:mm:ss
Process List
alg.exe
Process ID 3388
Path C:\WINDOWS\System32\alg.exe
Memory Usage 3.61 MB
Peak Memory Usage 3.62 MB
AppleMobileDeviceService.exe
Process ID 1492
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
avgnt.exe
Process ID 2416
User Gillian
Domain E6400
Path C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
Memory Usage 2.19 MB
Peak Memory Usage 253 MB
avguard.exe
Process ID 1480
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\avguard.exe
Memory Usage 2.91 MB
Peak Memory Usage 356 MB
avshadow.exe
Process ID 2808
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
Memory Usage 2.60 MB
Peak Memory Usage 2.60 MB
BCMWLTRY.EXE
Process ID 1148
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\bcmwltry.exe
Memory Usage 8.20 MB
Peak Memory Usage 8.21 MB
chrome.exe
Process ID 3456
User Gillian
Domain E6400
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 44 MB
Peak Memory Usage 71 MB
chrome.exe
Process ID 1772
User Gillian
Domain E6400
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 47 MB
Peak Memory Usage 60 MB
chrome.exe
Process ID 712
User Gillian
Domain E6400
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 64 MB
Peak Memory Usage 100 MB
csrss.exe
Process ID 536
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\csrss.exe
Memory Usage 5.35 MB
Peak Memory Usage 5.42 MB
explorer.exe
Process ID 4092
User Gillian
Domain E6400
Path C:\WINDOWS\explorer.exe
Memory Usage 36 MB
Peak Memory Usage 41 MB
GoogleCrashHandler.exe
Process ID 168
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
Memory Usage 560 KB
Peak Memory Usage 2.50 MB
GoogleUpdate.exe
Process ID 1804
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Google\Update\GoogleUpdate.exe
Memory Usage 1.90 MB
Peak Memory Usage 4.70 MB
GrooveMonitor.exe
Process ID 2424
User Gillian
Domain E6400
Path C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
Memory Usage 6.10 MB
Peak Memory Usage 6.11 MB
jqs.exe
Process ID 1648
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Java\jre7\bin\jqs.exe
Memory Usage 1.38 MB
Peak Memory Usage 28 MB
lsass.exe
Process ID 624
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\lsass.exe
Memory Usage 1.67 MB
Peak Memory Usage 6.12 MB
mbamscheduler.exe
Process ID 1688
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
Memory Usage 5.54 MB
Peak Memory Usage 5.54 MB
mDNSResponder.exe
Process ID 1520
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 3.00 MB
Peak Memory Usage 3.00 MB
NASvc.exe
Process ID 1828
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Nero\Update\NASvc.exe
Memory Usage 4.40 MB
Peak Memory Usage 4.42 MB
scardsvr.exe
Process ID 1324
Path C:\WINDOWS\System32\SCardSvr.exe
Memory Usage 2.67 MB
Peak Memory Usage 2.69 MB
sched.exe
Process ID 1348
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\sched.exe
Memory Usage 744 KB
Peak Memory Usage 5.10 MB
services.exe
Process ID 612
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\services.exe
Memory Usage 5.55 MB
Peak Memory Usage 5.63 MB
smss.exe
Process ID 464
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 448 KB
Peak Memory Usage 1.28 MB
Speccy.exe
Process ID 1104
User Gillian
Domain E6400
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 32 MB
Peak Memory Usage 42 MB
spoolsv.exe
Process ID 1260
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\spoolsv.exe
Memory Usage 5.89 MB
Peak Memory Usage 5.95 MB
svchost.exe
Process ID 796
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.24 MB
Peak Memory Usage 5.34 MB
svchost.exe
Process ID 1892
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.28 MB
Peak Memory Usage 4.36 MB
svchost.exe
Process ID 844
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.39 MB
Peak Memory Usage 4.40 MB
svchost.exe
Process ID 884
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 29 MB
Peak Memory Usage 184 MB
svchost.exe
Process ID 988
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 7.46 MB
Peak Memory Usage 7.49 MB
svchost.exe
Process ID 2600
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 7.04 MB
Peak Memory Usage 7.06 MB
svchost.exe
Process ID 1028
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.14 MB
Peak Memory Usage 4.14 MB
svchost.exe
Process ID 1636
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.97 MB
Peak Memory Usage 6.11 MB
svchost.exe
Process ID 1424
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 924
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.32 MB
Peak Memory Usage 3.33 MB
svchost.exe
Process ID 1948
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 2.93 MB
Peak Memory Usage 2.94 MB
svchost.exe
Process ID 416
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 2.90 MB
Peak Memory Usage 2.91 MB
System
Process ID 4
Memory Usage 240 KB
Peak Memory Usage 6.20 MB
System Idle Process
Process ID 0
winlogon.exe
Process ID 568
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\winlogon.exe
Memory Usage 3.94 MB
Peak Memory Usage 33 MB
WLTRAY.EXE
Process ID 2408
User Gillian
Domain E6400
Path C:\WINDOWS\system32\WLTRAY.exe
Memory Usage 6.88 MB
Peak Memory Usage 6.88 MB
WLTRYSVC.EXE
Process ID 1120
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\WLTRYSVC.EXE
Memory Usage 1.61 MB
Peak Memory Usage 1.61 MB
wmiapsrv.exe
Process ID 3068
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\wbem\wmiapsrv.exe
Memory Usage 4.55 MB
Peak Memory Usage 4.57 MB
wmiprvse.exe
Process ID 3864
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 7.71 MB
Peak Memory Usage 7.71 MB
wscntfy.exe
Process ID 3700
User Gillian
Domain E6400
Path C:\WINDOWS\system32\wscntfy.exe
Memory Usage 2.02 MB
Peak Memory Usage 2.03 MB
Scheduler
Every 1 hour(s) from 13:13 for 24 hour(s) every day, starting 08/10/2013 GoogleUpdateTaskMachineUA
Run at user logon GoogleUpdateTaskMachineCore
Every 1 hour(s) from 00:00 for 24 hour(s) every day, starting 01/01/2000 Adobe Flash Player Updater
Hotfixes
13/10/2013 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and .NET Framework 3.0 subcomponents.
The .NET Framework 3.5 Family Update provides important application
compatibility updates. This combined Service Pack and update
is applicable to .NET versions 2.0 through 3.5.
10/10/2013 Security Update for Microsoft Office Word 2007 (KB2827330)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/10/2013 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2863239)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Security Update for Windows XP (KB2847311)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Security Update for Microsoft Office 2007 suites (KB2760585)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/10/2013 Security Update for Windows XP (KB2862335)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Server 2008 x86 (KB2861188)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Windows Malicious Software Removal Tool - October 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/10/2013 Security Update for Microsoft Office 2007 suites (KB2827326)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/10/2013 Security Update for Microsoft Office 2007 suites (KB2760591)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/10/2013 Security Update for Microsoft Office Excel 2007 (KB2827324)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/10/2013 Security Update for Windows XP (KB2868038)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2861697)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Security Update for Microsoft Office 2007 suites (KB2827329)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/10/2013 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2879017)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Security Update for Windows XP (KB2883150)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Security Update for Windows XP (KB2862330)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2013 Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2861189)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
09/10/2013 Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2861189)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
09/10/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2858302)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
09/10/2013 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
13/09/2013 Security Update for Microsoft Office 2007 suites (KB2760588)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Microsoft Office Excel 2007 (KB2760583)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Microsoft Office 2007 suites (KB2760411)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2870699)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
13/09/2013 Security Update for Microsoft Office 2007 suites (KB2760588)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Microsoft Office 2007 suites (KB2760823)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Windows XP (KB2876315)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
13/09/2013 Security Update for Windows XP (KB2876217)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
13/09/2013 Security Update for Windows XP (KB2864063)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
13/09/2013 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
13/09/2013 Security Update for Microsoft Office Excel 2007 (KB2760583)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Microsoft Office 2007 suites (KB2597973)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Microsoft Office Word 2007 (KB2767773)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Microsoft Office Outlook 2007 (KB2825999)
A security vulnerability exists in Microsoft Office Outlook 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Microsoft Office 2007 suites (KB2596825)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Security Update for Microsoft Office 2007 suites (KB2760411)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
13/09/2013 Windows Malicious Software Removal Tool - September 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
27/08/2013 Security Update for Windows Media Format Runtime 11 for Windows XP (KB2834904)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2862772)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Windows Malicious Software Removal Tool - August 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/08/2013 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
15/08/2013 Update for Microsoft Office 2007 suites (KB2767849)
Microsoft has released an update for Microsoft Office 2007 suites
. This update provides the latest fixes to Microsoft Office 2007
suites . Additionally, this update contains stability and performance
improvements.
15/08/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2840628)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Update for Microsoft Office Outlook 2007 (KB2768023)
Microsoft has released an update for Microsoft Office Outlook
2007 . This update provides the latest fixes to Microsoft Office
Outlook 2007 . Additionally, this update contains stability and
performance improvements.
15/08/2013 Security Update for Windows XP (KB2850869)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Security Update for Windows XP (KB2859537)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Update for Windows XP (KB2863058)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
15/08/2013 Security Update for Windows XP (KB2849470)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/08/2013 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2844285)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
22/07/2013 Windows Malicious Software Removal Tool - July 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
16/07/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2835393)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Windows Media Format Runtime 11 for Windows XP (KB2834904)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Windows XP (KB2834886)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Windows XP (KB2850851)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2840629)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Windows XP (KB2845187)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2833940)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
16/07/2013 Windows Malicious Software Removal Tool - July 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
16/07/2013 Security Update for Microsoft Office 2007 suites (KB2687309)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
16/07/2013 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2846071)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Server 2008 x86 (KB2832407)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2840628)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2844285)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/07/2013 Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2832411)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/06/2013 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
15/06/2013 Security Update for Windows XP (KB2839229)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/06/2013 Windows Malicious Software Removal Tool - June 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/06/2013 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2838727)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
18/05/2013 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
18/05/2013 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2829530)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
18/05/2013 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2804577)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
18/05/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2804576)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
18/05/2013 Security Update for Internet Explorer 8 for Windows XP (KB2847204)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
18/05/2013 Security Update for Microsoft Office Publisher 2007 (KB2597971)
A security vulnerability exists in Microsoft Office Publisher
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
18/05/2013 Cumulative Security Update for ActiveX Killbits for Windows XP (KB2820197)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
18/05/2013 Windows Malicious Software Removal Tool - May 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
18/05/2013 Security Update for Windows XP (KB2829361)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
29/04/2013 Windows Malicious Software Removal Tool - April 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/04/2013 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2817183)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/04/2013 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
12/04/2013 Security Update for Windows XP (KB2808735)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/04/2013 Security Update for Windows XP (KB2820917)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/04/2013 Security Update for Windows XP (KB2813345)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/04/2013 Security Update for Windows XP (KB2813170)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
System Folders
Path for burning CD C:\Documents and Settings\Gillian\Local Settings\Application Data\Microsoft\CD Burning
Application Data C:\Documents and Settings\All Users\Application Data
Public Desktop C:\Documents and Settings\All Users\Desktop
Documents C:\Documents and Settings\All Users\Documents
Global Favorites C:\Documents and Settings\All Users\Favorites
Music C:\Documents and Settings\All Users\Documents\My Music
Pictures C:\Documents and Settings\All Users\Documents\My Pictures
Start Menu Programs C:\Documents and Settings\All Users\Start Menu\Programs
Start Menu C:\Documents and Settings\All Users\Start Menu
Startup C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Templates C:\Documents and Settings\All Users\Templates
Videos C:\Documents and Settings\All Users\Documents\My Videos
Cookies C:\Documents and Settings\Gillian\Cookies
Desktop C:\Documents and Settings\Gillian\Desktop
Physical Desktop C:\Documents and Settings\Gillian\Desktop
User Favorites C:\Documents and Settings\Gillian\Favorites
Fonts C:\WINDOWS\Fonts
Internet History C:\Documents and Settings\Gillian\Local Settings\History
Temporary Internet Files C:\Documents and Settings\Gillian\Local Settings\Temporary Internet Files
Local Application Data C:\Documents and Settings\Gillian\Local Settings\Application Data
Windows Directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Program Files C:\Program Files
Services
Running @C:\Program Files\Nero\Update\NASvc.exe,-200
Running Alerter
Running Apple Mobile Device
Running Application Layer Gateway Service
Running Automatic Updates
Running Avira Real-Time Protection
Running Avira Scheduler
Running BITS
Running Bonjour Service
Running COM+ Event System
Running CryptSvc
Running DCOM Server Process Launcher
Running DHCP Client
Running Distributed Link Tracking Client
Running DNS Client
Running DW WLAN Tray Service
Running Error Reporting Service
Running Event Log
Running Fast User Switching Compatibility
Running Help and Support
Running HP CUE DeviceDiscovery Service
Running hpqcxs08
Running IPSEC Services
Running Java Quick Starter
Running Logical Disk Manager
Running MBAMScheduler
Running Net Driver HPZ12
Running Network Connections
Running Network Location Awareness (NLA)
Running Plug and Play
Running Pml Driver HPZ12
Running Print Spooler
Running Protected Storage
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Remote Registry
Running Secondary Logon
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Smart Card
Running SSDP Discovery Service
Running System Event Notification
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Themes
Running WebClient
Running Windows Audio
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Firewall/Internet Connection Sharing (ICS)
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Time
Running WMI Performance Adapter
Running Workstation
Stopped .NET Runtime Optimization Service v2.0.50727_X86
Stopped Adobe Flash Player Update Service
Stopped Adobe LM Service
Stopped Application Management
Stopped ASP.NET State Service
Stopped ClipBook
Stopped COM+ System Application
Stopped Computer Browser
Stopped Distributed Transaction Coordinator
Stopped Extensible Authentication Protocol Service
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management Service
Stopped HTTP SSL
Stopped Human Interface Device Access
Stopped IMAPI CD-Burning COM Service
Stopped Indexing Service
Stopped iPod Service
Stopped LiveShare P2P Server 11
Stopped Logical Disk Manager Administrative Service
Stopped MBAMService
Stopped Messenger
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Office Groove Audit Service
Stopped MS Software Shadow Copy Provider
Stopped Net Logon
Stopped Net.Tcp Port Sharing Service
Stopped NetMeeting Remote Desktop Sharing
Stopped Network Access Protection Agent
Stopped Network DDE
Stopped Network DDE DSDM
Stopped Network Provisioning Service
Stopped NMIndexingService
Stopped NT LM Security Support Provider
Stopped Office Source Engine
Stopped Performance Logs and Alerts
Stopped Portable Media Serial Number Service
Stopped QoS RSVP
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Help Session Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Removable Storage
Stopped Routing and Remote Access
Stopped Roxio Hard Drive Watcher 11
Stopped Roxio UPnP Renderer 11
Stopped Roxio Upnp Server 11
Stopped RoxMediaDB11
Stopped System Restore Service
Stopped Telnet
Stopped Uninterruptible Power Supply
Stopped Universal Plug and Play Device Host
Stopped Volume Shadow Copy
Stopped Windows CardSpace
Stopped Windows Installer
Stopped Windows Management Instrumentation Driver Extensions
Stopped Windows Media Player Network Sharing Service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Wired AutoConfig
Stopped Wireless Zero Configuration
Security Options
Accounts: Administrator account status Enabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Administrators
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Disabled
Devices: Restrict floppy access to locally logged-on user only Disabled
Devices: Unsigned driver installation behavior Warn but allow installation
Domain controller: Allow server operators to schedule tasks Not defined
Domain controller: LDAP server signing requirements Not defined
Domain controller: Refuse machine account password changes Not defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Disabled
Interactive logon: Display user information when the session is locked Not defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 14 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Not defined
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of credentials or .NET Passports for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously COMNAP,COMNODE,SQL\QUERY,SPOOLSS,LLSRPC,browser
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Control\Server Applications,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
Network access: Shares that can be accessed anonymously COMCFG,DFS$
Network access: Sharing and security model for local accounts Guest only - local users authenticate as Guest
Network security: Do not store LAN Manager hash value on next password change Disabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Send LM & NTLM responses
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients No minimum
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers No minimum
Recovery console: Allow automatic administrative logon Enabled
Recovery console: Allow floppy copy and access to all drives and all folders Enabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Default owner for objects created by members of the Administrators group Object creator
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
Device Tree
ACPI Multiprocessor PC
Microsoft ACPI-Compliant System
System board
ACPI Lid
ACPI Power Button
ACPI Sleep Button
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
Microsoft ACPI-Compliant Control Method Battery
Microsoft Windows Management Interface for ACPI
Intel Core2 Duo CPU P8600 @ 2.40GHz
Intel Core2 Duo CPU P8600 @ 2.40GHz
ACPI Thermal Zone
PCI bus
Mobile Intel 45 Express Chipset Series Processor to DRAM Controller - 2A40
Intel 82567LM Gigabit Network Connection
Intel ICH9 Family PCI Express Root Port 1 - 2940
Intel ICH9 Family PCI Express Root Port 3 - 2944
Intel ICH9 Family PCI Express Root Port 4 - 2946
Intel ICH9 Family SMBus Controller - 2930
System board
System board
Mobile Intel® 4 Series Express Chipset Family
Plug and Play Monitor
Plug and Play Monitor
Mobile Intel® 4 Series Express Chipset Family
Plug and Play Monitor
Intel® ICH9 Family USB Universal Host Controller - 2937
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2938
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2939
USB Root Hub
USB Composite Device
Broadcom USH
USB Smart Card reader
Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
USB Root Hub
Microsoft UAA Bus Driver for High Definition Audio
IDT High Definition Audio CODEC
Intel High Definition Audio HDMI Service
Intel® ICH9 Family PCI Express Root Port 2 - 2942
Dell Wireless 1510 Wireless-N WLAN Mini-Card
Intel® ICH9 Family USB Universal Host Controller - 2934
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2935
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2936
USB Root Hub
Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
USB Root Hub
Intel® 82801 PCI Bridge - 2448
SDA Standard Compliant SD Host Controller
Ricoh SD/MMC Host Controller
OHCI Compliant IEEE 1394 Host Controller
1394 Net Adapter
Intel® ICH9M-E LPC Interface Controller - 2917
ISAPNP Read Data Port
PS/2 Compatible Mouse
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
System CMOS/real time clock
System timer
System speaker
System board
Programmable interrupt controller
Direct memory access controller
Numeric data processor
High precision event timer
System board
Microsoft ACPI-Compliant Embedded Controller
Intel® ICH8M-E/ICH9M-E SATA RAID Controller
WDC WD2500BJKT-75F4T0
HL-DT-ST DVD+-RW GU10N
CPU
Intel Mobile Core 2 Duo P8600
Cores 2
Threads 2
Name Intel Mobile Core 2 Duo P8600
Code Name Penryn
Package Socket P (478)
Technology 45nm
Specification Intel Core2 Duo CPU P8600 @ 2.40GHz
Family 6
Extended Family 6
Model 7
Extended Model 17
Stepping A
Revision R0
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, Intel 64, NX, VMX
Virtualization Supported, Disabled
Hyperthreading Not supported
Bus Speed 266.0 MHz
Rated Bus Speed 1064.0 MHz
Stock Core Speed 2400 MHz
Stock Bus Speed 266 MHz
Average Temperature 36 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 3072 KBytes
Core 0
Core Speed 665.0 MHz
Multiplier x 2.5
Bus Speed 266.0 MHz
Rated Bus Speed 1064.0 MHz
Temperature 34 °C
Thread 1
APIC ID 0
Core 1
Core Speed 665.0 MHz
Multiplier x 2.5
Bus Speed 266.0 MHz
Rated Bus Speed 1064.0 MHz
Temperature 37 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR2
Size 4096 MBytes
Channels # Dual
DRAM Frequency 399.0 MHz
CAS# Latency (CL) 6 clocks
RAS# to CAS# Delay (tRCD) 6 clocks
RAS# Precharge (tRP) 6 clocks
Cycle Time (tRAS) 18 clocks
Physical Memory
Memory Usage 18 %
Total Physical 3.45 GB
Available Physical 2.81 GB
Total Virtual 5.29 GB
Available Virtual 4.60 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 2048 MBytes
Manufacturer Hyundai Electronics
Max Bandwidth PC2-6400 (400 MHz)
Part Number HYMP125S64CP8-S6
Serial Number 5F615E1F
Week/year 38 / 09
SPD Ext. EPP
JEDEC #3
Frequency 400.0 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.800 V
JEDEC #2
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #1
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
Slot #2
Type DDR2
Size 2048 MBytes
Manufacturer Hyundai Electronics
Max Bandwidth PC2-6400 (400 MHz)
Part Number HYMP125S64CP8-S6
Serial Number 5F11616E
Week/year 38 / 09
SPD Ext. EPP
JEDEC #3
Frequency 400.0 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.800 V
JEDEC #2
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #1
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
Motherboard
Manufacturer Dell Inc.
Model 0U692R (Microprocessor)
Chipset Vendor Intel
Chipset Model GM45/GM47
Chipset Revision 07
Southbridge Vendor Intel
Southbridge Model 82801IM (ICH9-M)
Southbridge Revision 03
System Temperature 43 °C
BIOS
Brand Dell Inc.
Version A17
Date 17/09/2009
PCI Data
Slot PCMCIA
Slot Type PCMCIA
Slot Usage Available
Bus Width 32 bit
Slot Designation PCMCIA 0
Characteristics 5V, 3.3V, PC Card-16, CardBus, Zoom Video, Modem Ring Resume
Slot Number 0
Graphics
Monitor 1
Name Plug and Play Monitor on Mobile Intel 4 Series Express Chipset Family
Current Resolution 1280x800 pixels
Work Resolution 1280x766 pixels
State Disabled, Output devices support
Multiple displays Disabled
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Monitor 2
Name Plug and Play Monitor on Mobile Intel 4 Series Express Chipset Family
Current Resolution 1280x800 pixels
Work Resolution 1280x766 pixels
State Enabled, Output devices support
Multiple displays Enabled
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor1
Intel Mobile Intel 4 Series Express Chipset Family
Manufacturer Intel
Model Mobile Intel 4 Series Express Chipset Family
Device ID 8086-2A42
Revision 8
Subvendor Dell (1028)
Current Performance Level Level 0
Driver version 6.14.10.5029
Count of performance levels : 1
Level 1
Intel Mobile Intel 4 Series Express Chipset Family
Manufacturer Intel
Model Mobile Intel 4 Series Express Chipset Family
Device ID 8086-2A43
Revision 8
Subvendor Dell (1028)
Current Performance Level Level 0
Driver version 6.14.10.5029
Count of performance levels : 1
Level 1
Hard Drives
WDC WD2500BJKT-75F4T0
Manufacturer Western Digital
Form Factor GB/2.5-inch
Business Unit/Brand Mobile/WD Scorpio Free Fall Sensor (FFS)
Heads 16
Cylinders 16,383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number WD-WXG0A99N0409
LBA Size 48-bit LBA
Power On Count 3021 times
Power On Time 302.0 days
Speed 7200 RPM
Features S.M.A.R.T., APM, AAM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 233 GB
Real size 250,059,350,016 bytes
RAID Type None
S.M.A.R.T
Status Good
Temperature 41 °C
Temperature Range OK (less than 50 °C)
01 Read Error Rate 200 (200) Data 0000000000
03 Spin-Up Time 177 (175) Data 0000000844
04 Start/Stop Count 097 (097) Data 0000000BCE
05 Reallocated Sectors Count 200 (200) Data 0000000000
07 Seek Error Rate 100 (253) Data 0000000000
09 Power-On Hours (POH) 091 (091) Data 0000001C51
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 097 (097) Data 0000000BCD
BF G-sense error rate 001 (001) Data 00000013C1
C0 Power-off Retract Count 200 (200) Data 00000000E8
C1 Load/Unload Cycle Count 158 (158) Data 000001EC87
C2 Temperature 106 (098) Data 0000000029
C4 Reallocation Event Count 200 (200) Data 0000000000
C5 Current Pending Sector Count 200 (200) Data 0000000000
C6 Uncorrectable Sector Count 100 (253) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 100 (253) Data 0000000000
F0 Head Flying Hours 093 (093) Data 0000001630
F1 Total LBAs Written 200 (200) Data 00EABA45CE
F2 Total LBAs Read 200 (200) Data 003978130A
FE Free Fall Protection 001 (001) Data 0000000529
Partition 0
Partition ID Disk #0, Partition #0
Size 39.1 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 64C2408A
Size 233 GB
Used Space 49 GB (21%)
Free Space 184 GB (79%)
Optical Drives
HL-DT-ST DVD+-RW GU10N
Media Type DVD Writer
Name HL-DT-ST DVD+-RW GU10N
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Write capabilities CD-R, CD-RW, DVD-RAM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive F:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 1
Status OK
Audio
Sound Cards
IDT High Definition Audio CODEC
Intel High Definition Audio HDMI Service
Playback Device
IDT Audio
Recording Device
IDT Audio
Peripherals
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device Kind Keyboard
Device Name Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Vendor (Standard keyboards)
Location plugged into keyboard port
Driver
Date 7-1-2001
Version 5.1.2600.5512
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
PS/2 Compatible Mouse
Device Kind Mouse
Device Name PS/2 Compatible Mouse
Vendor Microsoft
Location plugged into PS/2 mouse port
Driver
Date 7-1-2001
Version 5.1.2600.0
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Printers
Foxit Reader PDF Printer
Printer Port FOXIT_Reader:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Foxit Reader PDF Printer Driver (v4.01)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\frdvpr_drv.dll
HP Photosmart C4600 series (Default Printer)
Printer Port USB001
Print Processor hpfpp083
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Photosmart C4600 series (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
Send To OneNote 2007
Printer Port Send To Microsoft OneNote Port:
Print Processor OneNotePrint2007
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Send To Microsoft OneNote Driver (v4.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\msonpdrv.dll
Network
You are connected to the internet
Connected through Dell Wireless 1510 Wireless-N WLAN Mini-Card
IP Address 192.168.0.104
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Preferred DNS server 194.168.4.100
Alternate DNS server 194.168.8.100
DHCP Enabled
DHCP server 192.168.0.1
External IP Address 77.103.80.174
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Broadcast node
Link Speed 0 Bps
Computer Name
NetBIOS Name E6400
DNS Name e6400
Membership Part of workgroup
Workgroup MSHOME
Remote Desktop
Disabled
Console
State Active
Domain E6400
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Guest only - local users authenticate as Guest
Adapters List
Dell Wireless 1510 Wireless-N WLAN Mini-Card
IP Address 192.168.0.104
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
MAC Address 0C-EE-E6-E1-38-CF
Network Shares
No network shares
Current TCP Connections
C:\Program Files\Bonjour\mDNSResponder.exe (1520)
Local 127.0.0.1:5354 LISTEN
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:1027 (Querying... )
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1492)
Local 127.0.0.1:27015 LISTEN
Local 127.0.0.1:1027 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
C:\Program Files\Google\Chrome\Application\chrome.exe (3456)
Local 192.168.0.104:1211 ESTABLISHED Remote 108.168.208.206:80 (Querying... ) (HTTP)
Local 192.168.0.104:1242 ESTABLISHED Remote 173.194.34.175:80 (Querying... ) (HTTP)
Local 192.168.0.104:1246 ESTABLISHED Remote 62.252.168.57:80 (Querying... ) (HTTP)
Local 192.168.0.104:1249 ESTABLISHED Remote 68.232.35.139:443 (Querying... ) (HTTPS)
Local 192.168.0.104:1254 ESTABLISHED Remote 31.13.72.17:80 (Querying... ) (HTTP)
Local 192.168.0.104:1256 ESTABLISHED Remote 173.194.66.84:443 (Querying... ) (HTTPS)
Local 192.168.0.104:1257 ESTABLISHED Remote 173.194.41.143:443 (Querying... ) (HTTPS)
Local 192.168.0.104:1258 ESTABLISHED Remote 62.252.168.8:80 (Querying... ) (HTTP)
Local 192.168.0.104:1271 ESTABLISHED Remote 83.149.126.218:80 (Querying... ) (HTTP)
Local 192.168.0.104:1238 ESTABLISHED Remote 23.195.33.224:80 (Querying... ) (HTTP)
Local 192.168.0.104:1233 ESTABLISHED Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.0.104:1228 ESTABLISHED Remote 173.194.34.173:80 (Querying... ) (HTTP)
Local 192.168.0.104:1226 ESTABLISHED Remote 173.194.41.90:80 (Querying... ) (HTTP)
Local 192.168.0.104:1225 ESTABLISHED Remote 54.230.0.2:80 (Querying... ) (HTTP)
Local 192.168.0.104:1224 ESTABLISHED Remote 54.230.0.2:80 (Querying... ) (HTTP)
Local 192.168.0.104:1223 ESTABLISHED Remote 54.230.0.2:80 (Querying... ) (HTTP)
Local 192.168.0.104:1221 ESTABLISHED Remote 173.194.34.134:80 (Querying... ) (HTTP)
Local 192.168.0.104:1220 ESTABLISHED Remote 64.15.115.123:443 (Querying... ) (HTTPS)
Local 192.168.0.104:1240 ESTABLISHED Remote 23.195.33.224:80 (Querying... ) (HTTP)
C:\Program Files\Java\jre7\bin\jqs.exe (1648)
Local 127.0.0.1:5152 LISTEN
C:\WINDOWS\System32\alg.exe (3388)
Local 127.0.0.1:1030 LISTEN
svchost.exe (844)
Local 0.0.0.0:135 (DCE) LISTEN
System Process
Local 192.168.0.104:1253 TIME-WAIT Remote 62.252.168.8:80 (Querying... ) (HTTP)
Local 192.168.0.104:1243 TIME-WAIT Remote 173.194.34.175:80 (Querying... ) (HTTP)
Local 192.168.0.104:1239 TIME-WAIT Remote 23.195.33.224:80 (Querying... ) (HTTP)
Local 192.168.0.104:1235 TIME-WAIT Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.0.104:1234 TIME-WAIT Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.0.104:1232 TIME-WAIT Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.0.104:1230 TIME-WAIT Remote 54.243.152.203:80 (Querying... ) (HTTP)
Local 192.168.0.104:1229 TIME-WAIT Remote 54.243.152.203:80 (Querying... ) (HTTP)
Local 192.168.0.104:1252 TIME-WAIT Remote 62.252.168.8:80 (Querying... ) (HTTP)
Local 192.168.0.104:1247 TIME-WAIT Remote 62.252.168.57:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.0.104:139 (NetBIOS session service) LISTEN
Generated with Speccy v1.23.569

==================================================
Dump File : Mini111113-01.dmp
Crash Time : 11/11/2013 21:17:47
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf86600b
Parameter 3 : 0xafb91ae4
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+6600b
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6442 (xpsp_sp3_qfe.130829-0416)
Processor : 32-bit
Crash Address : win32k.sys+6600b
Stack Address 1 : win32k.sys+660ea
Stack Address 2 : win32k.sys+e0c49
Stack Address 3 : win32k.sys+e1141
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini111113-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
Dump File Time : 11/11/2013 21:18:28
==================================================

Vino's Event Viewer v01c run on Windows XP in English
Report run at 13/11/2013 00:04:34

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/11/2013 23:58:46
Type: error Category: 0
Event: 23 Source: Print
Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech 135 PS2 driver could not be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 13/11/2013 00:01:50
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0CEEE6E138CF. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 13/11/2013 00:06:16

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 12/11/2013 22:40:45
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user E6400\Gillian registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Temps are good and the hard drive, tho old, appears to be in pretty good shape. If you no longer have the Xerox printer then it should be removed from the printers page.

Copy the text in the code box by highlighting and Ctrl + c

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | Boot | Stopped] -- -- (cerc6)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Gillian\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AFGSp50.sys -- (AFGSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AFGMp50.sys -- (AFGMp50)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
FF - prefs.js..extensions.enabledItems: [email protected]:6.4
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\Gillian\Application Data\IDM\idmmzcc3
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
[2011/10/27 17:41:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2012/01/05 20:30:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2013/11/12 09:53:32 | 103,837,334 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\喋啜6
[2013/11/12 09:53:32 | 103,837,334 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\喋啜6
[2013/11/11 20:48:21 | 103,792,856 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\Ề啜6
[2013/11/11 20:48:21 | 103,792,856 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\Ề啜6
[2013/11/10 15:28:22 | 103,551,423 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ਲ਼啜6
[2013/11/10 15:28:22 | 103,551,423 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ਲ਼啜6
[2013/11/09 15:14:06 | 103,387,443 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\啜6
[2013/11/09 15:14:06 | 103,387,443 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\啜6
[2013/11/07 19:22:34 | 103,000,967 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䏐ⶃ啤6
[2013/11/07 19:22:34 | 103,000,967 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䏐ⶃ啤6
[2013/10/14 15:35:28 | 100,910,526 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᵦ㱠啤6
[2013/10/14 09:36:33 | 100,910,526 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᵦ㱠啤6
[2013/10/11 20:55:17 | 100,511,085 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쨠놮啤6
[2013/10/11 17:19:48 | 100,511,085 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쨠놮啤6
[2013/10/06 13:03:45 | 099,463,930 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\┿啤6
[2013/10/06 13:03:45 | 099,463,930 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\┿啤6
[2013/10/04 14:55:39 | 099,209,434 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ﷱ痵啤6
[2013/10/04 14:55:39 | 099,209,434 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ﷱ痵啤6
[2013/09/15 17:54:59 | 097,671,483 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ƌ僁啤6
[2013/09/15 17:54:59 | 097,671,483 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ƌ僁啤6
[2013/09/14 15:38:33 | 097,581,476 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쁨଩啤6
[2013/09/14 15:38:33 | 097,581,476 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\쁨଩啤6
[2013/09/08 13:56:28 | 096,566,691 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\賐鹬啤6
[2013/09/08 13:56:28 | 096,566,691 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\賐鹬啤6
[2013/09/03 12:48:13 | 095,587,704 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\꽷蕟啤6
[2013/09/03 12:48:13 | 095,587,704 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\꽷蕟啤6
[2013/09/02 14:14:59 | 095,231,388 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\咋墱啤6
[2013/09/02 14:14:59 | 095,231,388 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\咋墱啤6
[2013/08/31 20:52:48 | 095,128,664 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ಌ놭啤6
[2013/08/31 20:52:48 | 095,128,664 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ಌ놭啤6

:files
C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[RESETHOSTS]
[purity]
[Reboot]


then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Double click on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe and to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.


Copy the text in the code box:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg 
%systemroot%\*.jpg 
%systemroot%\*.png 
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav 
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x 
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
DMIcall.sys
beep.sys
Netshell.dll
netcfgx.dll
Netman.dll
connect.dll
mswsock.dll
mmswsock.dll 
/md5stop

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Close Chrome and/or Firefox. Click on Optimize. When it finishes click on Exit.


Download UPHClean. To download and install UPHClean, visit the following Microsoft Web site:
http://www.microsoft...70-42470E2F3582
You will be prompted to validate your copy of Windows.
As soon as you have downloaded the UPHClean installer (UPHClean-Setup.msi), double-click the installer to begin the installation.
In the User Profile Hive Cleanup Service installation wizard, click Next.
In the License Agreement page, read the license agreement, select I Agree, and then click Next.
In the Select Installation Folder page, click Next.
In the Confirm Installation page, click Next.
When UPHClean is installed, click Close.

Do you see any improvement?
  • 0

#5
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
Hi, many thanks for your help with this.

The computer seems to be a bit sluggish by that I mean a slight delay when clicking in search box for google etc and also scrolling down pages but we've not had any further blue screens although it does take some few minutes until the internet connection is available and it seems to take a while at the aquiring network address.

the first OTL did not appear to produce any logs but here are the others

ComboFix 13-11-12.01 - Gillian 13/11/2013 18:49:49.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3536.2939 [GMT 0:00]
Running from: c:\documents and settings\Gillian\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\system32\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-10-13 to 2013-11-13 )))))))))))))))))))))))))))))))
.
.
2013-11-13 18:36 . 2013-11-13 18:36 -------- d-----w- C:\_OTL
2013-11-12 22:34 . 2013-11-12 22:34 -------- d-----w- c:\program files\NirSoft
2013-11-12 22:31 . 2013-11-12 22:31 -------- d-----w- c:\program files\Speccy
2013-11-12 22:25 . 2013-11-12 22:25 -------- d-----w- C:\FRST
2013-11-03 20:30 . 2013-11-03 20:30 -------- d-----w- c:\windows\ERUNT
2013-11-03 20:21 . 2013-11-12 22:06 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 18:33 . 2008-04-13 23:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:33 . 2008-04-13 23:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-23 18:33 . 2008-04-13 23:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:33 . 2008-04-13 23:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2008-04-13 23:00 385024 ----a-w- c:\windows\system32\html.iec
2013-09-05 14:19 . 2013-02-23 07:48 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-08-29 17:31 . 2013-02-23 07:48 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-08-29 01:31 . 2008-04-13 23:00 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-20 20:00 . 2012-02-06 15:36 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-18 13:14 . 2013-08-18 13:14 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-18 13:14 . 2011-10-27 17:41 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-18 13:14 . 2011-10-27 17:41 144896 ----a-w- c:\windows\system32\javacpl.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2010-02-02 2670592]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-08-29 347192]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HD Writer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HD Writer.lnk
backup=c:\windows\pss\HD Writer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDDMStatus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
backup=c:\windows\pss\WDDMStatus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Gillian^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Gillian\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2008-12-16 15:41 729088 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 11:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-01-28 13:08 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2010-01-29 22:04 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPMonitor]
2009-04-20 16:10 84464 ----a-w- c:\program files\Roxio Creator 2009 Special Edition\5.0\CPMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
2012-11-23 08:22 307712 ----a-w- c:\program files\FileHippo.com\UpdateChecker.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 18:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 16:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 12:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2011-12-27 23:21 937360 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2011-12-27 23:21 21392 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2011-12-27 23:21 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 05:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
2010-03-24 14:42 599328 ----a-w- c:\program files\Sony\PMB\PMBVolumeWatcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 03:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2008-08-14 00:23 240112 ----a-w- c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 06:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2009-02-23 11:08 483420 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Smartware Upgrader - Uninstall]
2008-05-19 00:57 95744 ----a-w- c:\windows\system32\msiexec.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [23/02/2013 07:48 37352]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [23/02/2013 07:48 84024]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [16/09/2012 19:25 418376]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [04/05/2010 12:07 503080]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [18/01/2010 22:32 112512]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [18/01/2010 22:29 109568]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [19/01/2010 21:09 22856]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [19/01/2010 21:09 701512]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe [14/08/2008 00:25 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [14/08/2008 00:24 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [14/08/2008 00:24 170480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [14/01/2012 18:15 80184]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [18/01/2010 22:17 241880]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe [14/08/2008 00:25 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [04/03/2009 03:58 1122304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [14/01/2012 18:15 181432]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudserd.sys [14/01/2012 18:15 181432]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [06/05/2008 15:06 11520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-19 07:57 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-11 20:00]
.
2013-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-03 18:57]
.
2013-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-03 18:57]
.
2013-11-12 c:\windows\Tasks\User_Feed_Synchronization-{C41D49E3-3065-492C-8C9A-34C847A14A5B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 04:31]
.
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
DPF: {2665693B-C4F3-434B-83DB-7574CF50C8B7} - hxxp://www.kaspersky.co.uk/downloads/misc/kasperskylicensefinder.cab
FF - ProfilePath - c:\documents and settings\Gillian\Application Data\Mozilla\Firefox\Profiles\4nu0v8wb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL -
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-SDTray - c:\program files\Spybot - Search & Destroy 2\SDTray.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-13 18:54
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):3a,11,06,e7,9d,72,1b,08,62,51,49,79,4d,a7,85,be,cc,f6,33,b9,5d,
9e,4e,d3,95,64,65,c6,4c,3f,36,f0,0a,7b,ce,ec,10,4c,1b,ee,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7df3d936-d60f-455f-997b-fae6500c9364}]
@Denied: (Full) (Everyone)
"Model"=dword:000000aa
"Therad"=dword:0000001b
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(540)
c:\windows\System32\BCMLogon.dll
.
Completion time: 2013-11-13 18:56:01
ComboFix-quarantined-files.txt 2013-11-13 18:55
ComboFix2.txt 2013-11-07 20:45
.
Pre-Run: 197,476,364,288 bytes free
Post-Run: 197,508,714,496 bytes free
.
- - End Of File - - F0DE2E5E0BE1C8861CFF6005E1571FB9
8F558EB6672622401DA993E1E865C861


18:58:33.0078 2496 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:58:39.0531 2496 Perform update action was selected
18:58:39.0531 3192 Deinitialize success


18:59:16.0000 0x0a9c TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
18:59:20.0625 0x0a9c ============================================================
18:59:20.0625 0x0a9c Current date / time: 2013/11/13 18:59:20.0625
18:59:20.0625 0x0a9c SystemInfo:
18:59:20.0625 0x0a9c
18:59:20.0625 0x0a9c OS Version: 5.1.2600 ServicePack: 3.0
18:59:20.0625 0x0a9c Product type: Workstation
18:59:20.0625 0x0a9c ComputerName: E6400
18:59:20.0625 0x0a9c UserName: Gillian
18:59:20.0625 0x0a9c Windows directory: C:\WINDOWS
18:59:20.0625 0x0a9c System windows directory: C:\WINDOWS
18:59:20.0625 0x0a9c Processor architecture: Intel x86
18:59:20.0625 0x0a9c Number of processors: 2
18:59:20.0625 0x0a9c Page size: 0x1000
18:59:20.0625 0x0a9c Boot type: Normal boot
18:59:20.0625 0x0a9c ============================================================
18:59:20.0734 0x0a9c System UUID: {2C97520C-2176-3304-FA7D-EF3458EC9883}
18:59:21.0078 0x0a9c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:59:21.0078 0x0a9c ============================================================
18:59:21.0078 0x0a9c \Device\Harddisk0\DR0:
18:59:21.0078 0x0a9c MBR partitions:
18:59:21.0078 0x0a9c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D1ACCFB
18:59:21.0078 0x0a9c ============================================================
18:59:21.0109 0x0a9c C: <-> \Device\Harddisk0\DR0\Partition1
18:59:21.0109 0x0a9c ============================================================
18:59:21.0109 0x0a9c Initialize success
18:59:21.0109 0x0a9c ============================================================
18:59:39.0250 0x0bcc ============================================================
18:59:39.0250 0x0bcc Scan started
18:59:39.0250 0x0bcc Mode: Manual;
18:59:39.0250 0x0bcc ============================================================
18:59:39.0250 0x0bcc KSN ping started
18:59:52.0625 0x0bcc KSN ping finished: true
18:59:53.0015 0x0bcc ================ Scan system memory ========================
18:59:53.0015 0x0bcc System memory - ok
18:59:53.0015 0x0bcc ================ Scan services =============================
18:59:53.0078 0x0bcc Abiosdsk - ok
18:59:53.0078 0x0bcc abp480n5 - ok
18:59:53.0125 0x0bcc [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:59:53.0140 0x0bcc ACPI - ok
18:59:53.0234 0x0bcc [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:59:53.0234 0x0bcc ACPIEC - ok
18:59:53.0296 0x0bcc [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:59:53.0296 0x0bcc Adobe LM Service - ok
18:59:53.0343 0x0bcc [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:59:53.0343 0x0bcc AdobeFlashPlayerUpdateSvc - ok
18:59:53.0359 0x0bcc adpu160m - ok
18:59:53.0406 0x0bcc [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:59:53.0406 0x0bcc aec - ok
18:59:53.0453 0x0bcc [ F21D5E93A94514BE9F5B6EBF74A696B2, D6E9ABD2C756676AF2EC1EB75AFD25DC3B809A519A6AE5107DB0053A2364DE66 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
18:59:53.0453 0x0bcc AESTAud - ok
18:59:53.0484 0x0bcc [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:59:53.0484 0x0bcc AFD - ok
18:59:53.0500 0x0bcc Aha154x - ok
18:59:53.0500 0x0bcc aic78u2 - ok
18:59:53.0500 0x0bcc aic78xx - ok
18:59:53.0546 0x0bcc [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:59:53.0546 0x0bcc Alerter - ok
18:59:53.0546 0x0bcc [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
18:59:53.0562 0x0bcc ALG - ok
18:59:53.0562 0x0bcc AliIde - ok
18:59:53.0562 0x0bcc amsint - ok
18:59:53.0609 0x0bcc [ 746497D339C854053193119D119799BA, CDC9EDDC0BD0F11FEB54464CE2F6CA8862A1953F297864383E0B4FE17F90B690 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:59:53.0609 0x0bcc AntiVirSchedulerService - ok
18:59:53.0640 0x0bcc [ A2D4915D1CCD0338AB85F14D1C22FD0C, 87A690D2A35521EE7A8154F99A930243349BEE6AEB6DEA23D36624458EC38181 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:59:53.0640 0x0bcc AntiVirService - ok
18:59:53.0703 0x0bcc [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:59:53.0718 0x0bcc Apple Mobile Device - ok
18:59:53.0734 0x0bcc [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:59:53.0734 0x0bcc AppMgmt - ok
18:59:53.0750 0x0bcc [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:59:53.0750 0x0bcc Arp1394 - ok
18:59:53.0750 0x0bcc asc - ok
18:59:53.0750 0x0bcc asc3350p - ok
18:59:53.0765 0x0bcc asc3550 - ok
18:59:53.0875 0x0bcc [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:59:53.0890 0x0bcc aspnet_state - ok
18:59:53.0906 0x0bcc [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:59:53.0906 0x0bcc AsyncMac - ok
18:59:53.0921 0x0bcc [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
18:59:53.0921 0x0bcc atapi - ok
18:59:53.0937 0x0bcc Atdisk - ok
18:59:53.0937 0x0bcc [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:59:53.0937 0x0bcc Atmarpc - ok
18:59:53.0968 0x0bcc [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:59:53.0968 0x0bcc AudioSrv - ok
18:59:54.0000 0x0bcc [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:59:54.0000 0x0bcc audstub - ok
18:59:54.0046 0x0bcc [ 40A34E457431625086F7E161E59A0528, ACB271F16F457173590E0563BEC6EE88A1154E8D369BB18C94D01AF492B99CC5 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:59:54.0046 0x0bcc avgntflt - ok
18:59:54.0078 0x0bcc [ F260F2EE3D21D00BEC0B08068E27BADB, 5E7BC4E54013AFB57FFF8B002B16CE7DC3F2CAB090D72D0C8EB6A403853AD180 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:59:54.0078 0x0bcc avipbb - ok
18:59:54.0093 0x0bcc [ CB8741CD7B126499FED40C9B197F6AC5, F682820A20CED26CD2E6A2531C721DB8985BCC1A03582BC54A706E9AA1A8B615 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:59:54.0093 0x0bcc avkmgr - ok
18:59:54.0218 0x0bcc [ 5D4893633B7161FA25500EB7AEABEC94, 30AD86FFBC30D0A3659C7EEB2C56337C3A9A76F6526DB50F8BE6B79C3151D32C ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
18:59:54.0281 0x0bcc BCM43XX - ok
18:59:54.0328 0x0bcc [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:59:54.0328 0x0bcc Beep - ok
18:59:54.0359 0x0bcc [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
18:59:54.0375 0x0bcc BITS - ok
18:59:54.0437 0x0bcc [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:59:54.0437 0x0bcc Bonjour Service - ok
18:59:54.0484 0x0bcc [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
18:59:54.0484 0x0bcc Browser - ok
18:59:54.0609 0x0bcc catchme - ok
18:59:54.0640 0x0bcc [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:59:54.0640 0x0bcc cbidf2k - ok
18:59:54.0656 0x0bcc [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:59:54.0656 0x0bcc CCDECODE - ok
18:59:54.0656 0x0bcc cd20xrnt - ok
18:59:54.0671 0x0bcc [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:59:54.0671 0x0bcc Cdaudio - ok
18:59:54.0671 0x0bcc [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:59:54.0671 0x0bcc Cdfs - ok
18:59:54.0718 0x0bcc [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:59:54.0718 0x0bcc Cdrom - ok
18:59:54.0718 0x0bcc Changer - ok
18:59:54.0734 0x0bcc [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:59:54.0734 0x0bcc CiSvc - ok
18:59:54.0750 0x0bcc [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:59:54.0750 0x0bcc ClipSrv - ok
18:59:54.0796 0x0bcc [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:59:54.0796 0x0bcc clr_optimization_v2.0.50727_32 - ok
18:59:54.0828 0x0bcc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:59:54.0828 0x0bcc clr_optimization_v4.0.30319_32 - ok
18:59:54.0859 0x0bcc [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:59:54.0859 0x0bcc CmBatt - ok
18:59:54.0859 0x0bcc CmdIde - ok
18:59:54.0859 0x0bcc [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:59:54.0859 0x0bcc Compbatt - ok
18:59:54.0859 0x0bcc COMSysApp - ok
18:59:54.0875 0x0bcc Cpqarray - ok
18:59:54.0937 0x0bcc [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:59:54.0937 0x0bcc CryptSvc - ok
18:59:54.0937 0x0bcc dac2w2k - ok
18:59:54.0937 0x0bcc dac960nt - ok
18:59:54.0984 0x0bcc [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:59:54.0984 0x0bcc DcomLaunch - ok
18:59:55.0046 0x0bcc [ 919F338FD36F47D860775368D0748780, 28A332E77E0F724E89E3EDCB64B24663CFD824E5FDA4FD266913C4E4E5FF676A ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:59:55.0046 0x0bcc dg_ssudbus - ok
18:59:55.0093 0x0bcc [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:59:55.0093 0x0bcc Dhcp - ok
18:59:55.0109 0x0bcc [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:59:55.0109 0x0bcc Disk - ok
18:59:55.0109 0x0bcc dmadmin - ok
18:59:55.0171 0x0bcc [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:59:55.0187 0x0bcc dmboot - ok
18:59:55.0203 0x0bcc [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:59:55.0203 0x0bcc dmio - ok
18:59:55.0234 0x0bcc [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:59:55.0234 0x0bcc dmload - ok
18:59:55.0234 0x0bcc [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
18:59:55.0234 0x0bcc dmserver - ok
18:59:55.0265 0x0bcc [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:59:55.0265 0x0bcc DMusic - ok
18:59:55.0281 0x0bcc [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:59:55.0281 0x0bcc Dnscache - ok
18:59:55.0312 0x0bcc [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:59:55.0312 0x0bcc Dot3svc - ok
18:59:55.0328 0x0bcc dpti2o - ok
18:59:55.0359 0x0bcc [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:59:55.0359 0x0bcc drmkaud - ok
18:59:55.0375 0x0bcc [ 0000BFDA0DE85BFD5D0086B1013E1F72, 012332CAECD09E255A4B1A73D133C64A309727E0A58F3BC124194AA40828D42E ] e1yexpress C:\WINDOWS\system32\DRIVERS\e1y5132.sys
18:59:55.0375 0x0bcc e1yexpress - ok
18:59:55.0406 0x0bcc [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:59:55.0406 0x0bcc EapHost - ok
18:59:55.0406 0x0bcc [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:59:55.0406 0x0bcc ERSvc - ok
18:59:55.0453 0x0bcc [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
18:59:55.0453 0x0bcc Eventlog - ok
18:59:55.0500 0x0bcc [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
18:59:55.0500 0x0bcc EventSystem - ok
18:59:55.0515 0x0bcc [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:59:55.0515 0x0bcc Fastfat - ok
18:59:55.0546 0x0bcc [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:59:55.0562 0x0bcc FastUserSwitchingCompatibility - ok
18:59:55.0562 0x0bcc [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:59:55.0562 0x0bcc Fdc - ok
18:59:55.0578 0x0bcc [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:59:55.0578 0x0bcc Fips - ok
18:59:55.0578 0x0bcc [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:59:55.0578 0x0bcc Flpydisk - ok
18:59:55.0609 0x0bcc [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:59:55.0609 0x0bcc FltMgr - ok
18:59:55.0640 0x0bcc [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:59:55.0656 0x0bcc FontCache3.0.0.0 - ok
18:59:55.0656 0x0bcc [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:59:55.0656 0x0bcc Fs_Rec - ok
18:59:55.0671 0x0bcc [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:59:55.0671 0x0bcc Ftdisk - ok
18:59:55.0718 0x0bcc [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:59:55.0718 0x0bcc GEARAspiWDM - ok
18:59:55.0718 0x0bcc [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:59:55.0718 0x0bcc Gpc - ok
18:59:55.0781 0x0bcc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:59:55.0781 0x0bcc gupdate - ok
18:59:55.0781 0x0bcc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:59:55.0781 0x0bcc gupdatem - ok
18:59:55.0812 0x0bcc [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:59:55.0812 0x0bcc HDAudBus - ok
18:59:55.0843 0x0bcc [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:59:55.0843 0x0bcc helpsvc - ok
18:59:55.0875 0x0bcc [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:59:55.0875 0x0bcc hkmsvc - ok
18:59:55.0875 0x0bcc hpn - ok
18:59:56.0015 0x0bcc [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:59:56.0015 0x0bcc hpqcxs08 - ok
18:59:56.0062 0x0bcc [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:59:56.0062 0x0bcc hpqddsvc - ok
18:59:56.0093 0x0bcc [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
18:59:56.0093 0x0bcc HPZid412 - ok
18:59:56.0109 0x0bcc [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
18:59:56.0109 0x0bcc HPZipr12 - ok
18:59:56.0125 0x0bcc [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
18:59:56.0125 0x0bcc HPZius12 - ok
18:59:56.0140 0x0bcc [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:59:56.0140 0x0bcc HTTP - ok
18:59:56.0187 0x0bcc [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:59:56.0187 0x0bcc HTTPFilter - ok
18:59:56.0187 0x0bcc i2omgmt - ok
18:59:56.0187 0x0bcc i2omp - ok
18:59:56.0234 0x0bcc [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:59:56.0234 0x0bcc i8042prt - ok
18:59:56.0468 0x0bcc [ 3B743262B6456167888D15F1121B3BF7, F45BD6E4E143F9F89AF9BF125AA7238B9E6EEB921D6B43B0224EF178F1DC83DC ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:59:56.0578 0x0bcc ialm - ok
18:59:56.0609 0x0bcc [ 707C1692214B1C290271067197F075F6, 7D0DB754604AABC4AA09AB8BA94326B1A1C2A76F3C2C2C7D6FA14F964BE68A51 ] iastor C:\WINDOWS\system32\drivers\iastor.sys
18:59:56.0625 0x0bcc iastor - ok
18:59:56.0703 0x0bcc [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:59:56.0718 0x0bcc idsvc - ok
18:59:56.0750 0x0bcc [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:59:56.0750 0x0bcc Imapi - ok
18:59:56.0781 0x0bcc [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
18:59:56.0781 0x0bcc ImapiService - ok
18:59:56.0796 0x0bcc ini910u - ok
18:59:56.0812 0x0bcc [ F32A62C765885BD8E4352A1565F702A6, DD9D5E763F2613CAC3472A44C08CC0BF3E8F773C9DF9307D9F63109CC8F3D169 ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
18:59:56.0812 0x0bcc IntcHdmiAddService - ok
18:59:56.0812 0x0bcc IntelIde - ok
18:59:56.0812 0x0bcc [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:59:56.0812 0x0bcc intelppm - ok
18:59:56.0828 0x0bcc [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:59:56.0828 0x0bcc Ip6Fw - ok
18:59:56.0843 0x0bcc [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:59:56.0843 0x0bcc IpFilterDriver - ok
18:59:56.0875 0x0bcc [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:59:56.0875 0x0bcc IpInIp - ok
18:59:56.0906 0x0bcc [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:59:56.0906 0x0bcc IpNat - ok
18:59:56.0953 0x0bcc [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:59:56.0953 0x0bcc iPod Service - ok
18:59:56.0984 0x0bcc [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:59:56.0984 0x0bcc IPSec - ok
18:59:57.0000 0x0bcc [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:59:57.0015 0x0bcc IRENUM - ok
18:59:57.0031 0x0bcc [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:59:57.0046 0x0bcc isapnp - ok
18:59:57.0109 0x0bcc [ 4F4D4AA1E0849FECC0CF5AACD59030B5, F90F33F59926A8F3599B2711C3F4D8F638068D3BE83B390CECD81F9F71DA0DE2 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:59:57.0109 0x0bcc JavaQuickStarterService - ok
18:59:57.0109 0x0bcc [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:59:57.0109 0x0bcc Kbdclass - ok
18:59:57.0125 0x0bcc [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:59:57.0125 0x0bcc kmixer - ok
18:59:57.0156 0x0bcc [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:59:57.0156 0x0bcc KSecDD - ok
18:59:57.0171 0x0bcc [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
18:59:57.0171 0x0bcc LanmanServer - ok
18:59:57.0218 0x0bcc [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:59:57.0218 0x0bcc lanmanworkstation - ok
18:59:57.0218 0x0bcc lbrtfdc - ok
18:59:57.0250 0x0bcc [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:59:57.0250 0x0bcc LmHosts - ok
18:59:57.0265 0x0bcc [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
18:59:57.0265 0x0bcc MBAMProtector - ok
18:59:57.0296 0x0bcc [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:59:57.0296 0x0bcc MBAMScheduler - ok
18:59:57.0343 0x0bcc [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:59:57.0359 0x0bcc MBAMService - ok
18:59:57.0375 0x0bcc [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:59:57.0375 0x0bcc Messenger - ok
18:59:57.0453 0x0bcc [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:59:57.0453 0x0bcc Microsoft Office Groove Audit Service - ok
18:59:57.0484 0x0bcc [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:59:57.0484 0x0bcc mnmdd - ok
18:59:57.0484 0x0bcc [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:59:57.0500 0x0bcc mnmsrvc - ok
18:59:57.0515 0x0bcc [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:59:57.0515 0x0bcc Modem - ok
18:59:57.0546 0x0bcc [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:59:57.0546 0x0bcc Mouclass - ok
18:59:57.0562 0x0bcc [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:59:57.0562 0x0bcc MountMgr - ok
18:59:57.0578 0x0bcc [ C0F8E0C2C3C0437CF37C6781896DC3EC, 12196EF5A94BD011B5D578E755B51424E3238437A028CC1EDFB53138C00D3339 ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
18:59:57.0578 0x0bcc MPE - ok
18:59:57.0578 0x0bcc mraid35x - ok
18:59:57.0593 0x0bcc [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:59:57.0593 0x0bcc MRxDAV - ok
18:59:57.0640 0x0bcc [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:59:57.0640 0x0bcc MRxSmb - ok
18:59:57.0687 0x0bcc [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:59:57.0687 0x0bcc MSDTC - ok
18:59:57.0687 0x0bcc [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:59:57.0687 0x0bcc Msfs - ok
18:59:57.0703 0x0bcc MSIServer - ok
18:59:57.0718 0x0bcc [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:59:57.0718 0x0bcc MSKSSRV - ok
18:59:57.0734 0x0bcc [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:59:57.0734 0x0bcc MSPCLOCK - ok
18:59:57.0734 0x0bcc [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:59:57.0734 0x0bcc MSPQM - ok
18:59:57.0765 0x0bcc [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:59:57.0765 0x0bcc mssmbios - ok
18:59:57.0781 0x0bcc [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:59:57.0781 0x0bcc MSTEE - ok
18:59:57.0781 0x0bcc [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:59:57.0796 0x0bcc Mup - ok
18:59:57.0812 0x0bcc [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:59:57.0812 0x0bcc NABTSFEC - ok
18:59:57.0828 0x0bcc [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:59:57.0828 0x0bcc napagent - ok
18:59:57.0875 0x0bcc [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
18:59:57.0890 0x0bcc NAUpdate - ok
18:59:57.0890 0x0bcc [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:59:57.0906 0x0bcc NDIS - ok
18:59:57.0906 0x0bcc [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:59:57.0906 0x0bcc NdisIP - ok
18:59:57.0921 0x0bcc [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:59:57.0921 0x0bcc NdisTapi - ok
18:59:57.0953 0x0bcc [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:59:57.0953 0x0bcc Ndisuio - ok
18:59:57.0953 0x0bcc [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:59:57.0953 0x0bcc NdisWan - ok
18:59:57.0968 0x0bcc [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:59:57.0984 0x0bcc NDProxy - ok
18:59:58.0000 0x0bcc [ 510C138564486FF926A3F773205C63D1, 50FBB8555C284ED22F71D99750899321B63E3B4C255174FE9B4F31084F9A34B1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
18:59:58.0000 0x0bcc Net Driver HPZ12 - ok
18:59:58.0015 0x0bcc [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:59:58.0015 0x0bcc NetBIOS - ok
18:59:58.0046 0x0bcc [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:59:58.0046 0x0bcc NetBT - ok
18:59:58.0062 0x0bcc [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
18:59:58.0078 0x0bcc NetDDE - ok
18:59:58.0078 0x0bcc [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:59:58.0078 0x0bcc NetDDEdsdm - ok
18:59:58.0109 0x0bcc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:59:58.0109 0x0bcc Netlogon - ok
18:59:58.0109 0x0bcc [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
18:59:58.0125 0x0bcc Netman - ok
18:59:58.0171 0x0bcc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:59:58.0171 0x0bcc NetTcpPortSharing - ok
18:59:58.0187 0x0bcc [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:59:58.0187 0x0bcc NIC1394 - ok
18:59:58.0234 0x0bcc [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
18:59:58.0234 0x0bcc Nla - ok
18:59:58.0250 0x0bcc [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:59:58.0250 0x0bcc Npfs - ok
18:59:58.0296 0x0bcc [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:59:58.0296 0x0bcc Ntfs - ok
18:59:58.0312 0x0bcc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:59:58.0312 0x0bcc NtLmSsp - ok
18:59:58.0328 0x0bcc [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:59:58.0343 0x0bcc NtmsSvc - ok
18:59:58.0359 0x0bcc [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:59:58.0359 0x0bcc Null - ok
18:59:58.0375 0x0bcc [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:59:58.0375 0x0bcc NwlnkFlt - ok
18:59:58.0406 0x0bcc [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:59:58.0406 0x0bcc NwlnkFwd - ok
18:59:58.0468 0x0bcc [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:59:58.0484 0x0bcc odserv - ok
18:59:58.0484 0x0bcc [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:59:58.0484 0x0bcc ohci1394 - ok
18:59:58.0531 0x0bcc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:59:58.0531 0x0bcc ose - ok
18:59:58.0562 0x0bcc [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys
18:59:58.0562 0x0bcc Parport - ok
18:59:58.0562 0x0bcc [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:59:58.0562 0x0bcc PartMgr - ok
18:59:58.0578 0x0bcc [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:59:58.0593 0x0bcc ParVdm - ok
18:59:58.0609 0x0bcc [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:59:58.0609 0x0bcc PCI - ok
18:59:58.0609 0x0bcc PCIDump - ok
18:59:58.0609 0x0bcc PCIIde - ok
18:59:58.0625 0x0bcc [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
18:59:58.0625 0x0bcc Pcmcia - ok
18:59:58.0625 0x0bcc PDCOMP - ok
18:59:58.0625 0x0bcc PDFRAME - ok
18:59:58.0625 0x0bcc PDRELI - ok
18:59:58.0640 0x0bcc PDRFRAME - ok
18:59:58.0640 0x0bcc perc2 - ok
18:59:58.0640 0x0bcc perc2hib - ok
18:59:58.0671 0x0bcc [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
18:59:58.0671 0x0bcc PlugPlay - ok
18:59:58.0671 0x0bcc [ 37E5E8FFBAD35605DAEEC3224EA0E465, E3A9BE275D3C8A3E143DF3A795964E9860A1F6C18BE36F8FE552E954435AC927 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
18:59:58.0671 0x0bcc Pml Driver HPZ12 - ok
18:59:58.0687 0x0bcc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:59:58.0687 0x0bcc PolicyAgent - ok
18:59:58.0687 0x0bcc [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:59:58.0687 0x0bcc PptpMiniport - ok
18:59:58.0703 0x0bcc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:59:58.0703 0x0bcc ProtectedStorage - ok
18:59:58.0703 0x0bcc [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:59:58.0703 0x0bcc PSched - ok
18:59:58.0703 0x0bcc [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:59:58.0703 0x0bcc Ptilink - ok
18:59:58.0734 0x0bcc [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:59:58.0734 0x0bcc PxHelp20 - ok
18:59:58.0734 0x0bcc ql1080 - ok
18:59:58.0734 0x0bcc Ql10wnt - ok
18:59:58.0734 0x0bcc ql12160 - ok
18:59:58.0734 0x0bcc ql1240 - ok
18:59:58.0750 0x0bcc ql1280 - ok
18:59:58.0750 0x0bcc [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:59:58.0750 0x0bcc RasAcd - ok
18:59:58.0781 0x0bcc [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:59:58.0781 0x0bcc RasAuto - ok
18:59:58.0812 0x0bcc [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:59:58.0812 0x0bcc Rasl2tp - ok
18:59:58.0828 0x0bcc [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:59:58.0828 0x0bcc RasMan - ok
18:59:58.0828 0x0bcc [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:59:58.0828 0x0bcc RasPppoe - ok
18:59:58.0828 0x0bcc [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:59:58.0828 0x0bcc Raspti - ok
18:59:58.0843 0x0bcc [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:59:58.0843 0x0bcc Rdbss - ok
18:59:58.0843 0x0bcc [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:59:58.0843 0x0bcc RDPCDD - ok
18:59:58.0875 0x0bcc [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:59:58.0875 0x0bcc rdpdr - ok
18:59:58.0906 0x0bcc [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:59:58.0906 0x0bcc RDPWD - ok
18:59:58.0921 0x0bcc [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:59:58.0921 0x0bcc RDSessMgr - ok
18:59:58.0953 0x0bcc [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:59:58.0953 0x0bcc redbook - ok
18:59:58.0984 0x0bcc [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:59:58.0984 0x0bcc RemoteAccess - ok
18:59:59.0000 0x0bcc [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:59:59.0015 0x0bcc RemoteRegistry - ok
18:59:59.0031 0x0bcc [ 355AAC141B214BEF1DBC1483AFD9BD50, EB9AF96E81C1644C0190D269119BE71C63B60D50153C6EA2659B488C4456DBDF ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
18:59:59.0031 0x0bcc rimmptsk - ok
18:59:59.0125 0x0bcc [ 805393D80291C53085BCE10868E54AD5, 3F6A036B9A2A4AEDD18D1C036B8C4B4A81F99BF60EEF447EB8EFD4C1347553E3 ] Roxio UPnP Renderer 11 C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe
18:59:59.0125 0x0bcc Roxio UPnP Renderer 11 - ok
18:59:59.0140 0x0bcc [ 96A3D9197F4D8A7E456018B809BF2AC1, 09A3360B3B2635009833B5326086254BFAD9106999C654873989055FD3FD34AC ] Roxio Upnp Server 11 C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe
18:59:59.0140 0x0bcc Roxio Upnp Server 11 - ok
18:59:59.0250 0x0bcc [ 8AF842F4C84BDAA882216A01F8825402, 35FA5E3AA8BFA06CE5AE1091EB2C735E5EAE3729D8EAA0A54F82B90AFB1EF513 ] RoxLiveShare11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
18:59:59.0250 0x0bcc RoxLiveShare11 - ok
18:59:59.0312 0x0bcc [ C6394DF3055601B11964B075C811F03C, 2AB6AF537716CE9B18109FB37263C7F08B21AD73873EB0165E93E3DF3FAA3B2C ] RoxMediaDB11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
18:59:59.0328 0x0bcc RoxMediaDB11 - ok
18:59:59.0375 0x0bcc [ 3E8DF3DD655CCE064CF952066DDFF248, 50C81020D99CF8A31984250BA44804FAA615706BC1C3BE78DC02B966AD286E70 ] RoxWatch11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
18:59:59.0375 0x0bcc RoxWatch11 - ok
18:59:59.0406 0x0bcc [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:59:59.0406 0x0bcc RpcLocator - ok
18:59:59.0437 0x0bcc [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:59:59.0437 0x0bcc RpcSs - ok
18:59:59.0484 0x0bcc [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:59:59.0484 0x0bcc RSVP - ok
18:59:59.0515 0x0bcc [ 0501074A2F29250932E34CA4A844A0F5, BDC3A85155CF8910B41B2D6D3A3C43AE0E85374D39807DDC328A7C2D04220C22 ] RxFilter C:\WINDOWS\system32\DRIVERS\RxFilter.sys
18:59:59.0515 0x0bcc RxFilter - ok
18:59:59.0531 0x0bcc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
18:59:59.0531 0x0bcc SamSs - ok
18:59:59.0562 0x0bcc [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:59:59.0562 0x0bcc SCardSvr - ok
18:59:59.0609 0x0bcc [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:59:59.0609 0x0bcc Schedule - ok
18:59:59.0625 0x0bcc [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
18:59:59.0625 0x0bcc sdbus - ok
18:59:59.0640 0x0bcc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:59:59.0640 0x0bcc Secdrv - ok
18:59:59.0671 0x0bcc [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:59:59.0671 0x0bcc seclogon - ok
18:59:59.0671 0x0bcc [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
18:59:59.0671 0x0bcc SENS - ok
18:59:59.0687 0x0bcc [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:59:59.0687 0x0bcc Serenum - ok
18:59:59.0687 0x0bcc [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:59:59.0687 0x0bcc Serial - ok
18:59:59.0703 0x0bcc [ 0FA803C64DF0914B41F807EA276BF2A6, 847B1CD47ADF9E4AE298E74CC53A7F9DB4E58F43919D3A2BBFFE07244134778D ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
18:59:59.0703 0x0bcc sffdisk - ok
18:59:59.0703 0x0bcc [ C17C331E435ED8737525C86A7557B3AC, F1DEB2CA5D8E02280782B354A31E148E3A2F2B5F57AD6C575875DE20F6D3C930 ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
18:59:59.0703 0x0bcc sffp_sd - ok
18:59:59.0718 0x0bcc [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:59:59.0718 0x0bcc Sfloppy - ok
18:59:59.0734 0x0bcc [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:59:59.0734 0x0bcc SharedAccess - ok
18:59:59.0750 0x0bcc [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:59:59.0765 0x0bcc ShellHWDetection - ok
18:59:59.0765 0x0bcc Simbad - ok
18:59:59.0781 0x0bcc [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:59:59.0781 0x0bcc SLIP - ok
18:59:59.0796 0x0bcc Sparrow - ok
18:59:59.0828 0x0bcc [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:59:59.0828 0x0bcc splitter - ok
18:59:59.0843 0x0bcc [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:59:59.0843 0x0bcc Spooler - ok
18:59:59.0875 0x0bcc [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:59:59.0875 0x0bcc sr - ok
18:59:59.0875 0x0bcc [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
18:59:59.0890 0x0bcc srservice - ok
18:59:59.0921 0x0bcc [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:59:59.0937 0x0bcc Srv - ok
18:59:59.0968 0x0bcc [ 069351A1D7D291013177A90AE6EDCCBC, 9AAC7DAEAD7ABF593FB3F7B959BB1F9310C46DBF86395FF4117DDCE4B74E849B ] sscdbus C:\WINDOWS\system32\DRIVERS\sscdbus.sys
18:59:59.0984 0x0bcc sscdbus - ok
19:00:00.0000 0x0bcc [ 1C925BE223A5C0F9F469252292A48DF6, 0A3F59040B0B856D7888F4AA2EC229F506B82C4DB62470E1D1B76B34EB49AF3F ] sscdmdfl C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
19:00:00.0000 0x0bcc sscdmdfl - ok
19:00:00.0015 0x0bcc [ AE3E77AE0FBDB07EB1AC3FED74A0695E, E491A8610AA82D612314C336FDED109D66F7306291798218CBB154D389375096 ] sscdmdm C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
19:00:00.0015 0x0bcc sscdmdm - ok
19:00:00.0046 0x0bcc [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:00:00.0046 0x0bcc SSDPSRV - ok
19:00:00.0093 0x0bcc [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:00:00.0093 0x0bcc ssmdrv - ok
19:00:00.0140 0x0bcc [ 8F299012EF58246F1C98DE7B7E48DBF0, 4F559DBC0A87ABDFFFD92A7DCAB6F8CFCAAE0C83DD5779FC46BE0F53C19A034A ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:00:00.0140 0x0bcc ssudmdm - ok
19:00:00.0171 0x0bcc [ 7CC3E2E0BBA3DD0B6C5E7C7A150BB5C4, 69C6508FCFE187A5AEC9F13B135F4E458B8B70F51A786704AD0C2C441C2A0881 ] ssudserd C:\WINDOWS\system32\DRIVERS\ssudserd.sys
19:00:00.0171 0x0bcc ssudserd - ok
19:00:00.0250 0x0bcc [ 1B76479B80FF0F6E245BA590A64102BE, 34C148B0C1053306669677510C4BA1BD6FE9CB91C00D503C3A8C9760B3851D9B ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
19:00:00.0281 0x0bcc STHDA - ok
19:00:00.0328 0x0bcc [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:00:00.0328 0x0bcc stisvc - ok
19:00:00.0328 0x0bcc [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:00:00.0328 0x0bcc streamip - ok
19:00:00.0343 0x0bcc [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:00:00.0343 0x0bcc swenum - ok
19:00:00.0359 0x0bcc [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:00:00.0359 0x0bcc swmidi - ok
19:00:00.0359 0x0bcc SwPrv - ok
19:00:00.0375 0x0bcc symc810 - ok
19:00:00.0375 0x0bcc symc8xx - ok
19:00:00.0375 0x0bcc sym_hi - ok
19:00:00.0375 0x0bcc sym_u3 - ok
19:00:00.0390 0x0bcc [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:00:00.0390 0x0bcc sysaudio - ok
19:00:00.0406 0x0bcc [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:00:00.0406 0x0bcc SysmonLog - ok
19:00:00.0437 0x0bcc [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:00:00.0437 0x0bcc TapiSrv - ok
19:00:00.0500 0x0bcc [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:00:00.0500 0x0bcc Tcpip - ok
19:00:00.0531 0x0bcc [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:00:00.0531 0x0bcc TDPIPE - ok
19:00:00.0562 0x0bcc [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:00:00.0562 0x0bcc TDTCP - ok
19:00:00.0578 0x0bcc [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:00:00.0593 0x0bcc TermDD - ok
19:00:00.0609 0x0bcc [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
19:00:00.0625 0x0bcc TermService - ok
19:00:00.0640 0x0bcc [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
19:00:00.0640 0x0bcc Themes - ok
19:00:00.0656 0x0bcc [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:00:00.0656 0x0bcc TlntSvr - ok
19:00:00.0656 0x0bcc TosIde - ok
19:00:00.0671 0x0bcc [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:00:00.0671 0x0bcc TrkWks - ok
19:00:00.0703 0x0bcc [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:00:00.0703 0x0bcc Udfs - ok
19:00:00.0718 0x0bcc ultra - ok
19:00:00.0718 0x0bcc [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:00:00.0734 0x0bcc Update - ok
19:00:00.0750 0x0bcc [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
19:00:00.0765 0x0bcc upnphost - ok
19:00:00.0781 0x0bcc [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
19:00:00.0781 0x0bcc UPS - ok
19:00:00.0828 0x0bcc [ F0E0BD77C255C95D317CD69C2E8EFB92, 76C72FA617FABEBE58B9647D790E32E29226B629D92202D29E45FDF91B1F3412 ] USB28xxBGA C:\WINDOWS\system32\DRIVERS\emBDA.sys
19:00:00.0828 0x0bcc USB28xxBGA - ok
19:00:00.0859 0x0bcc [ 925E82FFE06A37799E5CB486528ED835, 5C6863C0CFA78B35BC87DC967181D194346ED272A7A5B85AAD931ADD8F7D021E ] USB28xxOEM C:\WINDOWS\system32\DRIVERS\emOEM.sys
19:00:00.0859 0x0bcc USB28xxOEM - ok
19:00:00.0875 0x0bcc [ 8BF5D980CDCE35FB26F05047144BB57E, 8A770DD649FA0D6F574651E5525B983261B823C5778764598D89C453E68ED3F1 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
19:00:00.0875 0x0bcc USBAAPL - ok
19:00:00.0890 0x0bcc [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:00:00.0890 0x0bcc usbaudio - ok
19:00:00.0921 0x0bcc [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:00:00.0921 0x0bcc usbccgp - ok
19:00:00.0953 0x0bcc [ 6B5E4D5E6E5ECD6ACD14AED59768CE5C, 2DA40F2035D86EA1AF0DC498D36658E330953E4F4BA846103CB4C3D0FBD3FBE5 ] USBCCID C:\WINDOWS\system32\DRIVERS\usbccid.sys
19:00:00.0953 0x0bcc USBCCID - ok
19:00:00.0984 0x0bcc [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:00:00.0984 0x0bcc usbehci - ok
19:00:01.0046 0x0bcc [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:00:01.0046 0x0bcc usbhub - ok
19:00:01.0078 0x0bcc [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:00:01.0078 0x0bcc usbprint - ok
19:00:01.0125 0x0bcc [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:00:01.0125 0x0bcc usbscan - ok
19:00:01.0156 0x0bcc [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:00:01.0156 0x0bcc USBSTOR - ok
19:00:01.0187 0x0bcc [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:00:01.0187 0x0bcc usbuhci - ok
19:00:01.0203 0x0bcc [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E, CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
19:00:01.0203 0x0bcc usb_rndisx - ok
19:00:01.0218 0x0bcc [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:00:01.0218 0x0bcc VgaSave - ok
19:00:01.0234 0x0bcc ViaIde - ok
19:00:01.0234 0x0bcc [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:00:01.0234 0x0bcc VolSnap - ok
19:00:01.0265 0x0bcc [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
19:00:01.0265 0x0bcc VSS - ok
19:00:01.0312 0x0bcc [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
19:00:01.0312 0x0bcc W32Time - ok
19:00:01.0328 0x0bcc [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:00:01.0328 0x0bcc Wanarp - ok
19:00:01.0375 0x0bcc [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
19:00:01.0375 0x0bcc WDC_SAM - ok
19:00:01.0375 0x0bcc WDICA - ok
19:00:01.0406 0x0bcc [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:00:01.0406 0x0bcc wdmaud - ok
19:00:01.0406 0x0bcc [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
19:00:01.0406 0x0bcc WebClient - ok
19:00:01.0500 0x0bcc [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:00:01.0500 0x0bcc winmgmt - ok
19:00:01.0500 0x0bcc wltrysvc - ok
19:00:01.0562 0x0bcc [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:00:01.0562 0x0bcc WmdmPmSN - ok
19:00:01.0593 0x0bcc [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:00:01.0609 0x0bcc Wmi - ok
19:00:01.0609 0x0bcc [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:00:01.0609 0x0bcc WmiAcpi - ok
19:00:01.0656 0x0bcc [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:00:01.0656 0x0bcc WmiApSrv - ok
19:00:01.0750 0x0bcc [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:00:01.0765 0x0bcc WMPNetworkSvc - ok
19:00:01.0796 0x0bcc [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:00:01.0796 0x0bcc WpdUsb - ok
19:00:01.0875 0x0bcc [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:00:01.0890 0x0bcc WPFFontCache_v0400 - ok
19:00:01.0906 0x0bcc [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:00:01.0906 0x0bcc WS2IFSL - ok
19:00:01.0937 0x0bcc [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:00:01.0937 0x0bcc wscsvc - ok
19:00:01.0968 0x0bcc [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:00:01.0968 0x0bcc WSTCODEC - ok
19:00:02.0000 0x0bcc [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:00:02.0000 0x0bcc wuauserv - ok
19:00:02.0031 0x0bcc [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:00:02.0031 0x0bcc WudfPf - ok
19:00:02.0062 0x0bcc [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:00:02.0062 0x0bcc WudfRd - ok
19:00:02.0093 0x0bcc [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:00:02.0093 0x0bcc WudfSvc - ok
19:00:02.0109 0x0bcc [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:00:02.0125 0x0bcc WZCSVC - ok
19:00:02.0125 0x0bcc [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:00:02.0140 0x0bcc xmlprov - ok
19:00:02.0140 0x0bcc ================ Scan global ===============================
19:00:02.0156 0x0bcc [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
19:00:02.0187 0x0bcc [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:00:02.0203 0x0bcc [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:00:02.0218 0x0bcc [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
19:00:02.0218 0x0bcc [ Global ] - ok
19:00:02.0234 0x0bcc ================ Scan MBR ==================================
19:00:02.0234 0x0bcc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:00:02.0406 0x0bcc \Device\Harddisk0\DR0 - ok
19:00:02.0406 0x0bcc ================ Scan VBR ==================================
19:00:02.0406 0x0bcc [ 9221E5D37B1B6A3CF736842153E7F866 ] \Device\Harddisk0\DR0\Partition1
19:00:02.0406 0x0bcc \Device\Harddisk0\DR0\Partition1 - ok
19:00:02.0406 0x0bcc Waiting for KSN requests completion. In queue: 189
19:00:03.0406 0x0bcc Waiting for KSN requests completion. In queue: 189
19:00:04.0406 0x0bcc Waiting for KSN requests completion. In queue: 189
19:00:05.0421 0x0bcc AV detected via SS1: Avira Desktop, 13.6.20.2100, disabled, updated
19:00:05.0437 0x0bcc Win FW state via NFM: enabled
19:00:07.0812 0x0bcc ============================================================
19:00:07.0812 0x0bcc Scan finished
19:00:07.0812 0x0bcc ============================================================
19:00:07.0812 0x0b24 Detected object count: 0
19:00:07.0812 0x0b24 Actual detected object count: 0
19:01:25.0531 0x0898 ============================================================
19:01:25.0531 0x0898 Scan started
19:01:25.0531 0x0898 Mode: Manual; SigCheck; TDLFS;
19:01:25.0531 0x0898 ============================================================
19:01:25.0531 0x0898 KSN ping started
19:01:38.0875 0x0898 KSN ping finished: true
19:01:39.0125 0x0898 ================ Scan system memory ========================
19:01:39.0125 0x0898 System memory - ok
19:01:39.0125 0x0898 ================ Scan services =============================
19:01:39.0187 0x0898 Abiosdsk - ok
19:01:39.0187 0x0898 abp480n5 - ok
19:01:39.0218 0x0898 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:01:39.0390 0x0898 ACPI - ok
19:01:39.0390 0x0898 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:01:39.0484 0x0898 ACPIEC - ok
19:01:39.0546 0x0898 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:01:39.0546 0x0898 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
19:01:39.0546 0x0898 Detect skipped due to KSN trusted
19:01:39.0546 0x0898 Adobe LM Service - ok
19:01:39.0593 0x0898 [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:01:39.0609 0x0898 AdobeFlashPlayerUpdateSvc - ok
19:01:39.0609 0x0898 adpu160m - ok
19:01:39.0656 0x0898 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:01:39.0750 0x0898 aec - ok
19:01:39.0781 0x0898 [ F21D5E93A94514BE9F5B6EBF74A696B2, D6E9ABD2C756676AF2EC1EB75AFD25DC3B809A519A6AE5107DB0053A2364DE66 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
19:01:39.0812 0x0898 AESTAud - ok
19:01:39.0875 0x0898 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:01:39.0875 0x0898 AFD - ok
19:01:39.0890 0x0898 Aha154x - ok
19:01:39.0890 0x0898 aic78u2 - ok
19:01:39.0890 0x0898 aic78xx - ok
19:01:39.0921 0x0898 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:01:40.0015 0x0898 Alerter - ok
19:01:40.0031 0x0898 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
19:01:40.0062 0x0898 ALG - ok
19:01:40.0078 0x0898 AliIde - ok
19:01:40.0078 0x0898 amsint - ok
19:01:40.0125 0x0898 [ 746497D339C854053193119D119799BA, CDC9EDDC0BD0F11FEB54464CE2F6CA8862A1953F297864383E0B4FE17F90B690 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:01:40.0140 0x0898 AntiVirSchedulerService - ok
19:01:40.0171 0x0898 [ A2D4915D1CCD0338AB85F14D1C22FD0C, 87A690D2A35521EE7A8154F99A930243349BEE6AEB6DEA23D36624458EC38181 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:01:40.0171 0x0898 AntiVirService - ok
19:01:40.0218 0x0898 [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:01:40.0234 0x0898 Apple Mobile Device - ok
19:01:40.0265 0x0898 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:01:40.0328 0x0898 AppMgmt - ok
19:01:40.0328 0x0898 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:01:40.0421 0x0898 Arp1394 - ok
19:01:40.0421 0x0898 asc - ok
19:01:40.0421 0x0898 asc3350p - ok
19:01:40.0421 0x0898 asc3550 - ok
19:01:40.0546 0x0898 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:01:40.0562 0x0898 aspnet_state - ok
19:01:40.0578 0x0898 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:01:40.0656 0x0898 AsyncMac - ok
19:01:40.0687 0x0898 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:01:40.0765 0x0898 atapi - ok
19:01:40.0765 0x0898 Atdisk - ok
19:01:40.0765 0x0898 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:01:40.0890 0x0898 Atmarpc - ok
19:01:40.0906 0x0898 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:01:40.0984 0x0898 AudioSrv - ok
19:01:41.0015 0x0898 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:01:41.0093 0x0898 audstub - ok
19:01:41.0125 0x0898 [ 40A34E457431625086F7E161E59A0528, ACB271F16F457173590E0563BEC6EE88A1154E8D369BB18C94D01AF492B99CC5 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:01:41.0156 0x0898 avgntflt - ok
19:01:41.0187 0x0898 [ F260F2EE3D21D00BEC0B08068E27BADB, 5E7BC4E54013AFB57FFF8B002B16CE7DC3F2CAB090D72D0C8EB6A403853AD180 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:01:41.0203 0x0898 avipbb - ok
19:01:41.0203 0x0898 [ CB8741CD7B126499FED40C9B197F6AC5, F682820A20CED26CD2E6A2531C721DB8985BCC1A03582BC54A706E9AA1A8B615 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:01:41.0218 0x0898 avkmgr - ok
19:01:41.0343 0x0898 [ 5D4893633B7161FA25500EB7AEABEC94, 30AD86FFBC30D0A3659C7EEB2C56337C3A9A76F6526DB50F8BE6B79C3151D32C ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
19:01:41.0453 0x0898 BCM43XX - ok
19:01:41.0484 0x0898 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:01:41.0562 0x0898 Beep - ok
19:01:41.0625 0x0898 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
19:01:41.0703 0x0898 BITS - ok
19:01:41.0750 0x0898 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:01:41.0765 0x0898 Bonjour Service - ok
19:01:41.0812 0x0898 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
19:01:41.0828 0x0898 Browser - ok
19:01:41.0921 0x0898 catchme - ok
19:01:41.0953 0x0898 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:01:42.0031 0x0898 cbidf2k - ok
19:01:42.0062 0x0898 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:01:42.0140 0x0898 CCDECODE - ok
19:01:42.0140 0x0898 cd20xrnt - ok
19:01:42.0156 0x0898 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:01:42.0234 0x0898 Cdaudio - ok
19:01:42.0250 0x0898 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:01:42.0328 0x0898 Cdfs - ok
19:01:42.0359 0x0898 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:01:42.0359 0x0898 Cdrom - ok
19:01:42.0375 0x0898 Changer - ok
19:01:42.0390 0x0898 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:01:42.0453 0x0898 CiSvc - ok
19:01:42.0468 0x0898 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:01:42.0531 0x0898 ClipSrv - ok
19:01:42.0578 0x0898 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:01:42.0593 0x0898 clr_optimization_v2.0.50727_32 - ok
19:01:42.0625 0x0898 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:01:42.0640 0x0898 clr_optimization_v4.0.30319_32 - ok
19:01:42.0656 0x0898 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:01:42.0750 0x0898 CmBatt - ok
19:01:42.0750 0x0898 CmdIde - ok
19:01:42.0750 0x0898 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:01:42.0812 0x0898 Compbatt - ok
19:01:42.0828 0x0898 COMSysApp - ok
19:01:42.0828 0x0898 Cpqarray - ok
19:01:42.0875 0x0898 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:01:42.0937 0x0898 CryptSvc - ok
19:01:42.0953 0x0898 dac2w2k - ok
19:01:42.0953 0x0898 dac960nt - ok
19:01:42.0984 0x0898 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:01:43.0000 0x0898 DcomLaunch - ok
19:01:43.0062 0x0898 [ 919F338FD36F47D860775368D0748780, 28A332E77E0F724E89E3EDCB64B24663CFD824E5FDA4FD266913C4E4E5FF676A ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:01:43.0062 0x0898 dg_ssudbus - ok
19:01:43.0109 0x0898 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:01:43.0203 0x0898 Dhcp - ok
19:01:43.0203 0x0898 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:01:43.0281 0x0898 Disk - ok
19:01:43.0281 0x0898 dmadmin - ok
19:01:43.0328 0x0898 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:01:43.0421 0x0898 dmboot - ok
19:01:43.0453 0x0898 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:01:43.0515 0x0898 dmio - ok
19:01:43.0531 0x0898 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:01:43.0593 0x0898 dmload - ok
19:01:43.0609 0x0898 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
19:01:43.0671 0x0898 dmserver - ok
19:01:43.0703 0x0898 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:01:43.0765 0x0898 DMusic - ok
19:01:43.0781 0x0898 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:01:43.0812 0x0898 Dnscache - ok
19:01:43.0843 0x0898 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:01:43.0906 0x0898 Dot3svc - ok
19:01:43.0921 0x0898 dpti2o - ok
19:01:43.0937 0x0898 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:01:44.0015 0x0898 drmkaud - ok
19:01:44.0031 0x0898 [ 0000BFDA0DE85BFD5D0086B1013E1F72, 012332CAECD09E255A4B1A73D133C64A309727E0A58F3BC124194AA40828D42E ] e1yexpress C:\WINDOWS\system32\DRIVERS\e1y5132.sys
19:01:44.0046 0x0898 e1yexpress - ok
19:01:44.0062 0x0898 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:01:44.0140 0x0898 EapHost - ok
19:01:44.0140 0x0898 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:01:44.0218 0x0898 ERSvc - ok
19:01:44.0250 0x0898 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
19:01:44.0265 0x0898 Eventlog - ok
19:01:44.0312 0x0898 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
19:01:44.0328 0x0898 EventSystem - ok
19:01:44.0375 0x0898 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:01:44.0468 0x0898 Fastfat - ok
19:01:44.0515 0x0898 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:01:44.0515 0x0898 FastUserSwitchingCompatibility - ok
19:01:44.0531 0x0898 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:01:44.0593 0x0898 Fdc - ok
19:01:44.0609 0x0898 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:01:44.0687 0x0898 Fips - ok
19:01:44.0687 0x0898 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:01:44.0750 0x0898 Flpydisk - ok
19:01:44.0781 0x0898 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:01:44.0843 0x0898 FltMgr - ok
19:01:44.0890 0x0898 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:01:44.0890 0x0898 FontCache3.0.0.0 - ok
19:01:44.0906 0x0898 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:01:45.0000 0x0898 Fs_Rec - ok
19:01:45.0015 0x0898 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:01:45.0093 0x0898 Ftdisk - ok
19:01:45.0125 0x0898 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:01:45.0140 0x0898 GEARAspiWDM - ok
19:01:45.0140 0x0898 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:01:45.0234 0x0898 Gpc - ok
19:01:45.0296 0x0898 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:01:45.0312 0x0898 gupdate - ok
19:01:45.0312 0x0898 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:01:45.0328 0x0898 gupdatem - ok
19:01:45.0343 0x0898 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:01:45.0437 0x0898 HDAudBus - ok
19:01:45.0484 0x0898 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:01:45.0578 0x0898 helpsvc - ok
19:01:45.0609 0x0898 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:01:45.0671 0x0898 hkmsvc - ok
19:01:45.0687 0x0898 hpn - ok
19:01:45.0796 0x0898 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:01:45.0812 0x0898 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
19:01:45.0812 0x0898 Detect skipped due to KSN trusted
19:01:45.0812 0x0898 hpqcxs08 - ok
19:01:45.0843 0x0898 [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:01:45.0859 0x0898 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
19:01:45.0859 0x0898 Detect skipped due to KSN trusted
19:01:45.0859 0x0898 hpqddsvc - ok
19:01:45.0890 0x0898 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:01:45.0906 0x0898 HPZid412 - ok
19:01:45.0921 0x0898 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:01:45.0937 0x0898 HPZipr12 - ok
19:01:45.0953 0x0898 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:01:45.0968 0x0898 HPZius12 - ok
19:01:45.0984 0x0898 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:01:46.0000 0x0898 HTTP - ok
19:01:46.0031 0x0898 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:01:46.0109 0x0898 HTTPFilter - ok
19:01:46.0109 0x0898 i2omgmt - ok
19:01:46.0109 0x0898 i2omp - ok
19:01:46.0140 0x0898 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:01:46.0234 0x0898 i8042prt - ok
19:01:46.0468 0x0898 [ 3B743262B6456167888D15F1121B3BF7, F45BD6E4E143F9F89AF9BF125AA7238B9E6EEB921D6B43B0224EF178F1DC83DC ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:01:46.0781 0x0898 ialm - ok
19:01:46.0843 0x0898 [ 707C1692214B1C290271067197F075F6, 7D0DB754604AABC4AA09AB8BA94326B1A1C2A76F3C2C2C7D6FA14F964BE68A51 ] iastor C:\WINDOWS\system32\drivers\iastor.sys
19:01:46.0859 0x0898 iastor - ok
19:01:46.0937 0x0898 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:01:46.0968 0x0898 idsvc - ok
19:01:47.0015 0x0898 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:01:47.0078 0x0898 Imapi - ok
19:01:47.0109 0x0898 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
19:01:47.0187 0x0898 ImapiService - ok
19:01:47.0187 0x0898 ini910u - ok
19:01:47.0203 0x0898 [ F32A62C765885BD8E4352A1565F702A6, DD9D5E763F2613CAC3472A44C08CC0BF3E8F773C9DF9307D9F63109CC8F3D169 ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
19:01:47.0234 0x0898 IntcHdmiAddService - ok
19:01:47.0234 0x0898 IntelIde - ok
19:01:47.0265 0x0898 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:01:47.0343 0x0898 intelppm - ok
19:01:47.0343 0x0898 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:01:47.0421 0x0898 Ip6Fw - ok
19:01:47.0437 0x0898 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:01:47.0531 0x0898 IpFilterDriver - ok
19:01:47.0546 0x0898 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:01:47.0625 0x0898 IpInIp - ok
19:01:47.0640 0x0898 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:01:47.0750 0x0898 IpNat - ok
19:01:47.0812 0x0898 [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:01:47.0828 0x0898 iPod Service - ok
19:01:47.0859 0x0898 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:01:47.0921 0x0898 IPSec - ok
19:01:47.0953 0x0898 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:01:48.0000 0x0898 IRENUM - ok
19:01:48.0031 0x0898 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:01:48.0125 0x0898 isapnp - ok
19:01:48.0218 0x0898 [ 4F4D4AA1E0849FECC0CF5AACD59030B5, F90F33F59926A8F3599B2711C3F4D8F638068D3BE83B390CECD81F9F71DA0DE2 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:01:48.0218 0x0898 JavaQuickStarterService - ok
19:01:48.0234 0x0898 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:01:48.0312 0x0898 Kbdclass - ok
19:01:48.0343 0x0898 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:01:48.0421 0x0898 kmixer - ok
19:01:48.0437 0x0898 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:01:48.0437 0x0898 KSecDD - ok
19:01:48.0453 0x0898 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
19:01:48.0468 0x0898 LanmanServer - ok
19:01:48.0500 0x0898 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:01:48.0546 0x0898 lanmanworkstation - ok
19:01:48.0546 0x0898 lbrtfdc - ok
19:01:48.0578 0x0898 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:01:48.0671 0x0898 LmHosts - ok
19:01:48.0703 0x0898 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
19:01:48.0703 0x0898 MBAMProtector - ok
19:01:48.0734 0x0898 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:01:48.0750 0x0898 MBAMScheduler - ok
19:01:48.0781 0x0898 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:01:48.0828 0x0898 MBAMService - ok
19:01:48.0859 0x0898 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:01:48.0921 0x0898 Messenger - ok
19:01:49.0000 0x0898 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:01:49.0000 0x0898 Microsoft Office Groove Audit Service - ok
19:01:49.0031 0x0898 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:01:49.0125 0x0898 mnmdd - ok
19:01:49.0156 0x0898 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:01:49.0265 0x0898 mnmsrvc - ok
19:01:49.0312 0x0898 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:01:49.0390 0x0898 Modem - ok
19:01:49.0390 0x0898 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:01:49.0484 0x0898 Mouclass - ok
19:01:49.0484 0x0898 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:01:49.0562 0x0898 MountMgr - ok
19:01:49.0609 0x0898 [ C0F8E0C2C3C0437CF37C6781896DC3EC, 12196EF5A94BD011B5D578E755B51424E3238437A028CC1EDFB53138C00D3339 ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
19:01:49.0687 0x0898 MPE - ok
19:01:49.0703 0x0898 mraid35x - ok
19:01:49.0734 0x0898 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:01:49.0796 0x0898 MRxDAV - ok
19:01:49.0843 0x0898 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:01:49.0875 0x0898 MRxSmb - ok
19:01:49.0906 0x0898 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:01:49.0984 0x0898 MSDTC - ok
19:01:49.0984 0x0898 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:01:50.0062 0x0898 Msfs - ok
19:01:50.0078 0x0898 MSIServer - ok
19:01:50.0093 0x0898 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:01:50.0171 0x0898 MSKSSRV - ok
19:01:50.0171 0x0898 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:01:50.0234 0x0898 MSPCLOCK - ok
19:01:50.0250 0x0898 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:01:50.0312 0x0898 MSPQM - ok
19:01:50.0343 0x0898 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:01:50.0421 0x0898 mssmbios - ok
19:01:50.0453 0x0898 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:01:50.0515 0x0898 MSTEE - ok
19:01:50.0531 0x0898 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:01:50.0546 0x0898 Mup - ok
19:01:50.0562 0x0898 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:01:50.0640 0x0898 NABTSFEC - ok
19:01:50.0687 0x0898 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:01:50.0765 0x0898 napagent - ok
19:01:50.0812 0x0898 [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
19:01:50.0828 0x0898 NAUpdate - ok
19:01:50.0843 0x0898 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:01:50.0921 0x0898 NDIS - ok
19:01:50.0937 0x0898 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:01:51.0015 0x0898 NdisIP - ok
19:01:51.0046 0x0898 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:01:51.0062 0x0898 NdisTapi - ok
19:01:51.0078 0x0898 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:01:51.0140 0x0898 Ndisuio - ok
19:01:51.0156 0x0898 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:01:51.0218 0x0898 NdisWan - ok
19:01:51.0250 0x0898 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:01:51.0250 0x0898 NDProxy - ok
19:01:51.0281 0x0898 [ 510C138564486FF926A3F773205C63D1, 50FBB8555C284ED22F71D99750899321B63E3B4C255174FE9B4F31084F9A34B1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
19:01:51.0281 0x0898 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:01:51.0281 0x0898 Detect skipped due to KSN trusted
19:01:51.0281 0x0898 Net Driver HPZ12 - ok
19:01:51.0281 0x0898 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:01:51.0359 0x0898 NetBIOS - ok
19:01:51.0375 0x0898 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:01:51.0468 0x0898 NetBT - ok
19:01:51.0500 0x0898 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
19:01:51.0578 0x0898 NetDDE - ok
19:01:51.0578 0x0898 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:01:51.0640 0x0898 NetDDEdsdm - ok
19:01:51.0671 0x0898 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:01:51.0734 0x0898 Netlogon - ok
19:01:51.0750 0x0898 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
19:01:51.0812 0x0898 Netman - ok
19:01:51.0859 0x0898 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:01:51.0875 0x0898 NetTcpPortSharing - ok
19:01:51.0890 0x0898 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:01:51.0984 0x0898 NIC1394 - ok
19:01:52.0031 0x0898 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
19:01:52.0062 0x0898 Nla - ok
19:01:52.0078 0x0898 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:01:52.0140 0x0898 Npfs - ok
19:01:52.0187 0x0898 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:01:52.0265 0x0898 Ntfs - ok
19:01:52.0265 0x0898 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:01:52.0343 0x0898 NtLmSsp - ok
19:01:52.0359 0x0898 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:01:52.0437 0x0898 NtmsSvc - ok
19:01:52.0453 0x0898 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:01:52.0531 0x0898 Null - ok
19:01:52.0546 0x0898 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:01:52.0609 0x0898 NwlnkFlt - ok
19:01:52.0625 0x0898 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:01:52.0687 0x0898 NwlnkFwd - ok
19:01:52.0750 0x0898 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:01:52.0765 0x0898 odserv - ok
19:01:52.0765 0x0898 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:01:52.0843 0x0898 ohci1394 - ok
19:01:52.0875 0x0898 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:01:52.0890 0x0898 ose - ok
19:01:52.0921 0x0898 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys
19:01:52.0984 0x0898 Parport - ok
19:01:53.0000 0x0898 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:01:53.0062 0x0898 PartMgr - ok
19:01:53.0078 0x0898 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:01:53.0140 0x0898 ParVdm - ok
19:01:53.0156 0x0898 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:01:53.0234 0x0898 PCI - ok
19:01:53.0234 0x0898 PCIDump - ok
19:01:53.0234 0x0898 PCIIde - ok
19:01:53.0234 0x0898 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:01:53.0312 0x0898 Pcmcia - ok
19:01:53.0312 0x0898 PDCOMP - ok
19:01:53.0312 0x0898 PDFRAME - ok
19:01:53.0312 0x0898 PDRELI - ok
19:01:53.0312 0x0898 PDRFRAME - ok
19:01:53.0328 0x0898 perc2 - ok
19:01:53.0328 0x0898 perc2hib - ok
19:01:53.0359 0x0898 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
19:01:53.0359 0x0898 PlugPlay - ok
19:01:53.0390 0x0898 [ 37E5E8FFBAD35605DAEEC3224EA0E465, E3A9BE275D3C8A3E143DF3A795964E9860A1F6C18BE36F8FE552E954435AC927 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
19:01:53.0406 0x0898 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:01:53.0406 0x0898 Detect skipped due to KSN trusted
19:01:53.0406 0x0898 Pml Driver HPZ12 - ok
19:01:53.0406 0x0898 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:01:53.0468 0x0898 PolicyAgent - ok
19:01:53.0484 0x0898 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:01:53.0562 0x0898 PptpMiniport - ok
19:01:53.0562 0x0898 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:01:53.0640 0x0898 ProtectedStorage - ok
19:01:53.0640 0x0898 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:01:53.0718 0x0898 PSched - ok
19:01:53.0718 0x0898 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:01:53.0781 0x0898 Ptilink - ok
19:01:53.0812 0x0898 [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:01:53.0812 0x0898 PxHelp20 - ok
19:01:53.0812 0x0898 ql1080 - ok
19:01:53.0828 0x0898 Ql10wnt - ok
19:01:53.0828 0x0898 ql12160 - ok
19:01:53.0828 0x0898 ql1240 - ok
19:01:53.0828 0x0898 ql1280 - ok
19:01:53.0843 0x0898 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:01:53.0906 0x0898 RasAcd - ok
19:01:53.0937 0x0898 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:01:54.0015 0x0898 RasAuto - ok
19:01:54.0031 0x0898 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:01:54.0109 0x0898 Rasl2tp - ok
19:01:54.0109 0x0898 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:01:54.0187 0x0898 RasMan - ok
19:01:54.0187 0x0898 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:01:54.0265 0x0898 RasPppoe - ok
19:01:54.0265 0x0898 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:01:54.0328 0x0898 Raspti - ok
19:01:54.0359 0x0898 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:01:54.0437 0x0898 Rdbss - ok
19:01:54.0453 0x0898 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:01:54.0515 0x0898 RDPCDD - ok
19:01:54.0562 0x0898 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:01:54.0625 0x0898 rdpdr - ok
19:01:54.0656 0x0898 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:01:54.0671 0x0898 RDPWD - ok
19:01:54.0718 0x0898 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:01:54.0781 0x0898 RDSessMgr - ok
19:01:54.0812 0x0898 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:01:54.0890 0x0898 redbook - ok
19:01:54.0921 0x0898 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:01:54.0984 0x0898 RemoteAccess - ok
19:01:55.0000 0x0898 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:01:55.0062 0x0898 RemoteRegistry - ok
19:01:55.0093 0x0898 [ 355AAC141B214BEF1DBC1483AFD9BD50, EB9AF96E81C1644C0190D269119BE71C63B60D50153C6EA2659B488C4456DBDF ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
19:01:55.0125 0x0898 rimmptsk - ok
19:01:55.0218 0x0898 [ 805393D80291C53085BCE10868E54AD5, 3F6A036B9A2A4AEDD18D1C036B8C4B4A81F99BF60EEF447EB8EFD4C1347553E3 ] Roxio UPnP Renderer 11 C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe
19:01:55.0234 0x0898 Roxio UPnP Renderer 11 - ok
19:01:55.0234 0x0898 [ 96A3D9197F4D8A7E456018B809BF2AC1, 09A3360B3B2635009833B5326086254BFAD9106999C654873989055FD3FD34AC ] Roxio Upnp Server 11 C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe
19:01:55.0265 0x0898 Roxio Upnp Server 11 - ok
19:01:55.0359 0x0898 [ 8AF842F4C84BDAA882216A01F8825402, 35FA5E3AA8BFA06CE5AE1091EB2C735E5EAE3729D8EAA0A54F82B90AFB1EF513 ] RoxLiveShare11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
19:01:55.0375 0x0898 RoxLiveShare11 - ok
19:01:55.0437 0x0898 [ C6394DF3055601B11964B075C811F03C, 2AB6AF537716CE9B18109FB37263C7F08B21AD73873EB0165E93E3DF3FAA3B2C ] RoxMediaDB11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
19:01:55.0484 0x0898 RoxMediaDB11 - detected UnsignedFile.Multi.Generic ( 1 )
19:01:55.0484 0x0898 Detect skipped due to KSN trusted
19:01:55.0484 0x0898 RoxMediaDB11 - ok
19:01:55.0515 0x0898 [ 3E8DF3DD655CCE064CF952066DDFF248, 50C81020D99CF8A31984250BA44804FAA615706BC1C3BE78DC02B966AD286E70 ] RoxWatch11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
19:01:55.0531 0x0898 RoxWatch11 - ok
19:01:55.0562 0x0898 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:01:55.0625 0x0898 RpcLocator - ok
19:01:55.0656 0x0898 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:01:55.0671 0x0898 RpcSs - ok
19:01:55.0718 0x0898 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:01:55.0781 0x0898 RSVP - ok
19:01:55.0796 0x0898 [ 0501074A2F29250932E34CA4A844A0F5, BDC3A85155CF8910B41B2D6D3A3C43AE0E85374D39807DDC328A7C2D04220C22 ] RxFilter C:\WINDOWS\system32\DRIVERS\RxFilter.sys
19:01:55.0812 0x0898 RxFilter - ok
19:01:55.0828 0x0898 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
19:01:55.0890 0x0898 SamSs - ok
19:01:55.0921 0x0898 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:01:56.0000 0x0898 SCardSvr - ok
19:01:56.0031 0x0898 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:01:56.0109 0x0898 Schedule - ok
19:01:56.0109 0x0898 [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:01:56.0187 0x0898 sdbus - ok
19:01:56.0203 0x0898 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:01:56.0234 0x0898 Secdrv - ok
19:01:56.0265 0x0898 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:01:56.0328 0x0898 seclogon - ok
19:01:56.0328 0x0898 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
19:01:56.0406 0x0898 SENS - ok
19:01:56.0406 0x0898 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:01:56.0468 0x0898 Serenum - ok
19:01:56.0468 0x0898 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:01:56.0546 0x0898 Serial - ok
19:01:56.0546 0x0898 [ 0FA803C64DF0914B41F807EA276BF2A6, 847B1CD47ADF9E4AE298E74CC53A7F9DB4E58F43919D3A2BBFFE07244134778D ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
19:01:56.0625 0x0898 sffdisk - ok
19:01:56.0625 0x0898 [ C17C331E435ED8737525C86A7557B3AC, F1DEB2CA5D8E02280782B354A31E148E3A2F2B5F57AD6C575875DE20F6D3C930 ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
19:01:56.0687 0x0898 sffp_sd - ok
19:01:56.0703 0x0898 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:01:56.0765 0x0898 Sfloppy - ok
19:01:56.0781 0x0898 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:01:56.0906 0x0898 SharedAccess - ok
19:01:56.0937 0x0898 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:01:56.0937 0x0898 ShellHWDetection - ok
19:01:56.0953 0x0898 Simbad - ok
19:01:56.0968 0x0898 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:01:57.0031 0x0898 SLIP - ok
19:01:57.0046 0x0898 Sparrow - ok
19:01:57.0062 0x0898 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:01:57.0156 0x0898 splitter - ok
19:01:57.0187 0x0898 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:01:57.0187 0x0898 Spooler - ok
19:01:57.0218 0x0898 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:01:57.0250 0x0898 sr - ok
19:01:57.0250 0x0898 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
19:01:57.0296 0x0898 srservice - ok
19:01:57.0343 0x0898 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:01:57.0359 0x0898 Srv - ok
19:01:57.0406 0x0898 [ 069351A1D7D291013177A90AE6EDCCBC, 9AAC7DAEAD7ABF593FB3F7B959BB1F9310C46DBF86395FF4117DDCE4B74E849B ] sscdbus C:\WINDOWS\system32\DRIVERS\sscdbus.sys
19:01:57.0421 0x0898 sscdbus - ok
19:01:57.0453 0x0898 [ 1C925BE223A5C0F9F469252292A48DF6, 0A3F59040B0B856D7888F4AA2EC229F506B82C4DB62470E1D1B76B34EB49AF3F ] sscdmdfl C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
19:01:57.0453 0x0898 sscdmdfl - ok
19:01:57.0468 0x0898 [ AE3E77AE0FBDB07EB1AC3FED74A0695E, E491A8610AA82D612314C336FDED109D66F7306291798218CBB154D389375096 ] sscdmdm C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
19:01:57.0484 0x0898 sscdmdm - ok
19:01:57.0515 0x0898 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:01:57.0546 0x0898 SSDPSRV - ok
19:01:57.0578 0x0898 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:01:57.0593 0x0898 ssmdrv - ok
19:01:57.0640 0x0898 [ 8F299012EF58246F1C98DE7B7E48DBF0, 4F559DBC0A87ABDFFFD92A7DCAB6F8CFCAAE0C83DD5779FC46BE0F53C19A034A ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:01:57.0656 0x0898 ssudmdm - ok
19:01:57.0671 0x0898 [ 7CC3E2E0BBA3DD0B6C5E7C7A150BB5C4, 69C6508FCFE187A5AEC9F13B135F4E458B8B70F51A786704AD0C2C441C2A0881 ] ssudserd C:\WINDOWS\system32\DRIVERS\ssudserd.sys
19:01:57.0687 0x0898 ssudserd - ok
19:01:57.0765 0x0898 [ 1B76479B80FF0F6E245BA590A64102BE, 34C148B0C1053306669677510C4BA1BD6FE9CB91C00D503C3A8C9760B3851D9B ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
19:01:57.0859 0x0898 STHDA - ok
19:01:57.0906 0x0898 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:01:58.0031 0x0898 stisvc - ok
19:01:58.0031 0x0898 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:01:58.0093 0x0898 streamip - ok
19:01:58.0125 0x0898 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:01:58.0187 0x0898 swenum - ok
19:01:58.0203 0x0898 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:01:58.0296 0x0898 swmidi - ok
19:01:58.0296 0x0898 SwPrv - ok
19:01:58.0296 0x0898 symc810 - ok
19:01:58.0296 0x0898 symc8xx - ok
19:01:58.0296 0x0898 sym_hi - ok
19:01:58.0296 0x0898 sym_u3 - ok
19:01:58.0328 0x0898 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:01:58.0390 0x0898 sysaudio - ok
19:01:58.0406 0x0898 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:01:58.0484 0x0898 SysmonLog - ok
19:01:58.0515 0x0898 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:01:58.0593 0x0898 TapiSrv - ok
19:01:58.0640 0x0898 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:01:58.0656 0x0898 Tcpip - ok
19:01:58.0687 0x0898 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:01:58.0750 0x0898 TDPIPE - ok
19:01:58.0781 0x0898 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:01:58.0843 0x0898 TDTCP - ok
19:01:58.0890 0x0898 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:01:58.0968 0x0898 TermDD - ok
19:01:58.0984 0x0898 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
19:01:59.0046 0x0898 TermService - ok
19:01:59.0062 0x0898 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
19:01:59.0078 0x0898 Themes - ok
19:01:59.0093 0x0898 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:01:59.0140 0x0898 TlntSvr - ok
19:01:59.0140 0x0898 TosIde - ok
19:01:59.0140 0x0898 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:01:59.0203 0x0898 TrkWks - ok
19:01:59.0250 0x0898 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:01:59.0328 0x0898 Udfs - ok
19:01:59.0328 0x0898 ultra - ok
19:01:59.0343 0x0898 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:01:59.0421 0x0898 Update - ok
19:01:59.0453 0x0898 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
19:01:59.0515 0x0898 upnphost - ok
19:01:59.0531 0x0898 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
19:01:59.0625 0x0898 UPS - ok
19:01:59.0671 0x0898 [ F0E0BD77C255C95D317CD69C2E8EFB92, 76C72FA617FABEBE58B9647D790E32E29226B629D92202D29E45FDF91B1F3412 ] USB28xxBGA C:\WINDOWS\system32\DRIVERS\emBDA.sys
19:01:59.0703 0x0898 USB28xxBGA - ok
19:01:59.0718 0x0898 [ 925E82FFE06A37799E5CB486528ED835, 5C6863C0CFA78B35BC87DC967181D194346ED272A7A5B85AAD931ADD8F7D021E ] USB28xxOEM C:\WINDOWS\system32\DRIVERS\emOEM.sys
19:01:59.0734 0x0898 USB28xxOEM - ok
19:01:59.0750 0x0898 [ 8BF5D980CDCE35FB26F05047144BB57E, 8A770DD649FA0D6F574651E5525B983261B823C5778764598D89C453E68ED3F1 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
19:01:59.0781 0x0898 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
19:01:59.0781 0x0898 Detect skipped due to KSN trusted
19:01:59.0781 0x0898 USBAAPL - ok
19:01:59.0812 0x0898 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:01:59.0828 0x0898 usbaudio - ok
19:01:59.0843 0x0898 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:01:59.0859 0x0898 usbccgp - ok
19:01:59.0890 0x0898 [ 6B5E4D5E6E5ECD6ACD14AED59768CE5C, 2DA40F2035D86EA1AF0DC498D36658E330953E4F4BA846103CB4C3D0FBD3FBE5 ] USBCCID C:\WINDOWS\system32\DRIVERS\usbccid.sys
19:01:59.0906 0x0898 USBCCID - ok
19:01:59.0937 0x0898 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:01:59.0953 0x0898 usbehci - ok
19:01:59.0968 0x0898 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:02:00.0031 0x0898 usbhub - ok
19:02:00.0062 0x0898 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:02:00.0140 0x0898 usbprint - ok
19:02:00.0171 0x0898 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:02:00.0187 0x0898 usbscan - ok
19:02:00.0218 0x0898 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:02:00.0296 0x0898 USBSTOR - ok
19:02:00.0328 0x0898 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:02:00.0390 0x0898 usbuhci - ok
19:02:00.0421 0x0898 [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E, CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
19:02:00.0453 0x0898 usb_rndisx - ok
19:02:00.0468 0x0898 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:02:00.0546 0x0898 VgaSave - ok
19:02:00.0546 0x0898 ViaIde - ok
19:02:00.0546 0x0898 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:02:00.0640 0x0898 VolSnap - ok
19:02:00.0656 0x0898 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
19:02:00.0718 0x0898 VSS - ok
19:02:00.0765 0x0898 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
19:02:00.0828 0x0898 W32Time - ok
19:02:00.0843 0x0898 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:02:00.0937 0x0898 Wanarp - ok
19:02:00.0984 0x0898 [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
19:02:00.0984 0x0898 WDC_SAM - ok
19:02:00.0984 0x0898 WDICA - ok
19:02:01.0015 0x0898 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:02:01.0078 0x0898 wdmaud - ok
19:02:01.0093 0x0898 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
19:02:01.0156 0x0898 WebClient - ok
19:02:01.0218 0x0898 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:02:01.0312 0x0898 winmgmt - ok
19:02:01.0328 0x0898 wltrysvc - ok
19:02:01.0359 0x0898 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:02:01.0375 0x0898 WmdmPmSN - ok
19:02:01.0421 0x0898 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:02:01.0453 0x0898 Wmi - ok
19:02:01.0484 0x0898 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:02:01.0546 0x0898 WmiAcpi - ok
19:02:01.0578 0x0898 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:02:01.0656 0x0898 WmiApSrv - ok
19:02:01.0750 0x0898 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:02:01.0812 0x0898 WMPNetworkSvc - ok
19:02:01.0843 0x0898 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:02:01.0843 0x0898 WpdUsb - ok
19:02:01.0921 0x0898 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:02:01.0953 0x0898 WPFFontCache_v0400 - ok
19:02:02.0000 0x0898 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:02:02.0062 0x0898 WS2IFSL - ok
19:02:02.0093 0x0898 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:02:02.0156 0x0898 wscsvc - ok
19:02:02.0187 0x0898 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:02:02.0250 0x0898 WSTCODEC - ok
19:02:02.0281 0x0898 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:02:02.0343 0x0898 wuauserv - ok
19:02:02.0375 0x0898 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:02:02.0390 0x0898 WudfPf - ok
19:02:02.0406 0x0898 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:02:02.0421 0x0898 WudfRd - ok
19:02:02.0437 0x0898 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:02:02.0468 0x0898 WudfSvc - ok
19:02:02.0500 0x0898 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:02:02.0625 0x0898 WZCSVC - ok
19:02:02.0640 0x0898 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:02:02.0703 0x0898 xmlprov - ok
19:02:02.0703 0x0898 ================ Scan global ===============================
19:02:02.0734 0x0898 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
19:02:02.0765 0x0898 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:02:02.0781 0x0898 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:02:02.0812 0x0898 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
19:02:02.0812 0x0898 [ Global ] - ok
19:02:02.0812 0x0898 ================ Scan MBR ==================================
19:02:02.0828 0x0898 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:02:03.0078 0x0898 \Device\Harddisk0\DR0 - ok
19:02:03.0078 0x0898 ================ Scan VBR ==================================
19:02:03.0078 0x0898 [ 9221E5D37B1B6A3CF736842153E7F866 ] \Device\Harddisk0\DR0\Partition1
19:02:03.0078 0x0898 \Device\Harddisk0\DR0\Partition1 - ok
19:02:03.0093 0x0898 AV detected via SS1: Avira Desktop, 13.6.20.2100, disabled, updated
19:02:03.0093 0x0898 Win FW state via NFM: enabled
19:02:05.0453 0x0898 ============================================================
19:02:05.0453 0x0898 Scan finished
19:02:05.0453 0x0898 ============================================================
19:02:05.0453 0x0c04 Detected object count: 0
19:02:05.0453 0x0c04 Actual detected object count: 0
19:02:38.0781 0x0aa8 Deinitialize success



Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.13.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gillian :: E6400 [administrator]

13/11/2013 19:07:10
mbam-log-2013-11-13 (19-07-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 272784
Time elapsed: 5 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\MyScrapNook_12Installer.Start (PUP.Optional.MyScrapNook.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


OTL logfile created on: 13/11/2013 19:15:46 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gillian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.45 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 78.14% Memory free
5.29 Gb Paging File | 4.52 Gb Available in Paging File | 85.45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.84 Gb Total Space | 183.93 Gb Free Space | 79.00% Space Free | Partition Type: NTFS

Computer Name: E6400 | User Name: Gillian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/12 09:52:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gillian\Desktop\OTL.exe
PRC - [2013/10/09 00:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/10/08 12:08:53 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/08/29 17:31:36 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013/08/29 17:31:26 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013/08/29 17:31:25 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/08/29 17:31:25 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/08/18 13:14:13 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2008/04/13 23:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/09 00:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/09 00:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/09 00:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/02/23 07:43:21 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/02/02 21:47:42 | 000,143,360 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2010/02/02 21:45:58 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll


========== Services (SafeList) ==========

SRV - [2013/08/29 17:31:36 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/08/29 17:31:25 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/08/20 20:00:30 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/18 13:14:13 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/01/09 13:46:25 | 001,122,304 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe -- (RoxMediaDB11)
SRV - [2008/08/14 00:25:24 | 000,367,088 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe -- (Roxio Upnp Server 11)
SRV - [2008/08/14 00:25:20 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe -- (Roxio UPnP Renderer 11)
SRV - [2008/08/14 00:24:06 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe -- (RoxLiveShare11)
SRV - [2008/08/14 00:24:02 | 000,170,480 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe -- (RoxWatch11)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Gillian\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/09/05 14:19:03 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/08/29 17:31:37 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/03/30 11:34:09 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/02/23 07:43:31 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011/12/08 04:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2011/12/08 04:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011/12/08 04:22:38 | 000,080,184 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/12/08 04:22:36 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011/12/08 04:22:36 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2011/12/08 04:22:36 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011/03/23 16:00:10 | 000,241,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress)
DRV - [2011/02/16 15:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010/02/02 21:47:32 | 002,696,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/02/23 11:08:10 | 001,545,795 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/12/16 15:41:44 | 000,112,512 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/09/22 13:40:46 | 000,109,568 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/08/11 10:53:22 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2008/04/14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/03/06 18:42:14 | 000,530,944 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/04/26 04:42:16 | 000,045,696 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/05/13 17:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E 49 73 C5 48 C4 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..keyword.URL: ""
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/25 20:59:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/10 13:40:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/18 16:15:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/25 20:59:32 | 000,000,000 | ---D | M]

[2010/01/18 21:13:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gillian\Application Data\Mozilla\Extensions
[2013/05/09 15:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gillian\Application Data\Mozilla\Firefox\Profiles\4nu0v8wb.default\extensions
[2013/11/13 18:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/22 03:30:24 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/12/22 03:30:24 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/12/22 03:30:24 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/12/22 03:30:24 | 000,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

O1 HOSTS File: ([2013/11/13 18:54:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} http://www.partsaren...ns/IMIESRCH.cab (SearchCD Control)
O16 - DPF: {2665693B-C4F3-434B-83DB-7574CF50C8B7} http://www.kaspersky...censefinder.cab (Kaspersky License Finder)
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} http://www.partsaren...ins/GFXVIEW.cab (GrafixViewControl)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1346872701250 (MUWebControl Class)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://cards.hallmar...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BDDADA8-A4CB-4B1E-8758-F57923403A51}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Gillian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gillian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/18 20:56:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.dvacm - c:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iscc - C:\WINDOWS\System32\iscc.dll (innoheim)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/11/13 19:06:13 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/11/13 19:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/11/13 19:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/13 19:05:11 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gillian\Desktop\mbam-setup-1.75.0.1300.exe
[2013/11/13 19:04:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/11/13 18:57:49 | 004,121,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Gillian\Desktop\TDSSKiller.exe
[2013/11/13 18:56:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/11/13 18:48:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/11/13 18:48:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/11/13 18:48:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/11/13 18:48:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/11/13 18:47:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/11/13 18:45:41 | 005,147,957 | R--- | C] (Swearware) -- C:\Documents and Settings\Gillian\Desktop\ComboFix.exe
[2013/11/13 18:36:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/12 22:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gillian\Start Menu\Programs\NirSoft BlueScreenView
[2013/11/12 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/11/12 22:31:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/11/12 22:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/11/12 22:30:25 | 005,552,488 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Gillian\Desktop\spsetup123.exe
[2013/11/12 22:25:08 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/12 22:23:24 | 001,090,275 | ---- | C] (Farbar) -- C:\Documents and Settings\Gillian\Desktop\FRST.exe
[2013/11/12 22:07:35 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\Gillian\Desktop\JRT.exe
[2013/11/12 09:52:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gillian\Desktop\OTL.exe
[2013/11/03 20:30:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/11/03 20:21:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/29 21:09:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer_files
[2013/10/19 14:17:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gillian\Recent
[1 C:\Documents and Settings\Gillian\Desktop\*.tmp files -> C:\Documents and Settings\Gillian\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/13 19:06:13 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/13 19:05:16 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gillian\Desktop\mbam-setup-1.75.0.1300.exe
[2013/11/13 18:58:57 | 004,100,773 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\tdsskiller.zip
[2013/11/13 18:54:25 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/13 18:46:00 | 005,147,957 | R--- | M] (Swearware) -- C:\Documents and Settings\Gillian\Desktop\ComboFix.exe
[2013/11/13 18:37:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/13 18:37:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/13 00:03:11 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Gillian\Desktop\VEW.exe
[2013/11/12 22:34:40 | 000,141,480 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\bluescreenview_setup.exe
[2013/11/12 22:31:23 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/11/12 22:30:29 | 005,552,488 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Gillian\Desktop\spsetup123.exe
[2013/11/12 22:23:28 | 001,090,275 | ---- | M] (Farbar) -- C:\Documents and Settings\Gillian\Desktop\FRST.exe
[2013/11/12 22:07:41 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\Gillian\Desktop\JRT.exe
[2013/11/12 21:54:17 | 001,085,542 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\AdwCleaner.exe
[2013/11/12 21:40:21 | 000,884,566 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/12 21:40:21 | 000,278,538 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/12 18:59:38 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C41D49E3-3065-492C-8C9A-34C847A14A5B}.job
[2013/11/12 15:57:48 | 004,121,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Gillian\Desktop\TDSSKiller.exe
[2013/11/12 09:52:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gillian\Desktop\OTL.exe
[2013/11/09 17:52:23 | 000,008,897 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\DP0821201317044083M.jpg
[2013/11/07 20:40:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20131110-180705.backup
[2013/10/29 21:12:00 | 000,079,373 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\B0047FA8D8.htm
[2013/10/29 21:10:41 | 000,215,486 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer.htm
[2013/10/29 21:06:20 | 000,007,780 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\Fiorelli.jpg
[2013/10/29 21:05:00 | 000,008,368 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\sussex.jpg
[2013/10/29 20:59:22 | 000,007,278 | ---- | M] () -- C:\Documents and Settings\Gillian\Desktop\Radley.jpg
[2013/10/19 08:02:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[1 C:\Documents and Settings\Gillian\Desktop\*.tmp files -> C:\Documents and Settings\Gillian\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/13 19:06:13 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/13 18:58:47 | 004,100,773 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\tdsskiller.zip
[2013/11/13 18:48:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/11/13 18:48:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/11/13 18:48:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/11/13 18:48:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/11/13 18:48:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/11/13 00:03:06 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Gillian\Desktop\VEW.exe
[2013/11/12 22:34:39 | 000,141,480 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\bluescreenview_setup.exe
[2013/11/12 22:31:23 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/11/12 21:54:03 | 001,085,542 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\AdwCleaner.exe
[2013/11/09 17:52:22 | 000,008,897 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\DP0821201317044083M.jpg
[2013/10/29 21:12:00 | 000,079,373 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\B0047FA8D8.htm
[2013/10/29 21:09:41 | 000,215,486 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\M&S Collection Panelled Cross Body Bag - Marks & Spencer.htm
[2013/10/29 21:06:20 | 000,007,780 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\Fiorelli.jpg
[2013/10/29 21:05:00 | 000,008,368 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\sussex.jpg
[2013/10/29 20:59:21 | 000,007,278 | ---- | C] () -- C:\Documents and Settings\Gillian\Desktop\Radley.jpg
[2013/08/03 18:20:57 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\gcapi_dll.dll
[2012/02/16 07:22:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/30 18:05:01 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2011/12/26 20:09:04 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-IULS0.exe
[2011/12/26 19:57:50 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-R5FB6.exe
[2011/12/23 20:58:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/12/23 20:58:24 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/12/23 20:58:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/12/23 20:58:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/12/23 20:58:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/02/12 12:27:27 | 000,061,132 | ---- | C] () -- C:\Documents and Settings\Gillian\Local Settings\Application Data\rx_audio.Cache
[2011/02/12 12:27:27 | 000,002,088 | ---- | C] () -- C:\Documents and Settings\Gillian\Local Settings\Application Data\rx_image32.Cache
[2010/02/11 21:28:08 | 000,037,897 | ---- | C] () -- C:\Documents and Settings\Gillian\Application Data\Comma Separated Values (Windows).ADR
[2010/01/29 19:45:16 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Gillian\Application Data\$_hpcst$.hpc
[2010/01/22 20:34:00 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Gillian\default.pls
[2010/01/22 20:33:22 | 000,188,416 | ---- | C] () -- C:\Documents and Settings\Gillian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010/08/07 18:27:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/10/29 05:38:22 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 23:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< >

< %SYSTEMDRIVE%\*.* >
[2012/01/04 21:19:58 | 112,041,148 | ---- | M] () -- C:\8ECC055D-047F-11D1-A537-0000F8753ED1.reg
[2012/11/13 06:39:46 | 000,003,945 | ---- | M] () -- C:\AdwCleaner[R1].txt
[2012/11/13 06:41:34 | 000,004,005 | ---- | M] () -- C:\AdwCleaner[R2].txt
[2012/11/13 06:42:34 | 000,003,659 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2013/01/08 22:30:48 | 000,001,403 | ---- | M] () -- C:\AdwCleaner[S2].txt
[2010/01/18 20:56:13 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/01/18 20:52:15 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2013/01/13 21:56:43 | 000,000,354 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | R-S- | M] () -- C:\cmldr
[2013/11/13 18:56:01 | 000,014,956 | ---- | M] () -- C:\ComboFix.txt
[2010/01/18 20:56:13 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/03/25 20:23:00 | 000,000,160 | ---- | M] () -- C:\immudebug.log
[2010/01/18 20:56:13 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2011/02/27 16:50:11 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2011/05/05 14:55:32 | 000,064,666 | ---- | M] () -- C:\MP4debug.log
[2010/01/18 20:56:13 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2012/01/01 16:19:22 | 000,010,684 | ---- | M] () -- C:\MyNICDetails.txt
[2008/04/13 23:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/13 23:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/11/13 18:37:41 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2012/02/25 15:28:12 | 000,000,102 | ---- | M] () -- C:\qehjlhawlh
[2013/11/13 18:58:39 | 000,000,354 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_13.11.2013_18.58.33_log.txt
[2013/11/13 19:02:38 | 000,263,738 | ---- | M] () -- C:\TDSSKiller.3.0.0.17_13.11.2013_18.59.15_log.txt
[2013/11/13 00:06:17 | 000,000,857 | ---- | M] () -- C:\VEW.txt
[2012/01/04 21:16:35 | 165,603,706 | ---- | M] () -- C:\{8ECC055D-047F-11D1-A537-0000F8753ED1}

< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2010/01/18 20:56:00 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 12:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/10/06 15:37:30 | 000,315,392 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp083.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 10:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2010/01/18 20:48:09 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010/01/18 20:48:09 | 001,089,536 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010/01/18 20:48:09 | 000,929,792 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/01/18 20:56:13 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-10-13 20:07:24

< MD5 for: BEEP.SYS >
[2008/04/13 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2008/04/13 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2008/04/13 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: MSWSOCK.DLL >
[2008/06/20 17:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\ERDNT\cache\mswsock.dll
[2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/13 23:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/06/20 17:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 17:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NETCFGX.DLL >
[2008/04/13 23:00:00 | 000,622,592 | ---- | M] (Microsoft Corporation) MD5=37A62C6092AADD2EFDE0468DD8818E99 -- C:\WINDOWS\system32\dllcache\netcfgx.dll
[2008/04/13 23:00:00 | 000,622,592 | ---- | M] (Microsoft Corporation) MD5=37A62C6092AADD2EFDE0468DD8818E99 -- C:\WINDOWS\system32\netcfgx.dll

< MD5 for: NETMAN.DLL >
[2008/04/13 23:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\ERDNT\cache\netman.dll
[2008/04/13 23:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\system32\dllcache\netman.dll
[2008/04/13 23:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\system32\netman.dll

< MD5 for: NETSHELL.DLL >
[2008/04/13 23:00:00 | 001,703,936 | ---- | M] (Microsoft Corporation) MD5=062F837C1FBDB6A0A75F82EFC2EE8E74 -- C:\WINDOWS\system32\dllcache\netshell.dll
[2008/04/13 23:00:00 | 001,703,936 | ---- | M] (Microsoft Corporation) MD5=062F837C1FBDB6A0A75F82EFC2EE8E74 -- C:\WINDOWS\system32\netshell.dll

========== Files - Unicode (All) ==========
[2013/11/12 16:22:56 | 103,912,569 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\캆끅啜6
[2013/11/12 16:22:56 | 103,912,569 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\캆끅啜6
[2013/01/02 23:41:37 | 000,014,093 | ---- | M] ()(C:\Documents and Settings\Gillian\My Documents\?ƒ ?s?.docx) -- C:\Documents and Settings\Gillian\My Documents\ɪƒ ƴσυ.docx
[2013/01/02 23:41:37 | 000,014,093 | ---- | C] ()(C:\Documents and Settings\Gillian\My Documents\?ƒ ?s?.docx) -- C:\Documents and Settings\Gillian\My Documents\ɪƒ ƴσυ.docx

< End of report >


OTL Extras logfile created on: 13/11/2013 19:15:46 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gillian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.45 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 78.14% Memory free
5.29 Gb Paging File | 4.52 Gb Available in Paging File | 85.45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.84 Gb Total Space | 183.93 Gb Free Space | 79.00% Space Free | Partition Type: NTFS

Computer Name: E6400 | User Name: Gillian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\PROGRA~1\MICROS~2\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{00405945-70C1-4B1D-9A3C-45A2883366AF}" = PS_AIO_05_C4600_Software_Min
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0830C2E8-01B9-4CD1-B218-12B0107D5BED}" = calibre
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1D53B6F9-E66E-42D8-A221-4FF8AC134FD7}" = Roxio Activation Module
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21ABEA96-CCAB-4C40-8699-6BDFEC5FD63C}" = EMC 11 Content
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3383136B-4F86-4F05-8612-DD4BB16A1EAE}" = Roxio Central
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44C81D1A-0520-49BB-B510-98B8DD414EA1}" = HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{51D7C8E7-A7CB-46F9-B959-EFE6D59DDBE8}" = HD Writer PE 1.0
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Ver.3.53.02
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{69F56014-2C48-4885-8D72-0E069F89647F}" = Roxio Creator 2009 Special Edition
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Driver
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7919D8D9-69FB-4E94-B330-04C4AF251867}" = Roxio Creator 2009 Special Edition
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7CDD7C4C-5224-40E4-951F-51C12FEAB8AB}" = C4600
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C64C35E-093A-43B9-B7E5-9966581FC143}" = iSCC
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA749D64-3741-4D5F-B804-B0BC05D179D1}" = Roxio CinePlayer
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BC21E1FA-BD9C-4351-8EA3-4EC377B1E439}_is1" = Power CD+G Burner
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0FE37FA-0886-4B66-B01B-76CF70FB77AB}" = Roxio CinePlayer Decoder Pack
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Buzzy Bumble" = Buzzy Bumble
"CCleaner" = CCleaner
"CopyTrans Suite" = CopyTrans Suite Remove Only
"DW WLAN Card Utility" = DW WLAN Card Utility
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KaraFun_is1" = KaraFun 1.18
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"proDAD-Mercalli-1.0" = proDAD Mercalli 1.0
"Product Key Explorer_is1" = Product Key Explorer 1.0
"PROSet" = Intel® Network Connections Drivers
"Revo Uninstaller" = Revo Uninstaller 1.95
"Shop for HP Supplies" = Shop for HP Supplies
"Speccy" = Speccy
"TVEpaDrv" = Roxio Video Capture USB Driver
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZonerPhotoStudio12_EN_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ OSession Events ]
Error - 10/08/2010 10:25:30 | Computer Name = E6400 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 9939
seconds with 2220 seconds of active time. This session ended with a crash.

Error - 03/12/2012 11:06:51 | Computer Name = E6400 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/11/2013 19:58:46 | Computer Name = E6400 | Source = Print | ID = 23
Description = Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech
135 PS2 driver could not be found.

Error - 13/11/2013 14:29:21 | Computer Name = E6400 | Source = Print | ID = 23
Description = Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech
135 PS2 driver could not be found.

Error - 13/11/2013 14:37:48 | Computer Name = E6400 | Source = Print | ID = 23
Description = Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech
135 PS2 driver could not be found.

Error - 13/11/2013 14:49:39 | Computer Name = E6400 | Source = Service Control Manager | ID = 7034
Description = The DW WLAN Tray Service service terminated unexpectedly. It has
done this 1 time(s).


< End of report >

Edited by Steviep, 13 November 2013 - 02:23 PM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c

:OTL
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[2013/11/12 16:22:56 | 103,912,569 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\캆끅啜6
[2013/11/12 16:22:56 | 103,912,569 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\캆끅啜6
[2012/02/25 15:28:12 | 000,000,102 | ---- | M] () -- C:\qehjlhawlh

:files
type C:\8ECC055D-047F-11D1-A537-0000F8753ED1.reg /c


:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.


Update Java 7 Update 25 to Java 7 Update 45:

Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.


I think 45 will uninstall 25 but if it doesn't, please uninstall it after 45 is installed.

You are still getting errors because of the printer:

Description = Printer LogoSmartz failed to initialize because a suitable Xerox DocuTech
135 PS2 driver could not be found.


If you still have the printer then go to the Xerox site and download the latest version of the driver for it. If you no longer have it then go into Start, Settings, Printers and Fax and uninstall it.

Also your WiFi driver needs to be reinstalled with the latest version:

Description = The DW WLAN Tray Service service terminated unexpectedly.


I assume it is part of DW WLAN Card Utility.

Go to the PC maker's site and see if there is a new Intel Chipset Installation Utility for this PC. Install it if you find one.


Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.





Press Win+R to summon the Run dialog box. ("Win" is the Windows key to the outside of the ALT keys)

Type msconfig and press Enter.

Click the Boot tab.

Place a check mark by the item Boot Log.

Click OK.

Click the Restart button to restart now.


Copy the next line:
notepad c:\windows\ntbtlog.txt


Press Win+R to summon the Run dialog box.

Right click and Paste or Edit then Paste and the copied line will appear. Hit Enter. Notepad should open. Copy and paste the text from notepad.
  • 1

#7
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
Hi I've tried to do the OTL fix however keeps locking up with only this part showing at the bottom of custom scan box

type C:\8ECC055D-047F-11D1-A537-0000F8753ED1.reg /c


:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

I've not tried anythin else yet in case it should be done in order however I have to say that I have deleted all printers as there is never one connected to this laptop
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Try booting in to Save Mode with networking and try to run OTL there.

(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)

If it doesn't want to work then go on with the other steps.
  • 0

#9
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
Hi couldnt get OTL fix to run in safe mode either, Ive uninstalled printer and updated JAVA as well as updating the Intel Chipset Installation Utility (I think)

msconfig wont allow me to tick the box for boot log

here are the other logs
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 98.44 0 K 28 K 0
procexp.exe 1.56 24,444 K 22,048 K 3036 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts < 0.01 0 K 0 K n/a Hardware Interrupts and DPCs
wuauclt.exe 3,032 K 4,620 K 3872 Windows Update Microsoft Corporation (Verified) Microsoft Windows Component Publisher
wmiprvse.exe 1,964 K 5,340 K 3944 WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
wmiapsrv.exe 1,444 K 4,664 K 2160 WMI Performance Adapter Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher
WLTRYSVC.EXE 404 K 1,648 K 1096 (No signature was present in the subject)
WLTRAY.EXE 2,352 K 7,036 K 2436 DW WLAN Card Wireless Network Tray Applet Dell Inc. (No signature was present in the subject) Dell Inc.
winlogon.exe 6,828 K 4,184 K 540 Windows NT Logon Application Microsoft Corporation (Verified) Microsoft Windows Component Publisher
uphclean.exe 588 K 1,356 K 168 User Profile Hive Cleanup Service Windows ® Codename Longhorn DDK provider (No signature was present in the subject) Windows ® Codename Longhorn DDK provider
System 0 K 240 K 4
svchost.exe 3,472 K 5,084 K 776 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,884 K 4,424 K 828 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 17,016 K 27,088 K 868 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2,376 K 3,392 K 908 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,384 K 3,688 K 960 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,700 K 4,088 K 1004 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,308 K 3,876 K 1360 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,040 K 3,012 K 1680 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,032 K 2,980 K 1724 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2,412 K 4,232 K 2028 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 5,424 K 7,216 K 3388 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,756 K 3,552 K 2264 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
spoolsv.exe 3,808 K 5,756 K 1248 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smss.exe 196 K 456 K 464 Windows NT Session Manager Microsoft Corporation (Verified) Microsoft Windows Component Publisher
services.exe 1,912 K 3,608 K 588 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Component Publisher
sched.exe 2,524 K 788 K 1324 Avira Scheduler Avira Operations GmbH & Co. KG (Verified) Avira Operations GmbH & Co. KG
scardsvr.exe 932 K 2,732 K 1304 Smart Card Resource Management Server Microsoft Corporation (Verified) Microsoft Windows Component Publisher
NASvc.exe 2,208 K 4,508 K 1644 NeroUpdate Nero AG (Verified) Nero AG
msiexec.exe 5,472 K 9,588 K 376 Windows® installer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
mDNSResponder.exe 992 K 3,080 K 1468 Bonjour Service Apple Inc. (Verified) Apple Inc.
mbamscheduler.exe 3,272 K 5,696 K 1588 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
lsass.exe 3,816 K 908 K 600 LSA Shell (Export Version) Microsoft Corporation (Verified) Microsoft Windows Component Publisher
jqs.exe 12,196 K 1,404 K 2224 Java Quick Starter Service Oracle Corporation (Verified) Oracle America
GrooveMonitor.exe 2,100 K 6,252 K 2456 GrooveMonitor Utility Microsoft Corporation (Verified) Microsoft Corporation
GoogleUpdate.exe 3,612 K 1,948 K 1652 Google Installer Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 1,872 K 572 K 1760 Google Crash Handler Google Inc. (Verified) Google Inc
explorer.exe 29,632 K 40,472 K 2136 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
DellSystemDetect.exe 118,324 K 113,104 K 2784 Dell System Detect Dell (Verified) Dell Inc.
csrss.exe 1,808 K 5,708 K 512 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Component Publisher
chrome.exe 47,320 K 19,736 K 3028 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 43,828 K 48,840 K 3292 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 64,180 K 60,968 K 3184 Google Chrome Google Inc. (Verified) Google Inc
BCMWLTRY.EXE 3,852 K 8,456 K 1116 DW WLAN Card Wireless Network Controller Dell Inc. (No signature was present in the subject) Dell Inc.
avshadow.exe 612 K 2,664 K 2656 Avira Shadow Copy Service Avira Operations GmbH & Co. KG (Verified) Avira Operations GmbH & Co. KG
avguard.exe 267,288 K 42,412 K 1420 Avira On-Access Service Avira Operations GmbH & Co. KG (Verified) Avira Operations GmbH & Co. KG
avgnt.exe 13,440 K 2,312 K 2444 Avira System Tray Tool Avira Operations GmbH & Co. KG (Verified) Avira Operations GmbH & Co. KG
AppleMobileDeviceService.exe 10,188 K 13,884 K 1440 MobileDeviceService Apple Inc. (Verified) Apple Inc.
alg.exe 1,232 K 3,684 K 3888 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher

Service Pack 311 13 2013 22:25:05.375
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\system32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver ohci1394.sys
Loaded driver \WINDOWS\system32\DRIVERS\1394BUS.SYS
Loaded driver compbatt.sys
Loaded driver \WINDOWS\system32\DRIVERS\BATTC.SYS
Loaded driver pcmcia.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver dmload.sys
Loaded driver dmio.sys
Loaded driver PartMgr.sys
Loaded driver ACPIEC.sys
Loaded driver \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Loaded driver VolSnap.sys
Loaded driver iastor.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Loaded driver fltMgr.sys
Loaded driver sr.sys
Loaded driver PxHelp20.sys
Loaded driver KSecDD.sys
Loaded driver WudfPf.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver Mup.sys
Did not load driver ACPI Multiprocessor PC
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Communications Port
Did not load driver Communications Port
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
Loaded driver \SystemRoot\system32\DRIVERS\bcmwl5.sys
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Loaded driver \SystemRoot\system32\DRIVERS\rimmptsk.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Did not load driver Communications Port
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Loaded driver \SystemRoot\system32\DRIVERS\wmiacpi.sys
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\system32\DRIVERS\psched.sys
Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\system32\DRIVERS\rdpdr.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\update.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver \SystemRoot\System32\Drivers\Fdc.SYS
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver \SystemRoot\System32\Drivers\Flpydisk.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Did not load driver mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys
Did not load driver Wanarp.SYS
Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\System32\drivers\ws2ifsl.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Did not load driver Serial.SYS
Did not load driver intelppm.SYS
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Did not load driver ssmdrv.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Did not load driver Fips.SYS
Did not load driver avkmgr.SYS
Did not load driver avipbb.SYS
Loaded driver \SystemRoot\system32\DRIVERS\usbccgp.sys
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver USB Smart Card reader
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver USB Smart Card reader
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver USB Smart Card reader
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver Mobile Intel® 4 Series Express Chipset Family
Did not load driver USB Smart Card reader
Did not load driver IDT High Definition Audio CODEC
Did not load driver Intel® High Definition Audio HDMI Service
Did not load driver OHCI Compliant IEEE 1394 Host Controller
Did not load driver SDA Standard Compliant SD Host Controller
Did not load driver Communications Port
Did not load driver Microsoft AC Adapter
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Microsoft ACPI-Compliant Control Method Battery
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Loaded driver \SystemRoot\system32\DRIVERS\ndisuio.sys
Did not load driver \SystemRoot\system32\DRIVERS\rdbss.sys
Did not load driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\srv.sys
Did not load driver \SystemRoot\system32\DRIVERS\ipnat.sys
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Let's try OTL again with just one item:

:OTL
[2013/11/12 16:22:56 | 103,912,569 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\캆끅啜6

:Commands
[Reboot]



I want to verify that the Chinese files are the problem.



Your boot log shows it having a problem and repeating the load several times which I suppose explains the delay.

Since we have already tried the Chipset then I think we need to see if there is a BIOS update for your PC and if so install it.
  • 1

Advertisements


#11
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
Ran the last OTL fix and it ran ok however didnt produce any logs, where do I find a BIOS update?
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
On the PC maker's website. Or tell me what make and model PC.
  • 0

#13
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
Hi, sorry for the delay managed to update the Bios to A34 - its a dell E6400 laptop
  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
I notice there are two Intel Chipset Drivers. Did you get this one? 9.1.1.1021,A00

http://www.dell.com/...n&categoryId=CS

Were you able to run OTL with just the one item in the Run Fix?

Can you run a boot log again so we can see if anything has changed? Probably best to delete the old log first if it will let you.
  • 0

#15
Steviep

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts
I've downloaded the one in your link above,yes I ran the OTL fix with the one item and it ran ok but didnt produce logs also the msconfig wont let me tick in the boot box
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP