Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unable to connect to Internet and now PC is really slow

Started by Steviep , Apr 22 2014 12:08 PM

  • Please log in to reply

#1
Steviep
Posted 22 April 2014 - 12:08 PM

Steviep

    Member

  • Member
  • PipPipPip
  • 338 posts

Hi I wonder if someone could help, I tried to use my PC tonight and although it booted up to the home screen I was inable to connect to the internet or open any progs, I restarted in safe mode and managed to run malwarebyes and it found 3 items which it then quarentined these. I can now get access to the internet but PC running really slow. Here is my OTL log:

 

OTL logfile created on: 22/04/2014 18:59:24 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Stevie\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.23% Memory free
3.85 Gb Paging File | 2.94 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.42 Gb Total Space | 15.92 Gb Free Space | 21.39% Space Free | Partition Type: NTFS
 
Computer Name: DELL360 | User Name: Stevie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/04/22 18:58:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Stevie\Desktop\OTL.exe
PRC - [2014/04/15 18:34:02 | 000,180,304 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014/04/15 18:34:02 | 000,122,448 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014/04/02 02:58:05 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/03/29 17:10:29 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2014/03/29 17:10:21 | 000,689,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/03/29 17:10:21 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/12/09 12:37:19 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013/10/30 04:16:32 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2013/10/16 21:09:30 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/29 15:50:52 | 001,734,144 | ---- | M] (AimerSoft) -- C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
PRC - [2012/11/13 15:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 15:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/09/17 06:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012/07/13 17:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/12/12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\WINDOWS\system32\escsvc.exe
PRC - [2011/08/01 10:11:38 | 001,091,984 | ---- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2011/08/01 10:11:36 | 001,592,208 | ---- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
PRC - [2011/08/01 10:11:32 | 000,263,056 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/04/14 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/04/15 18:34:00 | 000,138,320 | ---- | M] () -- C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
MOD - [2014/04/15 18:33:56 | 000,049,744 | ---- | M] () -- C:\Documents and Settings\Stevie\Local Settings\temp\avgnt.exe\Avira.OE.ExtApi.dll
MOD - [2014/04/15 18:33:48 | 000,064,592 | ---- | M] () -- C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
MOD - [2014/04/02 02:58:03 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppgooglenaclpluginchrome.dll
MOD - [2014/04/02 02:57:59 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll
MOD - [2014/04/02 02:57:52 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
MOD - [2014/04/02 02:57:49 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/12/09 12:37:21 | 000,394,808 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/11/13 15:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 15:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 15:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 15:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/08/23 10:38:24 | 000,574,840 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
MOD - [2010/11/02 08:33:58 | 000,886,272 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2014/04/20 10:33:14 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/15 18:34:02 | 000,122,448 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014/03/29 17:10:29 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/03/29 17:10:22 | 001,017,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2014/03/29 17:10:21 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/10/30 04:16:32 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2013/10/16 21:09:30 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/17 06:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012/07/13 17:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/12/12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\WINDOWS\system32\escsvc.exe -- (EpsonScanSvc)
SRV - [2011/08/01 10:11:38 | 001,091,984 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2011/08/01 10:11:36 | 001,592,208 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe -- (WDFMEService)
SRV - [2011/08/01 10:11:32 | 000,263,056 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe -- (WDDMService)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/06/11 14:58:08 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\TrueSight.sys -- (TrueSight)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - [2013/12/09 12:37:21 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013/12/09 12:37:19 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/12/09 12:37:18 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/12/09 12:37:18 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/10/30 04:16:30 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013/03/25 10:46:36 | 000,027,496 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VirtualAudio.sys -- (WsAudio_Device)
DRV - [2012/08/26 13:56:17 | 000,121,248 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012/05/14 07:12:12 | 000,103,040 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011/11/10 04:42:12 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011/02/16 17:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/11/04 20:36:03 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/10/04 09:34:20 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/06/19 18:52:30 | 000,176,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\k57xp32.sys -- (k57w2k)
DRV - [2008/04/14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/03/28 11:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2008/03/06 19:42:14 | 000,530,944 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/08/07 01:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/07/20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/04/26 05:42:16 | 000,045,696 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007/03/20 11:33:26 | 000,028,672 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{BF6ECD4B-F767-45E8-8E28-2628ABD50234}: "URL" = http://www.google.co...g}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{BF6ECD4B-F767-45E8-8E28-2628ABD50234}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2012/11/08 21:32:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Stevie\Application Data\Mozilla\Firefox\extensions
[2012/11/08 21:32:57 | 000,000,000 | ---D | M] (BitTorrentControl_v12) -- C:\Documents and Settings\Stevie\Application Data\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
[2013/09/08 22:16:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/10/31 00:04:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-4300-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (AimerSoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} https://fixit.suppor...FixItClient.CAB (FixItClient Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1240353057735 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1350221284562 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.c...stem/iCloud.cab (iCloud Web App Plugin)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94A1732D-8D17-4CCA-B27F-9F22AC0E7875}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Program Files\Power Video Converter\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:AutorunsDisabled () - 
O24 - Desktop WallPaper: C:\Documents and Settings\Stevie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: 
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\msnlnamespacemgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/21 23:02:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/22 18:58:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Stevie\Desktop\OTL.exe
[2014/04/22 18:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Desktop\RK_Quarantine
[2014/04/21 12:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Application Data\Aimersoft Video Converter Ultimate
[2014/04/21 12:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2014/04/21 12:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/04/21 12:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/04/21 12:44:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2014/04/21 12:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2014/04/21 12:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Videos
[2014/04/21 12:24:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\My Documents\Aimersoft Video Converter Ultimate
[2014/04/21 12:24:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Application Data\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
[2014/04/21 12:24:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Local Settings\Application Data\Aimersoft
[2014/04/21 12:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Aimersoft
[2014/04/21 12:23:32 | 000,027,496 | ---- | C] (Wondershare) -- C:\WINDOWS\System32\drivers\VirtualAudio.sys
[2014/04/21 12:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Aimersoft Video Converter Ultimate
[2014/04/21 12:23:03 | 000,000,000 | ---D | C] -- C:\Program Files\Aimersoft
[2014/04/21 12:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Aimersoft
[2014/04/21 12:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Desktop\iPlayer Recordings
[2014/04/21 11:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Application Data\BBCiPlayerDownloads
[2014/04/21 11:35:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Start Menu\Programs\BBC iPlayer
[2014/04/21 11:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Local Settings\Application Data\BBC
[2014/04/20 10:33:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2014/04/08 20:50:08 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/08 20:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/08 20:49:49 | 000,050,648 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/04/08 20:49:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/04/07 19:00:55 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/07 18:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stevie\Application Data\Uninstaller Tool(Comodo Forums)
[2014/04/03 22:43:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2014/04/03 22:43:11 | 004,413,904 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Documents and Settings\Stevie\Desktop\avira_en_av___ws.exe
[2014/03/29 14:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2014/03/29 11:20:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\WINDOWS\System32\
[2014/04/22 18:58:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Stevie\Desktop\OTL.exe
[2014/04/22 18:57:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/04/22 18:55:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/22 18:46:16 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C45D3254-C5F2-4164-8186-CF660410A378}.job
[2014/04/22 18:31:49 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/22 18:29:08 | 003,972,608 | ---- | M] () -- C:\Documents and Settings\Stevie\Desktop\RogueKiller.exe
[2014/04/21 14:12:35 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Stevie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/04/21 12:53:28 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2014/04/21 11:35:42 | 000,001,091 | ---- | M] () -- C:\Documents and Settings\Stevie\Desktop\BBC iPlayer Downloads.lnk
[2014/04/20 10:33:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/04/20 10:33:14 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/04/20 10:33:14 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/04/17 17:01:11 | 000,000,858 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira.lnk
[2014/04/17 16:54:26 | 005,028,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/04/11 18:56:07 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/04/08 20:49:55 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/06 21:33:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/06 21:33:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd685145978ed4.job
[2014/04/03 22:43:12 | 004,413,904 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Documents and Settings\Stevie\Desktop\avira_en_av___ws.exe
[2014/04/03 09:51:06 | 000,050,648 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/04/03 09:50:56 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/04/01 21:31:34 | 000,612,664 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/04/01 21:31:34 | 000,124,716 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/03/27 23:06:08 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
 
========== Files Created - No Company Name ==========
 
File not found -- C:\WINDOWS\System32\
[2014/04/22 18:29:04 | 003,972,608 | ---- | C] () -- C:\Documents and Settings\Stevie\Desktop\RogueKiller.exe
[2014/04/21 12:53:28 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2014/04/21 12:23:34 | 000,214,528 | ---- | C] () -- C:\WINDOWS\System32\AiCM32.dll
[2014/04/21 11:35:42 | 000,001,091 | ---- | C] () -- C:\Documents and Settings\Stevie\Desktop\BBC iPlayer Downloads.lnk
[2014/04/17 17:01:11 | 000,000,858 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira.lnk
[2014/04/08 20:49:55 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/15 22:19:10 | 000,010,498 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\lpm.dat
[2013/10/16 22:30:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2013/08/18 14:46:35 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2013/04/30 18:25:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2013/04/30 18:20:45 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Spacious
[2013/04/30 18:20:45 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Stevie\Application Data\Sound Effects
[2013/04/30 18:20:45 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT
[2013/04/30 18:20:44 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Space Choir
[2013/04/30 18:20:44 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Soundtrack
[2013/04/30 18:20:44 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Stevie\Application Data\Solid Colors
[2013/04/30 18:20:44 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Stevie\Application Data\Smooth Strings
[2013/04/30 18:20:44 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT
[2013/04/30 18:20:44 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT
[2013/03/17 22:02:58 | 003,715,202 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2000478354-963894560-682003330-1003-0.dat
[2013/03/10 20:54:20 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E8FEA67A3C.sys
[2013/01/20 14:03:38 | 000,564,618 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/10/22 19:50:11 | 000,303,104 | ---- | C] () -- C:\WINDOWS\emunist.exe
[2012/10/22 19:50:10 | 000,001,588 | ---- | C] () -- C:\WINDOWS\TVEpaDrv.ini
[2012/10/22 18:57:51 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011/05/02 21:46:31 | 000,000,096 | ---- | C] () -- C:\Documents and Settings\Stevie\.asadminpass
[2011/01/03 13:22:49 | 000,000,291 | ---- | C] () -- C:\Documents and Settings\Stevie\Application Data\iPod Access v4 Prefs
[2011/01/03 13:21:24 | 000,000,052 | -H-- | C] () -- C:\Documents and Settings\Stevie\Application Data\iPodAccessv4_OwnerName
[2011/01/03 13:21:24 | 000,000,052 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\iPodAccessv4_OwnerName
[2011/01/03 13:19:41 | 000,000,009 | -H-- | C] () -- C:\Documents and Settings\Stevie\Application Data\iPodAccess_Time
[2010/11/03 17:51:27 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2010/09/30 22:37:43 | 001,014,870 | ---- | C] () -- C:\Documents and Settings\Stevie\Local Settings\Application Data\[j0012]-[p01].bmp
[2010/08/25 14:56:52 | 000,005,018 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/03/04 23:41:26 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\Stevie\.recently-used.xbel
[2010/02/02 20:23:52 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Stevie\Application Data\$_hpcst$.hpc
[2009/10/04 09:44:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/05/02 10:29:56 | 000,000,249 | ---- | C] () -- C:\Documents and Settings\Stevie\default.pls
[2009/05/01 16:42:20 | 000,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/04/22 18:49:15 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Stevie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/03/03 00:04:03 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
< End of report >
 

  • 0

Advertisements

#2
RKinner
Posted 24 April 2014 - 08:45 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

OK.  Giving you a lot to do.  Probably best to post the logs as you get them rather than wait until you have them all.

 

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 

 

Get the free version of Speccy:

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.

 

 

Start, Run, eventvwr.msc, OK to bring up the Event Viewer.  Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwareremoval.com/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.
 


  • 0

#3
Steviep
Posted 25 April 2014 - 01:59 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

Thanks for your help, here are the logs (I'll post as I get them

 

# AdwCleaner v3.202 - Report created 25/04/2014 at 08:55:27
# Updated 23/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Stevie - DELL360
# Running from : C:\Documents and Settings\Stevie\Desktop\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Google Chrome v34.0.1847.116
 
[ File : C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [812 octets] - [29/03/2014 11:20:42]
AdwCleaner[R1].txt - [1272 octets] - [22/04/2014 18:53:05]
AdwCleaner[R2].txt - [1054 octets] - [25/04/2014 08:54:25]
AdwCleaner[S0].txt - [872 octets] - [29/03/2014 11:21:33]
AdwCleaner[S1].txt - [1339 octets] - [22/04/2014 18:54:34]
AdwCleaner[S2].txt - [977 octets] - [25/04/2014 08:55:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1036 octets] ##########

  • 0

#4
Steviep
Posted 25 April 2014 - 02:04 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Stevie on 25/04/2014 at  9:00:58.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\apn"
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/04/2014 at  9:03:30.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#5
Steviep
Posted 25 April 2014 - 02:07 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014
Ran by Stevie (administrator) on DELL360 on 25-04-2014 09:05:04
Running from C:\Documents and Settings\Stevie\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(AimerSoft) C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\EscSvc.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [180304 2014-04-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1734144 2013-05-29] (AimerSoft)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {BF6ECD4B-F767-45E8-8E28-2628ABD50234} URL = https://www.google.c...q={searchTerms}
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} https://fixit.suppor...FixItClient.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1240353057735
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.c...stem/iCloud.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Program Files\Power Video Converter\msdxm.ocx (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\msnlnamespacemgr.dll [304128 2008-05-26] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, http://www.openssl.org/)
 
Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (Google Docs) - C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-31]
CHR Extension: (Google Drive) - C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-31]
CHR Extension: (YouTube) - C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-31]
CHR Extension: (Google Search) - C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-31]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-31]
CHR Extension: (Gmail) - C:\Documents and Settings\Stevie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-31]
 
========================== Services (Whitelisted) =================
 
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AdobeActiveFileMonitor7.0; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-09-16] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-03-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-29] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-03-29] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [122448 2014-04-15] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S2 gupdate1c9c4557151c6be; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-04-23] (Google Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-16] (Oracle Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [121248 2012-08-26] (SlySoft, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [90400 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [135648 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-10-30] ()
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
R3 k57w2k; C:\WINDOWS\System32\DRIVERS\k57xp32.sys [176640 2008-06-19] (Broadcom Corporation)
S3 libusb0; C:\WINDOWS\System32\drivers\libusb0.sys [28672 2007-03-20] (http://libusb-win32.sourceforge.net)
S3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R0 SFAUDIO; C:\WINDOWS\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [721904 2009-11-04] ()
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2009-10-04] ()
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [530944 2008-03-06] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [45696 2007-04-26] (eMPIA Technology, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\System32\drivers\VirtualAudio.sys [27496 2013-03-25] (Wondershare)
S4 cerc6; No ImagePath
S4 IntelIde; No ImagePath
S4 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
U3 TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
Error(0) reading file: "C:\WINDOWS\system32\ "
2014-04-25 09:05 - 2014-04-25 09:05 - 00016053 _____ () C:\Documents and Settings\Stevie\Desktop\FRST.txt
2014-04-25 09:04 - 2014-04-25 09:04 - 01048576 _____ (Farbar) C:\Documents and Settings\Stevie\Desktop\FRST.exe
2014-04-25 09:04 - 2014-04-25 09:04 - 00000000 ____D () C:\Documents and Settings\Stevie\Desktop\FRST-OlderVersion
2014-04-25 09:03 - 2014-04-25 09:03 - 00000675 _____ () C:\Documents and Settings\Stevie\Desktop\JRT.txt
2014-04-25 08:53 - 2014-04-25 08:53 - 00061440 _____ ( ) C:\Documents and Settings\Stevie\Desktop\VEW.exe
2014-04-25 08:52 - 2014-04-25 08:53 - 05126104 _____ (Piriform Ltd) C:\Documents and Settings\Stevie\Desktop\spsetup122.exe
2014-04-25 08:50 - 2014-04-25 08:52 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Stevie\Desktop\procexp.exe
2014-04-25 08:50 - 2014-04-25 08:50 - 01016261 _____ (Thisisu) C:\Documents and Settings\Stevie\Desktop\JRT.exe
2014-04-25 08:49 - 2014-04-25 08:49 - 01365865 _____ () C:\Documents and Settings\Stevie\Desktop\AdwCleaner (1).exe
2014-04-22 19:04 - 2014-04-22 19:04 - 00075404 _____ () C:\Documents and Settings\Stevie\Desktop\OTL.Txt
2014-04-22 19:04 - 2014-04-22 19:04 - 00070938 _____ () C:\Documents and Settings\Stevie\Desktop\Extras.Txt
2014-04-22 18:58 - 2014-04-22 18:58 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Stevie\Desktop\OTL.exe
2014-04-22 18:30 - 2014-04-22 18:30 - 00001930 _____ () C:\Documents and Settings\Stevie\Desktop\RKreport[0]_D_04222014_183048.txt
2014-04-22 18:30 - 2014-04-22 18:30 - 00001847 _____ () C:\Documents and Settings\Stevie\Desktop\RKreport[0]_S_04222014_183044.txt
2014-04-22 18:29 - 2014-04-22 18:30 - 00000000 ____D () C:\Documents and Settings\Stevie\Desktop\RK_Quarantine
2014-04-22 18:29 - 2014-04-22 18:29 - 03972608 _____ () C:\Documents and Settings\Stevie\Desktop\RogueKiller.exe
2014-04-21 12:58 - 2014-04-21 12:58 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\Aimersoft Video Converter Ultimate
2014-04-21 12:53 - 2014-04-21 12:53 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-04-21 12:53 - 2014-04-21 12:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-04-21 12:52 - 2014-04-21 12:53 - 00000000 ____D () C:\Program Files\iTunes
2014-04-21 12:52 - 2014-04-21 12:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-04-21 12:44 - 2014-04-21 12:45 - 00000000 ____D () C:\Program Files\QuickTime
2014-04-21 12:44 - 2014-04-21 12:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-04-21 12:24 - 2014-04-21 12:27 - 00000000 ____D () C:\Documents and Settings\Stevie\My Documents\Aimersoft Video Converter Ultimate
2014-04-21 12:24 - 2014-04-21 12:24 - 00000000 ____D () C:\Documents and Settings\Stevie\Local Settings\Application Data\Aimersoft
2014-04-21 12:24 - 2014-04-21 12:24 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-04-21 12:23 - 2014-04-21 14:15 - 00000000 ____D () C:\Program Files\Aimersoft
2014-04-21 12:23 - 2014-04-21 12:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Aimersoft Video Converter Ultimate
2014-04-21 12:23 - 2014-04-21 12:23 - 00000000 ____D () C:\Program Files\Common Files\Aimersoft
2014-04-21 12:23 - 2013-08-07 14:31 - 00214528 _____ () C:\WINDOWS\system32\AiCM32.dll
2014-04-21 12:23 - 2013-03-25 10:46 - 00027496 _____ (Wondershare) C:\WINDOWS\system32\Drivers\VirtualAudio.sys
2014-04-21 12:22 - 2014-04-21 12:22 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\Aimersoft
2014-04-21 12:01 - 2014-04-21 12:04 - 00000000 ____D () C:\Documents and Settings\Stevie\Desktop\iPlayer Recordings
2014-04-21 11:35 - 2014-04-21 11:35 - 00001091 _____ () C:\Documents and Settings\Stevie\Desktop\BBC iPlayer Downloads.lnk
2014-04-21 11:35 - 2014-04-21 11:35 - 00000000 ____D () C:\Documents and Settings\Stevie\Start Menu\Programs\BBC iPlayer
2014-04-21 11:35 - 2014-04-21 11:35 - 00000000 ____D () C:\Documents and Settings\Stevie\Local Settings\Application Data\BBC
2014-04-20 10:33 - 2014-04-20 10:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-04-17 17:01 - 2014-04-17 17:01 - 00000858 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk
2014-04-08 20:50 - 2014-04-22 18:31 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 20:49 - 2014-04-08 20:49 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-08 20:49 - 2014-04-08 20:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-08 20:49 - 2014-04-08 20:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-08 20:49 - 2014-04-03 09:51 - 00050648 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-07 19:00 - 2014-04-25 09:05 - 00000000 ____D () C:\FRST
2014-04-07 18:43 - 2014-04-07 18:43 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\Uninstaller Tool(Comodo Forums)
2014-04-03 22:43 - 2014-04-18 13:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-04-03 22:43 - 2014-04-03 22:43 - 04413904 _____ (Avira Operations GmbH & Co. KG) C:\Documents and Settings\Stevie\Desktop\avira_en_av___ws.exe
2014-03-29 14:07 - 2014-04-17 17:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira
2014-03-29 11:20 - 2014-04-25 08:55 - 00000000 ____D () C:\AdwCleaner
2014-03-27 18:06 - 2014-03-27 18:06 - 00004192 _____ () C:\WINDOWS\KB2930275.log
2014-03-27 18:06 - 2014-03-27 18:06 - 00003675 _____ () C:\WINDOWS\KB2916036.log
2014-03-27 18:06 - 2014-03-27 18:06 - 00003673 _____ () C:\WINDOWS\KB2929961.log
2014-03-27 16:23 - 2014-03-27 16:23 - 00002777 _____ () C:\Documents and Settings\Administrator\Local Settings\HOW_DECRYPT.HTML
2014-03-27 16:23 - 2014-03-27 16:23 - 00002777 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\HOW_DECRYPT.HTML
2014-03-27 16:23 - 2014-03-27 16:23 - 00002777 _____ () C:\Documents and Settings\Administrator\HOW_DECRYPT.HTML
2014-03-27 16:23 - 2014-03-27 16:23 - 00001261 _____ () C:\Documents and Settings\Administrator\Local Settings\HOW_DECRYPT.TXT
2014-03-27 16:23 - 2014-03-27 16:23 - 00001261 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\HOW_DECRYPT.TXT
2014-03-27 16:23 - 2014-03-27 16:23 - 00001261 _____ () C:\Documents and Settings\Administrator\HOW_DECRYPT.TXT
2014-03-27 16:23 - 2014-03-27 16:23 - 00000133 _____ () C:\Documents and Settings\Administrator\Local Settings\HOW_DECRYPT.URL
2014-03-27 16:23 - 2014-03-27 16:23 - 00000133 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\HOW_DECRYPT.URL
2014-03-27 16:23 - 2014-03-27 16:23 - 00000133 _____ () C:\Documents and Settings\Administrator\HOW_DECRYPT.URL
2014-03-27 16:22 - 2014-03-27 16:22 - 00002777 _____ () C:\Documents and Settings\Administrator\Application Data\HOW_DECRYPT.HTML
2014-03-27 16:22 - 2014-03-27 16:22 - 00001261 _____ () C:\Documents and Settings\Administrator\Application Data\HOW_DECRYPT.TXT
2014-03-27 16:22 - 2014-03-27 16:22 - 00000133 _____ () C:\Documents and Settings\Administrator\Application Data\HOW_DECRYPT.URL
 
==================== One Month Modified Files and Folders =======
 
2014-04-25 09:05 - 2014-04-25 09:05 - 00016053 _____ () C:\Documents and Settings\Stevie\Desktop\FRST.txt
2014-04-25 09:05 - 2014-04-07 19:00 - 00000000 ____D () C:\FRST
2014-04-25 09:04 - 2014-04-25 09:04 - 01048576 _____ (Farbar) C:\Documents and Settings\Stevie\Desktop\FRST.exe
2014-04-25 09:04 - 2014-04-25 09:04 - 00000000 ____D () C:\Documents and Settings\Stevie\Desktop\FRST-OlderVersion
2014-04-25 09:03 - 2014-04-25 09:03 - 00000675 _____ () C:\Documents and Settings\Stevie\Desktop\JRT.txt
2014-04-25 08:58 - 2008-04-14 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-04-25 08:57 - 2009-05-01 19:20 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-04-25 08:57 - 2009-05-01 19:20 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-04-25 08:56 - 2009-04-21 23:06 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-25 08:55 - 2014-03-29 11:20 - 00000000 ____D () C:\AdwCleaner
2014-04-25 08:55 - 2014-01-24 22:58 - 00718616 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-25 08:55 - 2013-03-18 10:43 - 00458752 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2014-04-25 08:55 - 2013-01-20 14:03 - 00564618 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-04-25 08:55 - 2009-04-21 23:06 - 00032542 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-25 08:55 - 2009-04-21 23:06 - 00000278 ___SH () C:\Documents and Settings\Stevie\ntuser.ini
2014-04-25 08:55 - 2009-04-21 23:06 - 00000000 ____D () C:\Documents and Settings\Stevie
2014-04-25 08:53 - 2014-04-25 08:53 - 00061440 _____ ( ) C:\Documents and Settings\Stevie\Desktop\VEW.exe
2014-04-25 08:53 - 2014-04-25 08:52 - 05126104 _____ (Piriform Ltd) C:\Documents and Settings\Stevie\Desktop\spsetup122.exe
2014-04-25 08:52 - 2014-04-25 08:50 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Stevie\Desktop\procexp.exe
2014-04-25 08:50 - 2014-04-25 08:50 - 01016261 _____ (Thisisu) C:\Documents and Settings\Stevie\Desktop\JRT.exe
2014-04-25 08:49 - 2014-04-25 08:49 - 01365865 _____ () C:\Documents and Settings\Stevie\Desktop\AdwCleaner (1).exe
2014-04-25 08:49 - 2009-06-05 20:03 - 00000424 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{C45D3254-C5F2-4164-8186-CF660410A378}.job
2014-04-22 21:57 - 2009-04-21 23:00 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-04-22 19:04 - 2014-04-22 19:04 - 00075404 _____ () C:\Documents and Settings\Stevie\Desktop\OTL.Txt
2014-04-22 19:04 - 2014-04-22 19:04 - 00070938 _____ () C:\Documents and Settings\Stevie\Desktop\Extras.Txt
2014-04-22 18:58 - 2014-04-22 18:58 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Stevie\Desktop\OTL.exe
2014-04-22 18:40 - 2009-04-21 23:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960225$
2014-04-22 18:31 - 2014-04-08 20:50 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-22 18:30 - 2014-04-22 18:30 - 00001930 _____ () C:\Documents and Settings\Stevie\Desktop\RKreport[0]_D_04222014_183048.txt
2014-04-22 18:30 - 2014-04-22 18:30 - 00001847 _____ () C:\Documents and Settings\Stevie\Desktop\RKreport[0]_S_04222014_183044.txt
2014-04-22 18:30 - 2014-04-22 18:29 - 00000000 ____D () C:\Documents and Settings\Stevie\Desktop\RK_Quarantine
2014-04-22 18:29 - 2014-04-22 18:29 - 03972608 _____ () C:\Documents and Settings\Stevie\Desktop\RogueKiller.exe
2014-04-21 14:15 - 2014-04-21 12:23 - 00000000 ____D () C:\Program Files\Aimersoft
2014-04-21 14:15 - 2014-02-16 22:00 - 00014011 _____ () C:\WINDOWS\setupapi.log
2014-04-21 14:13 - 2009-05-19 18:53 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\vlc
2014-04-21 14:12 - 2009-04-22 18:49 - 00026112 _____ () C:\Documents and Settings\Stevie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-21 12:58 - 2014-04-21 12:58 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\Aimersoft Video Converter Ultimate
2014-04-21 12:54 - 2014-04-21 12:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Aimersoft Video Converter Ultimate
2014-04-21 12:53 - 2014-04-21 12:53 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-04-21 12:53 - 2014-04-21 12:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-04-21 12:53 - 2014-04-21 12:52 - 00000000 ____D () C:\Program Files\iTunes
2014-04-21 12:53 - 2014-04-21 12:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-04-21 12:52 - 2011-11-11 17:59 - 00000000 ____D () C:\Program Files\iPod
2014-04-21 12:52 - 2009-04-23 21:15 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-21 12:45 - 2014-04-21 12:44 - 00000000 ____D () C:\Program Files\QuickTime
2014-04-21 12:44 - 2014-04-21 12:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-04-21 12:27 - 2014-04-21 12:24 - 00000000 ____D () C:\Documents and Settings\Stevie\My Documents\Aimersoft Video Converter Ultimate
2014-04-21 12:24 - 2014-04-21 12:24 - 00000000 ____D () C:\Documents and Settings\Stevie\Local Settings\Application Data\Aimersoft
2014-04-21 12:24 - 2014-04-21 12:24 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-04-21 12:23 - 2014-04-21 12:23 - 00000000 ____D () C:\Program Files\Common Files\Aimersoft
2014-04-21 12:22 - 2014-04-21 12:22 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\Aimersoft
2014-04-21 12:04 - 2014-04-21 12:01 - 00000000 ____D () C:\Documents and Settings\Stevie\Desktop\iPlayer Recordings
2014-04-21 11:35 - 2014-04-21 11:35 - 00001091 _____ () C:\Documents and Settings\Stevie\Desktop\BBC iPlayer Downloads.lnk
2014-04-21 11:35 - 2014-04-21 11:35 - 00000000 ____D () C:\Documents and Settings\Stevie\Start Menu\Programs\BBC iPlayer
2014-04-21 11:35 - 2014-04-21 11:35 - 00000000 ____D () C:\Documents and Settings\Stevie\Local Settings\Application Data\BBC
2014-04-20 10:33 - 2014-04-20 10:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-04-20 10:33 - 2012-07-22 20:00 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-20 10:33 - 2012-07-22 20:00 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-20 10:33 - 2012-03-18 20:31 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-04-20 10:33 - 2009-05-31 19:18 - 00000000 ____D () C:\Documents and Settings\Stevie\Local Settings\Application Data\Adobe
2014-04-18 13:44 - 2009-04-21 23:01 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-04-18 13:10 - 2014-04-03 22:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-04-17 23:01 - 2013-03-17 22:02 - 03715202 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2000478354-963894560-682003330-1003-0.dat
2014-04-17 17:01 - 2014-04-17 17:01 - 00000858 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk
2014-04-17 17:01 - 2014-03-29 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira
2014-04-17 17:01 - 2011-05-31 22:46 - 00000000 ____D () C:\Program Files\Avira
2014-04-17 16:55 - 2009-04-23 21:49 - 00160024 ____C () C:\Documents and Settings\Stevie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-04-17 16:54 - 2009-04-21 23:51 - 05028272 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-15 21:41 - 2011-05-01 18:01 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-04-15 21:40 - 2009-04-21 22:59 - 00000000 ____D () C:\WINDOWS\Registration
2014-04-11 18:56 - 2013-10-31 23:11 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-04-09 19:43 - 2010-03-02 23:24 - 00000000 ____D () C:\Program Files\ESET
2014-04-08 20:49 - 2014-04-08 20:49 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-08 20:49 - 2014-04-08 20:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-08 20:49 - 2014-04-08 20:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-08 20:49 - 2009-04-22 07:50 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\Malwarebytes
2014-04-08 20:49 - 2009-04-22 07:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-07 18:43 - 2014-04-07 18:43 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\Uninstaller Tool(Comodo Forums)
2014-04-06 21:33 - 2012-07-22 22:30 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd685145978ed4.job
2014-04-06 21:33 - 2009-07-01 22:41 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 22:43 - 2014-04-03 22:43 - 04413904 _____ (Avira Operations GmbH & Co. KG) C:\Documents and Settings\Stevie\Desktop\avira_en_av___ws.exe
2014-04-03 22:43 - 2011-05-01 17:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira
2014-04-03 09:51 - 2014-04-08 20:49 - 00050648 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2010-11-03 23:31 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-01 21:31 - 2009-04-21 23:52 - 00752666 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-27 23:06 - 2011-04-13 22:50 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-27 19:17 - 2011-07-02 10:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2541763$
2014-03-27 18:06 - 2014-03-27 18:06 - 00004192 _____ () C:\WINDOWS\KB2930275.log
2014-03-27 18:06 - 2014-03-27 18:06 - 00003675 _____ () C:\WINDOWS\KB2916036.log
2014-03-27 18:06 - 2014-03-27 18:06 - 00003673 _____ () C:\WINDOWS\KB2929961.log
2014-03-27 17:23 - 2011-05-02 21:30 - 00000000 ____D () C:\glassfish3
2014-03-27 17:14 - 2010-09-28 18:31 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\PC Suite
2014-03-27 16:39 - 2009-04-22 07:56 - 00000000 ____D () C:\OFFICE2003-CUSTOM
2014-03-27 16:31 - 2012-10-14 15:40 - 00000000 ____D () C:\AMD
2014-03-27 16:28 - 2010-08-23 18:09 - 00000000 ____D () C:\ATI
2014-03-27 16:28 - 2009-12-24 02:56 - 00000000 ____D () C:\v2d
2014-03-27 16:28 - 2009-04-21 23:02 - 00000000 ____D () C:\DELL
2014-03-27 16:27 - 2013-09-11 18:50 - 00000000 ____D () C:\Documents and Settings\Stevie\Application Data\PhotoCollageMax
2014-03-27 16:24 - 2009-07-12 23:46 - 00000000 ____D () C:\1fffe9804ec5f40fa0c6a745c411d3f0
2014-03-27 16:23 - 2014-03-27 16:23 - 00002777 _____ () C:\Documents and Settings\Administrator\Local Settings\HOW_DECRYPT.HTML
2014-03-27 16:23 - 2014-03-27 16:23 - 00002777 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\HOW_DECRYPT.HTML
2014-03-27 16:23 - 2014-03-27 16:23 - 00002777 _____ () C:\Documents and Settings\Administrator\HOW_DECRYPT.HTML
2014-03-27 16:23 - 2014-03-27 16:23 - 00001261 _____ () C:\Documents and Settings\Administrator\Local Settings\HOW_DECRYPT.TXT
2014-03-27 16:23 - 2014-03-27 16:23 - 00001261 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\HOW_DECRYPT.TXT
2014-03-27 16:23 - 2014-03-27 16:23 - 00001261 _____ () C:\Documents and Settings\Administrator\HOW_DECRYPT.TXT
2014-03-27 16:23 - 2014-03-27 16:23 - 00000133 _____ () C:\Documents and Settings\Administrator\Local Settings\HOW_DECRYPT.URL
2014-03-27 16:23 - 2014-03-27 16:23 - 00000133 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\HOW_DECRYPT.URL
2014-03-27 16:23 - 2014-03-27 16:23 - 00000133 _____ () C:\Documents and Settings\Administrator\HOW_DECRYPT.URL
2014-03-27 16:23 - 2011-12-26 19:26 - 00000000 ___SD () C:\Documents and Settings\Administrator
2014-03-27 16:23 - 2011-12-26 19:26 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Western Digital
2014-03-27 16:22 - 2014-03-27 16:22 - 00002777 _____ () C:\Documents and Settings\Administrator\Application Data\HOW_DECRYPT.HTML
2014-03-27 16:22 - 2014-03-27 16:22 - 00001261 _____ () C:\Documents and Settings\Administrator\Application Data\HOW_DECRYPT.TXT
2014-03-27 16:22 - 2014-03-27 16:22 - 00000133 _____ () C:\Documents and Settings\Administrator\Application Data\HOW_DECRYPT.URL
 
Some content of TEMP:
====================
C:\Documents and Settings\Stevie\Local Settings\temp\avgnt.exe
C:\Documents and Settings\Stevie\Local Settings\temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2014
Ran by Stevie at 2014-04-25 09:05:28
Running from C:\Documents and Settings\Stevie\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
 
==================== Installed Programs ======================
 
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.00.631.5823 - ABBYY) Hidden
AC-3 ACM Codec (HKLM\...\AC3ACM) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 11 (HKLM\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (HKLM\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (Version: 7.0.0.3 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.04) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D58AFD19-6736-A938-154A-EABEA741D2CC}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.1.3.0 - SlySoft)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{c13d72f9-bcdd-4c16-a942-7373a528171e}) (Version: 1.0.5218.31571 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.0.5218.31571 - Avira Operations GmbH & Co. KG) Hidden
BBC iPlayer Downloads (HKLM\...\{E7C9165A-50C1-40E4-B11F-41FC1553D7FD}) (Version: 1.7.3 - BBC)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{9AF0B106-56F1-461B-A270-95BC1682E282}) (Version: 11.21.01 - Broadcom Corporation)
calibre (HKLM\...\{E25A469A-2E07-40F5-8B9E-C13B1358A431}) (Version: 1.16.0 - Kovid Goyal)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2011.1109.2145.39010 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CCScore (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
CloneDVD2 (HKLM\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
CloneDVDmobile (HKLM\...\CloneDVDmobile) (Version: 1.9.0.1 - SlySoft)
Contents (Version: 1.6.2.36 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.2.36 - Corel Corporation)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
DeviceIO (Version: 1.6.2.36 - Corel Corporation) Hidden
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.7 - Dropbox, Inc.)
Elements 11 Organizer (Version: 11.0 - Adobe Systems Incorporated) Hidden
Epson Easy Photo Print 2 (HKLM\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESSBrwr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
ESSTOOLS (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
Free FLAC to MP3 Converter 1.0 (HKLM\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version:  - PolySoft Solutions)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM\...\{9578C0CD-8108-4379-9026-4601F59859A0}) (Version: 4.2.180.1134 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
ICA (Version: 1.6.2.36 - Corel Corporation) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
IPM_VS_Pro (Version: 13.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 4.7.5 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 4.7.5 - )
KODAK EASYSHARE Gallery Upload ActiveX Control (HKLM\...\OfotoEZUpload) (Version:  - )
LightScribe  1.4.136.1 (Version: 1.4.136.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version:  - Microsoft Corporation)
Microsoft WSE 3.0 (HKLM\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
MLE (Version: 1.0.0.23 - Corel Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Nero 12 (HKLM\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero 12 Content Pack (HKLM\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG)
Nero Abstract Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (Version: 12.0.2001 - Nero AG) Hidden
Nero BackItUp Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Cliparts (Version: 12.0.11500 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus 1 (Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 2 (Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 3 (Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Express (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero Family and Events Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero Football (Soccer) Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero Holiday and Sports Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero Image Samples (Version: 12.0.11500 - Nero AG) Hidden
Nero Kwik Media (Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects 1 (Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Platinum Effects 12 (Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Retro Film Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero Video Samples (Version: 12.0.11500 - Nero AG) Hidden
Nero Video Transitions 1 (Version: 12.0.11500 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
netbrdg (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
Network Guide EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series Netg) (Version:  - )
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
OfotoXMI (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Photo Collage Max (HKLM\...\PhotoCollageMax) (Version: 2.2.2.8 - )
Picture Collage Maker Pro 3.2.0 (HKLM\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version:  - PearlMountain Technology Co., Ltd)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.2.00.03250 - Sony Corporation)
PowerISO (HKLM\...\PowerISO) (Version:  - )
Prerequisite installer (Version: 12.0.0002 - Nero AG) Hidden
PSE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RescuePRO Deluxe 5.1.2.7 (HKLM\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 5.1.2.7 - LC Technology International, Inc.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Central (Version: 4.5.0 - Roxio) Hidden
Roxio Video Capture USB Driver (HKLM\...\TVEpaDrv) (Version:  - )
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Setup (Version: 1.6.2.36 - Corel Corporation) Hidden
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Share (Version: 1.6.2.36 - Corel Corporation) Hidden
SHASTA (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
skin0001 (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (Version: 5.1.6 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.8.0 - SmartSound Software Inc) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.7255 - Analog Devices)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
staticcr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Syncios version 2.1.3 (HKLM\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 2.1.3 - Anvsoft, Inc.)
The Lord of the Rings FREE Trial  (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version:  - Microsoft)
Update for Windows Internet Explorer 8 (KB971180) (HKLM\...\KB971180-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
User's Guide EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series Useg) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VIO (Version: 1.6.2.36 - Corel Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VPRINTOL (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
VSClassic (Version: 1.6.2.36 - Corel Corporation) Hidden
VSPro (Version: 1.6.2.36 - Corel Corporation) Hidden
WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
WD Software Upgrader (HKLM\...\{C05B5E9B-FE9D-48C7-9D7C-35DA238A9DE8}) (Version: 1.5.1 - Western Digital)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Welcome App (Start-up experience) (Version: 12.0.14000 - Nero AG) Hidden
WinAVI Video Converter (HKLM\...\WinAVI Video Converter_is1) (Version:  - ZJ Computing, Inc.)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WIRELESS (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Zoner Photo Studio 12 (HKLM\...\ZonerPhotoStudio12_EN_is1) (Version: 12.0.1.7 - ZONER software)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
2008-04-14 13:00 - 2013-10-31 00:04 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-DELL360-Stevie.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd685145978ed4.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{C45D3254-C5F2-4164-8186-CF660410A378}.job => C:\WINDOWS\system32\msfeedssync.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-01-14 22:03 - 2013-12-09 12:37 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-04-22 18:42 - 2014-04-15 18:33 - 00049744 _____ () C:\Documents and Settings\Stevie\Local Settings\temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-04-15 18:34 - 2014-04-15 18:34 - 00138320 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-18 10:43 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-03-18 10:43 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-03-18 10:43 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-03-18 10:43 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2013-03-18 10:43 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2010-11-02 08:33 - 2010-11-02 08:33 - 00886272 _____ () C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
2014-04-15 18:33 - 2014-04-15 18:33 - 00064592 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\WINDOWS\$NtUninstallKB53386$:SummaryInformation
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WD Quick View.lnk => C:\WINDOWS\pss\WD Quick View.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Stevie^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk => C:\WINDOWS\pss\BBC iPlayer Desktop.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Stevie^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\WINDOWS\pss\ERUNT AutoBackup.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Stevie^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: KiesHelper => C:\Program Files\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: NokiaMServer => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: Standby => "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: ThreatFire => C:\Program Files\ThreatFire\TFTray.exe
MSCONFIG\startupreg: VNT => C:\Program Files\VNT\vntldr.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/22/2014 06:45:54 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\STEVIE\DESKTOP\IPLAYER RECORDINGS\P01W1K1Y_B03ZJJQ6_1396303353535.MP4> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (04/21/2014 00:59:35 PM) (Source: Application Error) (User: )
Description: Faulting application iTunes.exe, version 11.1.5.5, faulting module unknown, version 0.0.0.0, fault address 0x0dc403e8.
Processing media-specific event for [iTunes.exe!ws!]
 
Error: (04/07/2014 06:47:49 PM) (Source: WinMgmt) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\ASPNET.MOF while recovering repository file.
 
Error: (04/07/2014 06:47:48 PM) (Source: WinMgmt) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MOF\SERVICEMODEL.MOF while recovering repository file.
 
Error: (04/07/2014 06:47:47 PM) (Source: WinMgmt) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\SERVICEMODEL.MOF while recovering repository file.
 
Error: (04/07/2014 06:47:28 PM) (Source: WinMgmt) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF while recovering repository file.
 
Error: (04/07/2014 06:47:27 PM) (Source: WinMgmt) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF while recovering repository file.
 
Error: (04/07/2014 06:47:26 PM) (Source: WinMgmt) (User: )
Description: Failed to load MOF C:\WINDOWS\SYSTEM32\WBEM\WINDOWSSEARCHENGINE.MOF while recovering repository file.
 
Error: (04/07/2014 05:52:44 PM) (Source: Microsoft Office 12) (User: )
Description: Rejected Safe Mode action : Microsoft Office Outlook.
 
Error: (04/07/2014 05:52:35 PM) (Source: Windows Search Service) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.
 
Context:  Application, SystemIndex Catalog
 
 
System errors:
=============
Error: (04/25/2014 08:58:13 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error: 
%%1053
 
Error: (04/25/2014 08:58:13 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
 
Error: (04/25/2014 08:56:50 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (04/25/2014 08:56:50 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{03CA98D6-FF5D-49B8-ABC6-03DD84127020}
 
Error: (04/25/2014 08:46:00 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error: 
%%1053
 
Error: (04/25/2014 08:46:00 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
 
Error: (04/25/2014 08:44:52 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (04/25/2014 08:44:52 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{03CA98D6-FF5D-49B8-ABC6-03DD84127020}
 
Error: (04/22/2014 07:03:34 PM) (Source: DCOM) (User: DELL360)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (04/22/2014 06:57:19 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (04/12/2012 05:08:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (04/12/2012 05:06:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 124 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (01/25/2011 08:50:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6215.1000. This session lasted 234 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error: (10/18/2010 06:36:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6215.1000. This session lasted 193 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (05/18/2010 10:52:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 70 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (11/29/2009 09:44:56 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 102 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/11/2009 07:50:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 8749 seconds with 540 seconds of active time.  This session ended with a crash.
 
Error: (05/04/2009 11:17:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 24911 seconds with 1260 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 36%
Total physical RAM: 2045.89 MB
Available physical RAM: 1291.59 MB
Total Pagefile: 3937.96 MB
Available Pagefile: 3157.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.34 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:74.42 GB) (Free:17.18 GB) NTFS ==>[Drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: A42D04A3)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Active) - (Size=74 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#6
Steviep
Posted 25 April 2014 - 02:14 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
Process CPU Private Bytes Working Set PID Verified Signer
WDFME.exe 50.00 63,152 K 51,172 K 3088 (Verified) Western Digital Technologies
System Idle Process 46.88 0 K 28 K 0
procexp.exe 1.56 21,600 K 28,504 K 2288 (Verified) Microsoft Corporation
Interrupts 0.78 0 K 0 K n/a
chrome.exe 0.78 96,304 K 100,464 K 2252 (Verified) Google Inc
WPFFontCache_v0400.exe 2,356 K 4,408 K 680 (Verified) Microsoft Corporation
wmiprvse.exe 1,848 K 4,956 K 676 (Verified) Microsoft Windows Component Publisher
winlogon.exe 7,068 K 3,880 K 732 (Verified) Microsoft Windows Component Publisher
WDRulesEngine.exe 20,736 K 21,460 K 2752 (Verified) Western Digital Technologies
WDDMService.exe 6,076 K 7,916 K 2724 (Verified) Western Digital Technologies
SYSTEM 0 K 240 K 4
svchost.exe 3,168 K 5,168 K 988 (Verified) Microsoft Windows Component Publisher
svchost.exe 2,020 K 4,652 K 1056 (Verified) Microsoft Windows Component Publisher
svchost.exe 14,956 K 22,568 K 1160 (Verified) Microsoft Windows Component Publisher
svchost.exe 2,376 K 3,352 K 1220 (Verified) Microsoft Windows Component Publisher
svchost.exe 1,380 K 3,704 K 1284 (Verified) Microsoft Windows Component Publisher
svchost.exe 1,640 K 3,972 K 1392 (Verified) Microsoft Windows Component Publisher
svchost.exe 1,324 K 3,820 K 1692 (Verified) Microsoft Windows Component Publisher
svchost.exe 1,036 K 2,996 K 2172 (Verified) Microsoft Windows Component Publisher
svchost.exe 1,032 K 2,968 K 2384 (Verified) Microsoft Windows Component Publisher
svchost.exe 2,568 K 4,348 K 2696 (Verified) Microsoft Windows Component Publisher
spoolsv.exe 4,416 K 6,440 K 1508 (Verified) Microsoft Windows Component Publisher
smss.exe 176 K 436 K 632 (Verified) Microsoft Windows Component Publisher
services.exe 1,880 K 5,072 K 776 (Verified) Microsoft Windows Component Publisher
searchindexer.exe 19,420 K 10,920 K 2900 (Verified) Microsoft Windows
SDUpdSvc.exe 6,224 K 10,912 K 3016 (Verified) Safer Networking Ltd.
SDFSSvc.exe 25,744 K 30,016 K 2532 (Verified) Safer Networking Ltd.
sched.exe 2,572 K 404 K 1564 (Verified) Avira Operations GmbH & Co. KG
PsiService_2.exe 556 K 2,032 K 2460 (Verified) Protexis Inc.
PMBDeviceInfoProvider.exe 916 K 3,028 K 2348 (Verified) Sony Corporation
PhotoshopElementsFileAgent.exe 2,600 K 240 K 1736 (Verified) Adobe Systems Incorporated
PhotoshopElementsFileAgent.exe 2,540 K 248 K 1848 (Verified) Adobe Systems Incorporated
NetworkLicenseServer.exe 4,028 K 6,888 K 1620 (Verified) ABBYY SOLUTIONS LIMITED
NASvc.exe 2,128 K 4,740 K 2080 (Verified) Nero AG
mDNSResponder.exe 968 K 3,028 K 188 (Verified) Apple Inc.
LSSrvc.exe 672 K 2,560 K 2060 (No signature was present in the subject) Hewlett-Packard Company
lsass.exe 4,036 K 6,532 K 788 (Verified) Microsoft Windows Component Publisher
jqs.exe 2,656 K 1,868 K 1796 (Verified) Oracle America
iTunesHelper.exe 10,348 K 14,656 K 652 (Verified) Apple Inc.
iPodService.exe 2,964 K 4,356 K 3792 (Verified) Apple Inc.
GoogleUpdate.exe 3,608 K 1,868 K 2200 (Verified) Google Inc
FsUsbExService.Exe 888 K 2,724 K 400 (No signature was present in the subject) Teruten
explorer.exe 19,828 K 26,864 K 2504 (Verified) Microsoft Windows Component Publisher
escsvc.exe 776 K 2,764 K 320 (Verified) SEIKO EPSON Corporation
csrss.exe 1,836 K 4,404 K 688 (Verified) Microsoft Windows Component Publisher
chrome.exe 70,500 K 35,644 K 3572 (Verified) Google Inc
avshadow.exe 616 K 2,660 K 3604 (Verified) Avira Operations GmbH & Co. KG
Avira.OE.Systray.exe 56,272 K 73,292 K 284 (Verified) Avira Operations GmbH & Co. KG
Avira.OE.ServiceHost.exe 49,932 K 50,312 K 2948 (Verified) Avira Operations GmbH & Co. KG
avguard.exe 181,524 K 1,224 K 1644 (Verified) Avira Operations GmbH & Co. KG
avgnt.exe 13,092 K 5,184 K 544 (Verified) Avira Operations GmbH & Co. KG
ati2evxx.exe 1,928 K 3,240 K 968 (Verified) Microsoft Windows Hardware Compatibility Publisher
ati2evxx.exe 2,712 K 4,820 K 1572 (Verified) Microsoft Windows Hardware Compatibility Publisher
ASHelper.exe 9,580 K 12,792 K 604 (No signature was present in the subject) AimerSoft
AppleMobileDeviceService.exe 9,308 K 12,576 K 1948 (Verified) Apple Inc.
alg.exe 1,240 K 3,656 K 3228 (Verified) Microsoft Windows Component Publisher

  • 0

#7
Steviep
Posted 25 April 2014 - 02:18 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
Summary
Operating System
Windows XP Professional 32-bit SP3
CPU
Intel Core 2 Duo E7400 @ 2.80GHz 36 °C
Wolfdale 45nm Technology
RAM
2.00GB Dual-Channel DDR2 @ 398MHz (6-6-6-18)
Motherboard
Dell Inc. 0T656F (CPU)
Graphics
171M (1280x1024@60Hz)
1024MB ATI Radeon HD 4300/4500 Series (XFX Pine Group) 53 °C
Hard Drives
75GB Seagate ST380815AS (SATA) 37 °C
Optical Drives
HP DVD Writer 1060d
Audio
AMD High Definition Audio Device
Operating System
Windows XP Professional 32-bit SP3
Computer type: Desktop
Installation Date: 21/04/2009 23:03:42
 
Windows Security Center
Firewall Disabled
Antivirus Disabled
Windows Update
AutoUpdate Not configured
.NET Frameworks installed
v4.0 Full
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 7.0.5730.13
Java
Java Runtime Environment
Path C:\Program Files\Java\jre7\bin\java.exe
Version 7.0
Update 45
Build 18
Environment Variables
USERPROFILE C:\Documents and Settings\Stevie
SystemRoot C:\WINDOWS
User Variables
TEMP C:\Documents and Settings\Stevie\Local Settings\Temp
TMP C:\Documents and Settings\Stevie\Local Settings\Temp
Machine Variables
ComSpec C:\WINDOWS\system32\cmd.exe
Path C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\system32\wbem
C:\Program Files\AMD APP\bin\x86
C:\Program Files\Nokia\PC Connectivity Solution
C:\Program Files\Diskeeper Corporation\Diskeeper
C:\Program Files\Common Files\DivX Shared
C:\Program Files\Samsung\Samsung PC Studio 3
c:\Program Files\Common Files\Ulead Systems\MPEG
C:\Program Files\QuickTime\QTSystem
C:\Program Files\Calibre2
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files\Common Files\Roxio Shared\DLLShared
C:\Program Files\Calibre2\
C:\Program Files\QuickTime\QTSystem\
windir C:\WINDOWS
FP_NO_HOST_CHECK NO
OS Windows_NT
PROCESSOR_ARCHITECTURE x86
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER x86 Family 6 Model 23 Stepping 10, GenuineIntel
PROCESSOR_REVISION 170a
NUMBER_OF_PROCESSORS 2
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
asl.log Destination=file;OnFirstLog=command,environment
AMDAPPSDKROOT C:\Program Files\AMD APP\
RCAUTOPLAY C:\Program Files\Roxio Creator 2009 Special Edition\Roxio Central 4\
Power Profile
Active power scheme Home/Office Desk
Hibernation Disabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Hard Disk after: (On AC Power) Never
Suspend after: (On AC Power) Never
Screen saver Enabled
Uptime
Current Session
Current Time 25/04/2014 09:17:16
Current Uptime 1,265 sec (0 d, 00 h, 21 m, 05 s)
Last Boot Time 25/04/2014 08:56:11
TimeZone
TimeZone GMT
Language English (United Kingdom)
Location United Kingdom
Format English (United Kingdom)
Currency £
Date Format dd/MM/yyyy
Time Format HH:mm:ss
Process List
alg.exe
Process ID 3228
Path C:\WINDOWS\System32\alg.exe
Memory Usage 3.57 MB
Peak Memory Usage 3.57 MB
AppleMobileDeviceService.exe
Process ID 1948
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
ASHelper.exe
Process ID 604
User Stevie
Domain DELL360
Path C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
Memory Usage 12 MB
Peak Memory Usage 13 MB
ati2evxx.exe
Process ID 968
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\Ati2evxx.exe
Memory Usage 3.16 MB
Peak Memory Usage 3.16 MB
ati2evxx.exe
Process ID 1572
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\Ati2evxx.exe
Memory Usage 4.71 MB
Peak Memory Usage 4.74 MB
avgnt.exe
Process ID 544
User Stevie
Domain DELL360
Path C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
Memory Usage 5.06 MB
Peak Memory Usage 204 MB
avguard.exe
Process ID 1644
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\avguard.exe
Memory Usage 3.64 MB
Peak Memory Usage 285 MB
Avira.OE.ServiceHost.exe
Process ID 2948
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
Memory Usage 49 MB
Peak Memory Usage 76 MB
Avira.OE.Systray.exe
Process ID 284
User Stevie
Domain DELL360
Path C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
Memory Usage 72 MB
Peak Memory Usage 72 MB
avshadow.exe
Process ID 3604
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
Memory Usage 2.60 MB
Peak Memory Usage 2.60 MB
chrome.exe
Process ID 2252
User Stevie
Domain DELL360
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 79 MB
Peak Memory Usage 129 MB
chrome.exe
Process ID 3572
User Stevie
Domain DELL360
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 13 MB
Peak Memory Usage 90 MB
csrss.exe
Process ID 688
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\csrss.exe
Memory Usage 4.46 MB
Peak Memory Usage 6.59 MB
escsvc.exe
Process ID 320
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\EscSvc.exe
Memory Usage 2.70 MB
Peak Memory Usage 2.88 MB
explorer.exe
Process ID 2504
User Stevie
Domain DELL360
Path C:\WINDOWS\explorer.exe
Memory Usage 27 MB
Peak Memory Usage 32 MB
FsUsbExService.Exe
Process ID 400
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\FsUsbExService.Exe
Memory Usage 2.66 MB
Peak Memory Usage 2.66 MB
GoogleUpdate.exe
Process ID 2200
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Google\Update\GoogleUpdate.exe
Memory Usage 1.82 MB
Peak Memory Usage 4.61 MB
iPodService.exe
Process ID 3792
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\iPod\bin\iPodService.exe
Memory Usage 4.25 MB
Peak Memory Usage 4.28 MB
iTunesHelper.exe
Process ID 652
User Stevie
Domain DELL360
Path C:\Program Files\iTunes\iTunesHelper.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
jqs.exe
Process ID 1796
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Java\jre7\bin\jqs.exe
Memory Usage 1.82 MB
Peak Memory Usage 17 MB
lsass.exe
Process ID 788
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\lsass.exe
Memory Usage 6.36 MB
Peak Memory Usage 6.41 MB
LSSrvc.exe
Process ID 2060
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Memory Usage 2.50 MB
Peak Memory Usage 2.50 MB
mDNSResponder.exe
Process ID 188
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 2.96 MB
Peak Memory Usage 2.97 MB
NASvc.exe
Process ID 2080
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Nero\Update\NASvc.exe
Memory Usage 4.63 MB
Peak Memory Usage 4.64 MB
NetworkLicenseServer.exe
Process ID 1620
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
Memory Usage 6.73 MB
Peak Memory Usage 6.73 MB
PhotoshopElementsFileAgent.exe
Process ID 1848
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
Memory Usage 248 KB
Peak Memory Usage 4.71 MB
PhotoshopElementsFileAgent.exe
Process ID 1736
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
Memory Usage 240 KB
Peak Memory Usage 4.78 MB
PMBDeviceInfoProvider.exe
Process ID 2348
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
Memory Usage 2.96 MB
Peak Memory Usage 2.96 MB
PsiService_2.exe
Process ID 2460
User SYSTEM
Domain NT AUTHORITY
Path c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
Memory Usage 1.98 MB
Peak Memory Usage 1.99 MB
sched.exe
Process ID 1564
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\sched.exe
Memory Usage 404 KB
Peak Memory Usage 5.21 MB
SDFSSvc.exe
Process ID 2532
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
Memory Usage 29 MB
Peak Memory Usage 34 MB
SDUpdSvc.exe
Process ID 3016
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
searchfilterhost.exe
Process ID 3748
Path C:\WINDOWS\system32\SearchFilterHost.exe
Memory Usage 5.14 MB
Peak Memory Usage 5.14 MB
searchindexer.exe
Process ID 2900
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchIndexer.exe
Memory Usage 11 MB
Peak Memory Usage 15 MB
searchprotocolhost.exe
Process ID 2984
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchProtocolHost.exe
Memory Usage 6.77 MB
Peak Memory Usage 6.77 MB
services.exe
Process ID 776
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\services.exe
Memory Usage 5.00 MB
Peak Memory Usage 5.08 MB
smss.exe
Process ID 632
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 436 KB
Peak Memory Usage 756 KB
Speccy.exe
Process ID 4064
User Stevie
Domain DELL360
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 22 MB
Peak Memory Usage 34 MB
spoolsv.exe
Process ID 1508
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\spoolsv.exe
Memory Usage 6.40 MB
Peak Memory Usage 7.58 MB
svchost.exe
Process ID 988
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.05 MB
Peak Memory Usage 5.16 MB
svchost.exe
Process ID 1692
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.73 MB
Peak Memory Usage 3.73 MB
svchost.exe
Process ID 2172
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 2.93 MB
Peak Memory Usage 2.93 MB
svchost.exe
Process ID 2384
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 2.90 MB
Peak Memory Usage 2.90 MB
svchost.exe
Process ID 2696
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.25 MB
Peak Memory Usage 4.34 MB
svchost.exe
Process ID 1392
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.88 MB
Peak Memory Usage 3.89 MB
svchost.exe
Process ID 1284
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.62 MB
Peak Memory Usage 4.06 MB
svchost.exe
Process ID 1220
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.27 MB
Peak Memory Usage 3.29 MB
svchost.exe
Process ID 1160
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 23 MB
Peak Memory Usage 23 MB
svchost.exe
Process ID 1056
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.55 MB
Peak Memory Usage 4.55 MB
SYSTEM
Process ID 4
Memory Usage 240 KB
Peak Memory Usage 7.68 MB
System Idle Process
Process ID 0
WDDMService.exe
Process ID 2724
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
Memory Usage 7.73 MB
Peak Memory Usage 9.07 MB
WDFME.exe
Process ID 3088
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
Memory Usage 70 MB
Peak Memory Usage 100 MB
WDRulesEngine.exe
Process ID 2752
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
winlogon.exe
Process ID 732
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\winlogon.exe
Memory Usage 3.80 MB
Peak Memory Usage 15 MB
wmiprvse.exe
Process ID 676
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 5.05 MB
Peak Memory Usage 5.05 MB
wmiprvse.exe
Process ID 3052
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 8.95 MB
Peak Memory Usage 9.33 MB
WPFFontCache_v0400.exe
Process ID 680
Path C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
Memory Usage 4.30 MB
Peak Memory Usage 4.89 MB
Scheduler
Every 1 hour(s) from 21:38 for 24 hour(s) every day, starting 06/04/2014 GoogleUpdateTaskMachineUA
Run at user logon GoogleUpdateTaskMachineCore1cd685145978ed4
Run at user logon Check for updates (Spybot - Search & Destroy)
At 02:00 every day, starting 22/07/2013 AdobeAAMUpdater-1.0-DELL360-Stevie
Every 1 hour(s) from 00:54 for 24 hour(s) every day, starting 01/01/2000 Adobe Flash Player Updater
At 00:30 on day 1 of every month, starting 18/03/2013 Scan the system (Spybot - Search & Destroy)
At 00:30 every Wed of every week, starting 18/03/2013 Refresh immunization (Spybot - Search & Destroy)
Hotfixes
System Folders
Path for burning CD C:\Documents and Settings\Stevie\Local Settings\Application Data\Microsoft\CD Burning
Application Data C:\Documents and Settings\All Users\Application Data
Public Desktop C:\Documents and Settings\All Users\Desktop
Documents C:\Documents and Settings\All Users\Documents
Global Favorites C:\Documents and Settings\All Users\Favorites
Music C:\Documents and Settings\All Users\Documents\My Music
Pictures C:\Documents and Settings\All Users\Documents\My Pictures
Start Menu Programs C:\Documents and Settings\All Users\Start Menu\Programs
Start Menu C:\Documents and Settings\All Users\Start Menu
Startup C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Templates C:\Documents and Settings\All Users\Templates
Videos C:\Documents and Settings\All Users\Documents\My Videos
Cookies C:\Documents and Settings\Stevie\Cookies
Desktop C:\Documents and Settings\Stevie\Desktop
Physical Desktop C:\Documents and Settings\Stevie\Desktop
User Favorites C:\Documents and Settings\Stevie\Favorites
Fonts C:\WINDOWS\Fonts
Internet History C:\Documents and Settings\Stevie\Local Settings\History
Temporary Internet Files C:\Documents and Settings\Stevie\Local Settings\Temporary Internet Files
Local Application Data C:\Documents and Settings\Stevie\Local Settings\Application Data
Windows Directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Program Files C:\Program Files
Services
Running ABBYY FineReader 9.0 Sprint Licensing Service
Running Adobe Active File Monitor V11
Running Adobe Active File Monitor V7
Running Apple Mobile Device
Running Application Layer Gateway Service
Running Ati HotKey Poller
Running Avira Real-Time Protection
Running Avira Scheduler
Running Avira Service Host
Running Bonjour Service
Running COM+ Event System
Running Computer Browser
Running CryptSvc
Running DCOM Server Process Launcher
Running DHCP Client
Running Distributed Link Tracking Client
Running DNS Client
Running Epson Scanner Service
Running Event Log
Running Fast User Switching Compatibility
Running FsUsbExService
Running Help and Support
Running iPod Service
Running IPSEC Services
Running Java Quick Starter
Running LightScribeService Direct Disc Labeling Service
Running Logical Disk Manager
Running Nero Update
Running Net Driver HPZ12
Running Network Connections
Running Network Location Awareness (NLA)
Running Plug and Play
Running PMBDeviceInfoProvider
Running Pml Driver HPZ12
Running Print Spooler
Running Protected Storage
Running Protexis Licensing V2
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Remote Registry
Running Secondary Logon
Running Security Accounts Manager
Running Server
Running Shell Hardware Detection
Running Spybot-S&D 2 Scanner Service
Running Spybot-S&D 2 Updating Service
Running SSDP Discovery Service
Running System Event Notification
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Themes
Running WDDMService
Running WDFMEService
Running WDRulesService
Running WebClient
Running Windows Audio
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Firewall/Internet Connection Sharing (ICS)
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Presentation Foundation Font Cache 4.0.0.0
Running Windows Search
Running Windows Time
Running Wireless Zero Configuration
Running Workstation
Stopped .NET Runtime Optimization Service v2.0.50727_X86
Stopped Adobe Flash Player Update Service
Stopped Alerter
Stopped Application Management
Stopped ASP.NET State Service
Stopped Automatic Updates
Stopped Avira Web Protection
Stopped BITS
Stopped ClipBook
Stopped COM+ System Application
Stopped Distributed Transaction Coordinator
Stopped Error Reporting Service
Stopped Extensible Authentication Protocol Service
Stopped FLEXnet Licensing Service
Stopped Google Update Service (gupdate1c9c4557151c6be)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management Service
Stopped HTTP SSL
Stopped Human Interface Device Access
Stopped IMAPI CD-Burning COM Service
Stopped Indexing Service
Stopped InstallDriver Table Manager
Stopped Logical Disk Manager Administrative Service
Stopped Messenger
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Office Groove Audit Service
Stopped MS Software Shadow Copy Provider
Stopped Net Logon
Stopped Net.Tcp Port Sharing Service
Stopped NetMeeting Remote Desktop Sharing
Stopped Network Access Protection Agent
Stopped Network DDE
Stopped Network DDE DSDM
Stopped Network Provisioning Service
Stopped NT LM Security Support Provider
Stopped Office Source Engine
Stopped Performance Logs and Alerts
Stopped Portable Media Serial Number Service
Stopped QoS RSVP
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Help Session Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Removable Storage
Stopped Routing and Remote Access
Stopped Security Center
Stopped Smart Card
Stopped Spybot-S&D 2 Security Center Service
Stopped System Restore Service
Stopped Telnet
Stopped Uninterruptible Power Supply
Stopped Universal Plug and Play Device Host
Stopped Volume Shadow Copy
Stopped Windows CardSpace
Stopped Windows Installer
Stopped Windows Management Instrumentation Driver Extensions
Stopped Windows Media Player Network Sharing Service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Security Options
Accounts: Administrator account status Enabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Administrators
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Disabled
Devices: Restrict floppy access to locally logged-on user only Disabled
Devices: Unsigned driver installation behavior Warn but allow installation
Domain controller: Allow server operators to schedule tasks Not defined
Domain controller: LDAP server signing requirements Not defined
Domain controller: Refuse machine account password changes Not defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Disabled
Interactive logon: Display user information when the session is locked Not defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 14 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Not defined
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of credentials or .NET Passports for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously COMNAP,COMNODE,SQL\QUERY,SPOOLSS,LLSRPC,browser
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Control\Server Applications,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
Network access: Shares that can be accessed anonymously COMCFG,DFS$
Network access: Sharing and security model for local accounts Guest only - local users authenticate as Guest
Network security: Do not store LAN Manager hash value on next password change Disabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Send LM & NTLM responses
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients No minimum
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers No minimum
Recovery console: Allow automatic administrative logon Enabled
Recovery console: Allow floppy copy and access to all drives and all folders Enabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Default owner for objects created by members of the Administrators group Object creator
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
Device Tree
ACPI Multiprocessor PC
Microsoft ACPI-Compliant System
ACPI Power Button
Intel Core2 Duo CPU E7400 @ 2.80GHz
Intel Core2 Duo CPU E7400 @ 2.80GHz
High precision event timer
ACPI Fixed Feature Button
PCI bus
Intel G33/G31/P35/P31 Express Chipset Processor to I/O Controller - 29C0
Intel 82801 PCI Bridge - 244E
Intel 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF
Intel 82801G (ICH7 Family) SMBus Controller - 27DA
Extended IO Bus
Intel® G33/G31/P35/P31 Express Chipset PCI Express Root Port - 29C1
ATI Radeon HD 4300/4500 Series
Plug and Play Monitor
Microsoft UAA Bus Driver for High Definition Audio
AMD High Definition Audio Device
Microsoft UAA Bus Driver for High Definition Audio
SoundMAX Integrated Digital High Definition Audio
Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Broadcom NetLink Gigabit Ethernet
Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
USB Root Hub
USB Human Interface Device
HID-compliant mouse
Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
USB Root Hub
USB Human Interface Device
HID Keyboard Device
Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
USB Root Hub
Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
USB Root Hub
Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
USB Root Hub
Intel® 82801GB/GR (ICH7 Family) LPC Interface Controller - 27B8
ISAPNP Read Data Port
System board
Direct memory access controller
Numeric data processor
Programmable interrupt controller
System speaker
System CMOS/real time clock
System timer
Communications Port (COM1)
ECP Printer Port (LPT1)
Printer Port Logical Interface
Intel® 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0
Primary IDE Channel
ST380815AS
Secondary IDE Channel
HP DVD Writer 1060d
CPU
Intel Core 2 Duo E7400
Cores 2
Threads 2
Name Intel Core 2 Duo E7400
Code Name Wolfdale
Package Socket 775 LGA
Technology 45nm
Specification Intel Core2 Duo CPU E7400 @ 2.80GHz
Family 6
Extended Family 6
Model 7
Extended Model 17
Stepping A
Revision R0
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, Intel 64, NX
Virtualization Not supported
Hyperthreading Not supported
Bus Speed 266.0 MHz
Rated Bus Speed 1064.0 MHz
Stock Core Speed 2800 MHz
Stock Bus Speed 266 MHz
Average Temperature 36 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 3072 KBytes
Core 0
Core Speed 2793.1 MHz
Multiplier x 10.5
Bus Speed 266.0 MHz
Rated Bus Speed 1064.0 MHz
Temperature 39 °C
Thread 1
APIC ID 0
Core 1
Core Speed 1596.0 MHz
Multiplier x 6.0
Bus Speed 266.0 MHz
Rated Bus Speed 1064.0 MHz
Temperature 33 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR2
Size 2048 MBytes
Channels # Dual
DRAM Frequency 399.0 MHz
CAS# Latency (CL) 6 clocks
RAS# to CAS# Delay (tRCD) 6 clocks
RAS# Precharge (tRP) 6 clocks
Cycle Time (tRAS) 18 clocks
Command Rate (CR) 2T
Physical Memory
Memory Usage 42 %
Total Physical 2.00 GB
Available Physical 1.15 GB
Total Virtual 3.85 GB
Available Virtual 2.90 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 1024 MBytes
Manufacturer Samsung
Max Bandwidth PC2-6400 (400 MHz)
Part Number M3 78T2863RZS-CF7
Serial Number 9553C86B
Week/year 44 / 08
SPD Ext. EPP
JEDEC #3
Frequency 400.0 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.800 V
JEDEC #2
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #1
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
Slot #2
Type DDR2
Size 1024 MBytes
Manufacturer Samsung
Max Bandwidth PC2-6400 (400 MHz)
Part Number M3 78T2863RZS-CF7
Serial Number 9553C862
Week/year 44 / 08
SPD Ext. EPP
JEDEC #3
Frequency 400.0 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.800 V
JEDEC #2
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #1
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
Motherboard
Manufacturer Dell Inc.
Model 0T656F (CPU)
Chipset Vendor Intel
Chipset Model P35/G33/G31
Chipset Revision 0A
Southbridge Vendor Intel
Southbridge Model 82801GB (ICH7/R)
Southbridge Revision A1
BIOS
Brand Dell Inc.
Version A01
Date 28/11/2008
PCI Data
Slot Unknown
Slot Type Unknown
Slot Usage In Use
Bus Width Unknown
Slot Designation SLOT1
Slot Number 0
Slot Unknown
Slot Type Unknown
Slot Usage Available
Bus Width 32 bit
Slot Designation SLOT2
Slot Number 1
Slot Unknown
Slot Type Unknown
Slot Usage Available
Bus Width 32 bit
Slot Designation SLOT3
Slot Number 2
Graphics
Monitor
Name 171M on ATI Radeon HD 4300/4500 Series
Current Resolution 1280x1024 pixels
Work Resolution 1280x990 pixels
State Enabled, Primary, Output devices support
Monitor Width 1280
Monitor Height 1024
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
ATI Radeon HD 4300/4500 Series
Manufacturer ATI
Model Radeon HD 4300/4500 Series
GPU RV710
Device ID 1002-954F
Subvendor XFX Pine Group (1682)
Current Performance Level Level 0
Voltage 0.900 V
Technology 55 nm
Die Size 73 mm²
Transistors 242 M
Release Date Sep 30, 2008
DirectX Support 10.1
DirectX Shader Model 4.1
OpenGL Support 3.0
GPU Clock 600.0 MHz
Temperature 53 °C
Core Voltage 0.900 V
Bios Core Clock 600.00
Bios Mem Clock 400.00
Driver version 8.920.0.0
BIOS Version 113-HD435XZAH72_113-ACXXXXX-100
ROPs 4
Shaders 80 unified
Memory Type DDR2
Memory 1024 MB
Bus Width 64 Bit
Pixel Fillrate 2.4 GPixels/s
Texture Fillrate 4.8 GTexels/s
Bandwidth 6.4 GB/s
Count of performance levels : 3
Level 1
GPU Clock 110 MHz
Memory Clock 250 MHz
Level 2
GPU Clock 300 MHz
Memory Clock 400 MHz
Level 3
GPU Clock 600 MHz
Memory Clock 400 MHz
Hard Drives
ST380815AS
Manufacturer Seagate
Form Factor 3.5"
Heads 16
Cylinders 16,383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA/ATAPI-7
Serial Number 9RW50V8R
LBA Size 48-bit LBA
Power On Count 1261 times
Power On Time 289.4 days
Features S.M.A.R.T., AAM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 75 GB
Real size 80,000,000,000 bytes
RAID Type None
S.M.A.R.T
Status Good
Temperature 37 °C
Temperature Range OK (less than 50 °C)
01 Read Error Rate 100 (253) Data 0000000000
03 Spin-Up Time 098 (097) Data 0000000000
04 Start/Stop Count 099 (099) Data 0000000519
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 085 (060) Data 001794A69D
09 Power-On Hours (POH) 093 (093) Data 0000001B21
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 099 (099) Data 00000004ED
BB Reported Uncorrectable Errors 100 (100) Data 0000000000
BD High Fly Writes (WDC) 100 (100) Data 0000000000
BE Temperature Difference from 100 063 (052) Data 0025170025
C2 Temperature 037 (048) Data 0000000025
C3 Hardware ECC Recovered 084 (071) Data 000A997FE6
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 100 (253) Data 0000000000
CA Data Address Mark errors 100 (253) Data 0000000000
Partition 0
Partition ID Disk #0, Partition #0
Size 78.4 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 681580C4
Size 74 GB
Used Space 57 GB (77%)
Free Space 17.2 GB (23%)
Optical Drives
HP DVD Writer 1060d
Media Type DVD Writer
Name HP DVD Writer 1060d
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Write capabilities CD-R, CD-RW, DVD-RAM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 0
Status OK
Audio
Sound Cards
AMD High Definition Audio Device
SoundMAX Integrated Digital High Definition Audio
Playback Device
SoundMAX HD Audio
Recording Device
SoundMAX HD Audio
Speaker Configuration
Speaker Configuration
Speaker type No Speaker
Peripherals
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Unknown
Location Location 0
Driver
Date 7-1-2001
Version 5.1.2600.5512
File C:\WINDOWS\system32\DRIVERS\kbdhid.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Unknown
Location Location 0
Driver
Date 7-1-2001
Version 5.1.2600.0
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
File C:\WINDOWS\system32\DRIVERS\mouhid.sys
Printers
EPSON XP-205 207 Series (Default Printer)
Printer Port USB001
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 360 * 360 dpi Color
Status Unknown
Driver
Driver Name EPSON XP-205 207 Series (v5.10)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FMAIILE.DLL
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
Send To OneNote 2007
Printer Port Send To Microsoft OneNote Port:
Print Processor OneNotePrint2007
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Send To Microsoft OneNote Driver (v4.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\msonpdrv.dll
Network
You are connected to the internet
Connected through Broadcom NetLink Gigabit Ethernet - Packet Scheduler Miniport
IP Address 192.168.0.105
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Preferred DNS server 194.168.4.100
Alternate DNS server 194.168.8.100
DHCP Enabled
DHCP server 192.168.0.1
External IP Address 77.103.80.174
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Unknown node type
Link Speed 0 Bps
Computer Name
NetBIOS Name DELL360
DNS Name dell360
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain DELL360
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Guest only - local users authenticate as Guest
Adapters List
Broadcom NetLink ™ Gigabit Ethernet - Packet Scheduler Miniport
IP Address 192.168.0.105
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
MAC Address 00-23-AE-7B-82-BD
Network Shares
No network shares
Current TCP Connections
C:\Program Files\Bonjour\mDNSResponder.exe (188)
Local 127.0.0.1:5354 LISTEN
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:1032 (Querying... )
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:1034 (Querying... )
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1948)
Local 127.0.0.1:27015 LISTEN
Local 127.0.0.1:1032 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
Local 127.0.0.1:1034 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
Local 127.0.0.1:27015 ESTABLISHED Remote 127.0.0.1:1033 (Querying... )
C:\Program Files\Google\Chrome\Application\chrome.exe (3572)
Local 192.168.0.105:1456 ESTABLISHED Remote 173.194.78.125:5222 (Querying... )
Local 192.168.0.105:1675 ESTABLISHED Remote 82.15.95.168:443 (Querying... ) (HTTPS)
C:\Program Files\Java\jre7\bin\jqs.exe (1796)
Local 127.0.0.1:5152 LISTEN
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (2532)
Local 0.0.0.0:21320 LISTEN
Local 0.0.0.0:21322 LISTEN
Local 0.0.0.0:21323 LISTEN
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (3016)
Local 0.0.0.0:21321 LISTEN
C:\Program Files\iTunes\iTunesHelper.exe (652)
Local 127.0.0.1:1033 ESTABLISHED Remote 127.0.0.1:27015 (Querying... )
C:\WINDOWS\System32\alg.exe (3228)
Local 127.0.0.1:1049 LISTEN
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.0.105:139 (NetBIOS session service) LISTEN
svchost.exe (1056)
Local 0.0.0.0:135 (DCE) LISTEN
Generated with Speccy v1.22.536

  • 0

#8
Steviep
Posted 25 April 2014 - 02:27 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
Vino's Event Viewer v01c run on Windows XP in English
Report run at 25/04/2014 09:25:41
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 25/04/2014 09:22:48
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Spybot-S&D 2 Security Center Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.  
 
Log: 'System' Date/Time: 25/04/2014 09:22:48
Type: error Category: 0
Event: 7009 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect. 
 
Log: 'System' Date/Time: 25/04/2014 09:21:27
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 
 
Log: 'System' Date/Time: 25/04/2014 09:21:27
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {03CA98D6-FF5D-49B8-ABC6-03DD84127020} 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#9
Steviep
Posted 25 April 2014 - 02:28 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
Vino's Event Viewer v01c run on Windows XP in English
Report run at 25/04/2014 09:28:04
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 25/04/2014 09:20:31
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user DELL360\Stevie registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.    This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. 

  • 0

#10
RKinner
Posted 25 April 2014 - 02:28 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
WDFME.exe 50.00 63,152 K 51,172 K 3088 (Verified) Western Digital Technologies 50.00 63,152 K 51,172 K 3088 (Verified) Western Digital Technologies

 

 

is your problem.  It is associated with your external hard drive.  Lots of complaints about it if you google: WDFME.exe.  If you rerun process explorer you should be able to first hit the Space bar so it stops changing then you can select wdfme.exe and right click and Kill Process.  That should make a big difference in your PC speed.  Start, Run, services.msc, OK and then find the Western Digital service (not sure of the right name) and right click on it and select Properties then change the Startup Type: to Manual , OK so it doesn't run unless you start it.  Then reboot and see if things work better.  I have to go to bed now so will look at your other logs tomorrow.


  • 0

Advertisements

#11
RKinner
Posted 25 April 2014 - 09:07 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

 

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 45

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

 

You can uninstall Speecy now.  Your temps are good and your hard drive has no errors.

 

Also uninstall Spybot - Search & Destroy which is broken.

 

You might want to uninstall WD SmartWare too.  I think it's the source of WDFME.exe.  You can try a new one from Western Digital's website.  Perhaps they have fixed the problem by now but wait until we have finished.

 

Uninstall Adobe Flash Player 10 Plugin.  It's the one used with non-IE browsers and it's way out of date.  You can get the latest from adobe.com using Firefox or Chrome just be sure to uncheck the extra garbage software before downloading.  (Now that XP is officially not supported you need to stop using IE and switch to Firefox or Chrome.

 

Your BITS service is broken let's see if ESET can fix it:

 

Download ESET's Service Repair http://kb.eset.com/l...vicesRepair.exe and Save it then run it.  Follow the instructions and reboot when done.

 

You need to install UPHClean - hopefully they haven't stopped offering it now that XP is no longer supported.

 

http://www.microsoft...ls.aspx?id=6676

 

We can clean up some deadwood with FRST:

 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

 

 

 

 


  • 0

#12
Steviep
Posted 25 April 2014 - 10:05 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-04-2014 01
Ran by Stevie at 2014-04-25 17:04:45 Run:2
Running from C:\Documents and Settings\Stevie\Desktop\FRST-OlderVersion
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
S4 cerc6; No ImagePath
S4 IntelIde; No ImagePath
S4 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
U3 TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys [X]

*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F} => Key deleted successfully.
HKCR\CLSID\{53707962-6F74-2D53-2644-206D7942484F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41564952-412D-5637-4300-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-4300-7A786E7484D7} => Key deleted successfully.
HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0 => Key deleted successfully.
C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll not found.
cerc6 => Service deleted successfully.
IntelIde => Service deleted successfully.
pccsmcfd => Service deleted successfully.
TrueSight => Service deleted successfully.

==== End of Fixlog ====


  • 0

#13
Steviep
Posted 25 April 2014 - 10:08 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-04-2014 01
Ran by Stevie at 2014-04-25 17:06:33
Running from C:\Documents and Settings\Stevie\Desktop\FRST-OlderVersion
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.00.631.5823 - ABBYY) Hidden
AC-3 ACM Codec (HKLM\...\AC3ACM) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 11 (HKLM\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (HKLM\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (Version: 7.0.0.3 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.04) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D58AFD19-6736-A938-154A-EABEA741D2CC}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.1.3.0 - SlySoft)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{c13d72f9-bcdd-4c16-a942-7373a528171e}) (Version: 1.0.5218.31571 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.0.5218.31571 - Avira Operations GmbH & Co. KG) Hidden
BBC iPlayer Downloads (HKLM\...\{E7C9165A-50C1-40E4-B11F-41FC1553D7FD}) (Version: 1.7.3 - BBC)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{9AF0B106-56F1-461B-A270-95BC1682E282}) (Version: 11.21.01 - Broadcom Corporation)
calibre (HKLM\...\{E25A469A-2E07-40F5-8B9E-C13B1358A431}) (Version: 1.16.0 - Kovid Goyal)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2011.1109.2145.39010 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CCScore (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
CloneDVD2 (HKLM\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
CloneDVDmobile (HKLM\...\CloneDVDmobile) (Version: 1.9.0.1 - SlySoft)
Contents (Version: 1.6.2.36 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.2.36 - Corel Corporation)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
DeviceIO (Version: 1.6.2.36 - Corel Corporation) Hidden
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.7 - Dropbox, Inc.)
Elements 11 Organizer (Version: 11.0 - Adobe Systems Incorporated) Hidden
Epson Easy Photo Print 2 (HKLM\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESSBrwr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
ESSTOOLS (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
Free FLAC to MP3 Converter 1.0 (HKLM\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version:  - PolySoft Solutions)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM\...\{9578C0CD-8108-4379-9026-4601F59859A0}) (Version: 4.2.180.1134 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
ICA (Version: 1.6.2.36 - Corel Corporation) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
IPM_VS_Pro (Version: 13.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
K-Lite Codec Pack 4.7.5 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 4.7.5 - )
KODAK EASYSHARE Gallery Upload ActiveX Control (HKLM\...\OfotoEZUpload) (Version:  - )
LightScribe  1.4.136.1 (Version: 1.4.136.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version:  - Microsoft Corporation)
Microsoft WSE 3.0 (HKLM\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
MLE (Version: 1.0.0.23 - Corel Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Nero 12 (HKLM\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero 12 Content Pack (HKLM\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG)
Nero Abstract Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (Version: 12.0.2001 - Nero AG) Hidden
Nero BackItUp Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Cliparts (Version: 12.0.11500 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus 1 (Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 2 (Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 3 (Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Express (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero Family and Events Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero Football (Soccer) Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero Holiday and Sports Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero Image Samples (Version: 12.0.11500 - Nero AG) Hidden
Nero Kwik Media (Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects 1 (Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero Platinum Effects 12 (Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Retro Film Themes (Version: 12.0.11500 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero Video Samples (Version: 12.0.11500 - Nero AG) Hidden
Nero Video Transitions 1 (Version: 12.0.11500 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
netbrdg (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
Network Guide EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series Netg) (Version:  - )
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
OfotoXMI (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Photo Collage Max (HKLM\...\PhotoCollageMax) (Version: 2.2.2.8 - )
Picture Collage Maker Pro 3.2.0 (HKLM\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version:  - PearlMountain Technology Co., Ltd)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.2.00.03250 - Sony Corporation)
PowerISO (HKLM\...\PowerISO) (Version:  - )
Prerequisite installer (Version: 12.0.0002 - Nero AG) Hidden
PSE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RescuePRO Deluxe 5.1.2.7 (HKLM\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 5.1.2.7 - LC Technology International, Inc.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Central (Version: 4.5.0 - Roxio) Hidden
Roxio Video Capture USB Driver (HKLM\...\TVEpaDrv) (Version:  - )
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Setup (Version: 1.6.2.36 - Corel Corporation) Hidden
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Share (Version: 1.6.2.36 - Corel Corporation) Hidden
SHASTA (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
skin0001 (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (Version: 5.1.6 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.8.0 - SmartSound Software Inc) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.7255 - Analog Devices)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
staticcr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Syncios version 2.1.3 (HKLM\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 2.1.3 - Anvsoft, Inc.)
The Lord of the Rings FREE Trial  (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version:  - Microsoft)
Update for Windows Internet Explorer 8 (KB971180) (HKLM\...\KB971180-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
User Profile Hive Cleanup Service (HKLM\...\{7D15B945-2725-4443-AB3F-D900556612FE}) (Version: 1.6.36 - Microsoft Corporation)
User's Guide EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series Useg) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VIO (Version: 1.6.2.36 - Corel Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VPRINTOL (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
VSClassic (Version: 1.6.2.36 - Corel Corporation) Hidden
VSPro (Version: 1.6.2.36 - Corel Corporation) Hidden
WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
WD Software Upgrader (HKLM\...\{C05B5E9B-FE9D-48C7-9D7C-35DA238A9DE8}) (Version: 1.5.1 - Western Digital)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Welcome App (Start-up experience) (Version: 12.0.14000 - Nero AG) Hidden
WinAVI Video Converter (HKLM\...\WinAVI Video Converter_is1) (Version:  - ZJ Computing, Inc.)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WIRELESS (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Zoner Photo Studio 12 (HKLM\...\ZonerPhotoStudio12_EN_is1) (Version: 12.0.1.7 - ZONER software)

==================== Restore Points  =========================

==================== Hosts content: ==========================

2008-04-14 13:00 - 2013-10-31 00:04 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-DELL360-Stevie.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd685145978ed4.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{C45D3254-C5F2-4164-8186-CF660410A378}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2014-01-14 22:03 - 2013-12-09 12:37 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-04-21 12:23 - 2013-08-07 14:31 - 00214528 _____ () C:\WINDOWS\system32\AiCM32.dll
2014-04-22 18:42 - 2014-04-15 18:33 - 00049744 _____ () C:\Documents and Settings\Stevie\Local Settings\temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-04-15 18:34 - 2014-04-15 18:34 - 00138320 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-15 18:33 - 2014-04-15 18:33 - 00064592 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WINDOWS\$NtUninstallKB53386$:SummaryInformation

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WD Quick View.lnk => C:\WINDOWS\pss\WD Quick View.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Stevie^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk => C:\WINDOWS\pss\BBC iPlayer Desktop.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Stevie^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\WINDOWS\pss\ERUNT AutoBackup.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Stevie^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: KiesHelper => C:\Program Files\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: NokiaMServer => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: Standby => "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: ThreatFire => C:\Program Files\ThreatFire\TFTray.exe
MSCONFIG\startupreg: VNT => C:\Program Files\VNT\vntldr.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2014 05:04:38 PM) (Source: Application Error) (User: )
Description: Faulting application frst.exe, version 3.3.10.2, faulting module frst.exe, version 3.3.10.2, fault address 0x0001fff9.
Processing media-specific event for [frst.exe!ws!]

System errors:
=============
Error: (04/25/2014 04:48:27 PM) (Source: DCOM) (User: DELL360)
Description: DCOM got error "%%1058" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/25/2014 04:46:10 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (04/25/2014 04:46:10 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{03CA98D6-FF5D-49B8-ABC6-03DD84127020}

Error: (04/25/2014 04:42:42 PM) (Source: DCOM) (User: DELL360)
Description: DCOM got error "%%1058" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/25/2014 10:51:20 AM) (Source: Service Control Manager) (User: )
Description: The WDRulesService service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/25/2014 10:51:15 AM) (Source: Service Control Manager) (User: )
Description: The WDDMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/25/2014 10:51:07 AM) (Source: Service Control Manager) (User: )
Description: The WDFMEService service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/25/2014 09:22:48 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (04/25/2014 09:22:48 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (04/25/2014 09:21:27 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Microsoft Office Sessions:
=========================
Error: (04/12/2012 05:08:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/12/2012 05:06:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 124 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/25/2011 08:50:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6215.1000. This session lasted 234 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (10/18/2010 06:36:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6215.1000. This session lasted 193 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/18/2010 10:52:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 70 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (11/29/2009 09:44:56 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 102 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/11/2009 07:50:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 8749 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (05/04/2009 11:17:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 24911 seconds with 1260 seconds of active time.  This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 2045.89 MB
Available physical RAM: 1281.94 MB
Total Pagefile: 3937.96 MB
Available Pagefile: 3146.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.42 GB) (Free:17.4 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: A42D04A3)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Active) - (Size=74 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#14
Steviep
Posted 25 April 2014 - 10:13 AM

Steviep

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

Hi,

 

Thanks for your help again, the PC seems a bit quicker now - it's like me and getting old  :laughing:  not had any further virus warnings and connects to internet after a couple of minutes


  • 0

#15
RKinner
Posted 25 April 2014 - 10:40 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

OK let's check for errors again:

 

Start, Run, eventvwr.msc, OK to bring up the Event Viewer.  Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.
 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP