thanks ron
here are all the results / logs
# AdwCleaner v2.109 - Logfile created 02/01/2013 at 20:26:13
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Charles Carey - DADSDELL
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Charles Carey\Desktop\Removal tools\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\searchplugins\SearchResults.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
Folder Deleted : C:\DOCUME~1\CHARLE~1\LOCALS~1\Temp\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\vshare@toolbar
Folder Deleted : C:\Documents and Settings\Charles Carey\Application Data\searchquband
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Program Files\Windows Searchqu Toolbar
***** [Registry] *****
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchqu.com/421 --> hxxp://www.google.com
-\\ Mozilla Firefox v5.0 (en-US)
File : C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\prefs.js
C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\user.js ... Deleted !
Deleted : user_pref("vshare.install.date", "1284854400000");
Deleted : user_pref("vshare.install.finished", "1.0.0");
Deleted : user_pref("vshare.install.guid", "{357ab83e-8b79-4d41-aaa0-dd4a1b785efc}");
Deleted : user_pref("vshare.install.isHidden", true);
Deleted : user_pref("vshare.install.laststatreq", "1305676800000");
Deleted : user_pref("vshare.install.newtab", false);
File : C:\Documents and Settings\Cin\Application Data\Mozilla\Firefox\Profiles\oqq1y7zf.default\prefs.js
[OK] File is clean.
File : C:\Documents and Settings\Administrator.DELL\Application Data\Mozilla\Firefox\Profiles\rs52iq1h.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v24.0.1312.57
File : C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [4263 octets] - [01/02/2013 20:26:13]
########## EOF - C:\AdwCleaner[S1].txt - [4323 octets] ##########
111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-01 20:35:18
-----------------------------
20:35:18.609 OS Version: Windows 5.1.2600 Service Pack 3
20:35:18.609 Number of processors: 1 586 0x209
20:35:18.609 ComputerName: DADSDELL UserName:
20:35:22.765 Initialize success
20:41:17.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:41:17.203 Disk 0 Vendor: WDC_WD1600AAJB-00PVA0 00.07H00 Size: 152627MB BusType: 3
20:41:17.234 Disk 0 MBR read successfully
20:41:17.234 Disk 0 MBR scan
20:41:17.234 Disk 0 unknown MBR code
20:41:17.234 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 39 MB offset 63
20:41:17.234 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152586 MB offset 80325
20:41:17.250 Disk 0 scanning sectors +312576642
20:41:17.328 Disk 0 scanning C:\WINDOWS\system32\drivers
20:41:34.109 Service scanning
20:41:56.703 Service vsdatant C:\WINDOWS\System32\vsdatant.sys **LOCKED** 32
20:41:58.156 Modules scanning
20:42:07.156 Scan finished successfully
20:42:41.140 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Charles Carey\Desktop\Removal tools\MBR.dat"
20:42:41.140 The log file has been saved successfully to "C:\Documents and Settings\Charles Carey\Desktop\Removal tools\aswMBR.txt"
2222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222
ComboFix 13-02-01.04 - Charles Carey 02/01/2013 21:02:01.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1629 [GMT -5:00]
Running from: c:\documents and settings\Charles Carey\Desktop\Removal tools\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {804E5358-FFA4-00FB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00DB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804E5358-FFA4-00FE-0D24-347CA8A3377C}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator.DELL\WINDOWS
c:\documents and settings\All Users\Application Data\DragToDiscUserNameE.txt
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Charles Carey\Application Data\.#
c:\documents and settings\Charles Carey\WINDOWS
c:\documents and settings\Cin\WINDOWS
c:\documents and settings\Default User\WINDOWS
C:\install.exe
C:\SETUP.EXE
c:\windows\cres1100.exe
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\dwmapi.dllllllllllllll
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-01-02 to 2013-02-02 )))))))))))))))))))))))))))))))
.
.
2013-01-28 15:39 . 2012-05-08 23:35 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-01-28 15:39 . 2010-11-26 23:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-01-27 03:20 . 2013-01-27 03:20 -------- d-----w- c:\documents and settings\Charles Carey\Local Settings\Application Data\Sun
2013-01-27 03:16 . 2013-01-27 03:16 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit
2013-01-26 21:49 . 2013-01-26 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-01-26 21:49 . 2013-01-26 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-01-26 21:47 . 2013-01-26 21:46 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-26 21:47 . 2013-01-26 21:46 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-23 20:29 . 2013-01-26 17:53 -------- d-----w- c:\documents and settings\Charles Carey\Application Data\wsInspector
2013-01-23 20:24 . 2013-01-23 20:25 -------- d-----w- c:\program files\Startup Inspector for Windows
2013-01-16 17:50 . 2013-01-16 17:50 -------- d-----w- c:\program files\ESET
2013-01-16 02:47 . 2013-01-16 02:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-16 02:47 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 02:23 . 2013-01-26 21:35 -------- d-----w- c:\program files\Revo Uninstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-31 04:08 . 2007-07-26 21:39 138376 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-01-31 04:08 . 2007-07-26 21:38 202448 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-26 21:46 . 2010-04-28 15:43 780192 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2008-03-09 11:25 . 2012-08-07 23:04 236 ----a-w- c:\program files\Common Files\dx.reg
2013-01-19 05:22 . 2013-01-19 05:22 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
2007-06-13 14:26 73728 ----a-w- c:\windows\SYSTEM32\VirtualExpander\VEShellExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-12-25 4474832]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\eudora mail\EuShlExt.dll" [2005-08-09 86016]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Charles Carey^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Charles Carey\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD_SRT]
c:\program files\Western Digital Technologies\WD Win98 SE USB Disk Driver [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2003-02-27 11:04 114688 ------w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2012-11-30 02:06 1263512 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry]
2002-08-14 23:22 28672 ----a-w- c:\windows\SYSTEM32\DSentry.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 04:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 21:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2004-04-14 19:04 40960 ------w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2009-06-01 18:51 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-08 00:56 13880424 ----a-w- c:\windows\SYSTEM32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-08 00:56 111208 ----a-w- c:\windows\SYSTEM32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2004-04-14 18:46 57393 ------w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
2003-01-09 14:21 253952 ------w- c:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2003-01-13 15:19 757760 ------w- c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
2004-01-02 00:09 65536 ------w- c:\program files\Common Files\Roxio Shared\System\EngUtil.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmaTel StacMon]
2003-03-26 22:19 45056 ------w- c:\program files\SigmaTel\C-Major Audio\stacmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-10-14 14:22 155648 ------r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 14:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]
2009-03-25 16:31 339968 ----a-w- c:\windows\SYSTEM32\WDBtnMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNUtil.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNTray.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNCfg.exe"=
"c:\\Program Files\\Microsoft Broadband Networking\\MSBNUpdate.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\SmartFTP Client 2.0\\SmartFTP.exe"=
"c:\\Battlefield 2\\BF2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqdstcp.exe"=
"c:\\Program Files\\321Studios\\Platinum\\BugTool.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{FA0F0A01-4631-4161-A6C2-948BF694382E}\\setup\\hpznui01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9220:TCP"= 9220:TCP:9220
"161:UDP"= 161:UDP:161
"427:UDP"= 427:UDP:427
"9500:TCP"= 9500:TCP:9500
"9290:TCP"= 9290:TCP:9290
"139:UDP"= 139:UDP:139
"137:TCP"= 137:TCP:137
"9100:TCP"= 9100:TCP:9100
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\SYSTEM32\DRIVERS\SmartDefragDriver.sys [1/28/2013 10:39 AM 14776]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [1/26/2013 4:49 PM 465216]
R2 cpuz135;cpuz135;c:\windows\SYSTEM32\DRIVERS\cpuz135_x32.sys [3/27/2012 12:36 PM 21992]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [1/28/2013 10:38 AM 821592]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\SYSTEM32\DRIVERS\Pcouffin.sys [2/22/2004 6:34 AM 34528]
S0 tpcdrdrv;tpcdrdrv;c:\windows\system32\DRIVERS\tpcdrdrv.sys --> c:\windows\system32\DRIVERS\tpcdrdrv.sys [?]
S3 DCamUSB20;AVerDVD EZMaker USB 2.0 Video Capture;c:\windows\SYSTEM32\DRIVERS\CsMini20.sys [3/18/2003 2:55 PM 46248]
S3 DCamUSBSony4;Sony Visual Communication Camera;c:\windows\SYSTEM32\DRIVERS\snyucam4.sys [6/2/2004 3:36 PM 424127]
S3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [1/28/2013 10:38 AM 246816]
S3 LanscsiBus;Lanscsi Bus Enumerator;c:\windows\system32\DRIVERS\LanscsiBus.sys --> c:\windows\system32\DRIVERS\LanscsiBus.sys [?]
S3 lanscsiminiport;Lanscsi SCSI Miniport Driver for NetDisk;c:\windows\system32\DRIVERS\lanscsiminiport.sys --> c:\windows\system32\DRIVERS\lanscsiminiport.sys [?]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [1/29/2011 5:39 PM 19056]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [1/28/2013 10:38 AM 30408]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [1/28/2013 10:38 AM 16248]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [5/27/2010 8:26 AM 90352]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
getPlusHelper REG_MULTI_SZ getPlusHelper
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1caf3eebc635d38.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 17:17]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 17:17]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core.job
- c:\documents and settings\Charles Carey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-07 19:51]
.
2013-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA.job
- c:\documents and settings\Charles Carey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-07 19:51]
.
2013-02-02 c:\windows\Tasks\SmartDefragUpdate.job
- c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-01-28 16:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.dellnet.com/
uInternet Settings,ProxyOverride = localhost
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
Trusted Zone: cars.com\siy
TCP: DhcpNameServer = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\i386\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\i386\xmldso.cab
DPF: PackageCab - hxxp://ak.imgag.com/imgag/cp/install/AxCtp2.cab
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/dsl_settings/include/vzTCPConfig.CAB
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
FF - ProfilePath - c:\documents and settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.jeepforum.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-01-29 12:47; {45d8ff86-d909-11db-9705-005056c00008}; c:\documents and settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF - ExtSQL: !HIDDEN! 2010-03-07 19:27;
[email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Notify-AtiExtEvent - (no file)
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
MSConfigStartUp-wltray - (no file)
MSConfigStartUp-zBrowser Launcher - c:\logitech\Keyboard\iTouch\iTouch.exe
AddRemove-Adobe Acrobat Reader 3.01 - c:\acrobat3\Reader\DeIsL1.isu
AddRemove-HyperLoad - c:\program files\Nabisco\HyperLoad\Uninst.isu
.
.
.
**************************************************************************
.
disk not found C:\
.
please note that you need administrator rights to perform deep scan
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
Completion time: 2013-02-01 21:12:20
ComboFix-quarantined-files.txt 2013-02-02 02:12
.
Pre-Run: 49,551,638,528 bytes free
Post-Run: 49,859,649,536 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 953C616EA805FFE9ACD07874A01AF4FD
33333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.26.10
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Charles Carey :: DADSDELL [administrator]
2/1/2013 9:22:49 PM
mbam-log-2013-02-01 (21-22-49).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 277824
Time elapsed: 4 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
44444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444
21:16:44.0859 0920 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:16:45.0031 0920 ============================================================
21:16:45.0031 0920 Current date / time: 2013/02/01 21:16:45.0031
21:16:45.0031 0920 SystemInfo:
21:16:45.0031 0920
21:16:45.0031 0920 OS Version: 5.1.2600 ServicePack: 3.0
21:16:45.0031 0920 Product type: Workstation
21:16:45.0031 0920 ComputerName: DADSDELL
21:16:45.0031 0920 UserName: Charles Carey
21:16:45.0031 0920 Windows directory: C:\WINDOWS
21:16:45.0031 0920 System windows directory: C:\WINDOWS
21:16:45.0031 0920 Processor architecture: Intel x86
21:16:45.0031 0920 Number of processors: 1
21:16:45.0031 0920 Page size: 0x1000
21:16:45.0031 0920 Boot type: Normal boot
21:16:45.0031 0920 ============================================================
21:16:46.0937 0920 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:16:47.0046 0920 Drive \Device\Harddisk1\DR3 - Size: 0x3C8C0000 (0.95 Gb), SectorSize: 0x200, Cylinders: 0x7B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:16:47.0046 0920 ============================================================
21:16:47.0046 0920 \Device\Harddisk0\DR0:
21:16:47.0093 0920 MBR partitions:
21:16:47.0093 0920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x12A050BD
21:16:47.0093 0920 \Device\Harddisk1\DR3:
21:16:47.0093 0920 MBR partitions:
21:16:47.0093 0920 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0xF9, BlocksNum 0x1E4507
21:16:47.0093 0920 ============================================================
21:16:47.0093 0920 Initialize success
21:16:47.0093 0920 ============================================================
21:17:00.0812 1500 ============================================================
21:17:00.0812 1500 Scan started
21:17:00.0812 1500 Mode: Manual;
21:17:00.0812 1500 ============================================================
21:17:00.0812 1500 ================ Scan system memory ========================
21:17:00.0812 1500 System memory - ok
21:17:00.0812 1500 ================ Scan services =============================
21:17:00.0843 1500 Abiosdsk - ok
21:17:00.0843 1500 abp480n5 - ok
21:17:00.0859 1500 ACPI - ok
21:17:00.0875 1500 ACPIEC - ok
21:17:00.0875 1500 ACS - ok
21:17:00.0890 1500 adpu160m - ok
21:17:00.0906 1500 AdvancedSystemCareService6 - ok
21:17:00.0906 1500 aeaudio - ok
21:17:00.0921 1500 aec - ok
21:17:00.0937 1500 AegisP - ok
21:17:00.0937 1500 Afc - ok
21:17:00.0953 1500 AFD - ok
21:17:00.0953 1500 agp440 - ok
21:17:00.0968 1500 agpCPQ - ok
21:17:00.0984 1500 Aha154x - ok
21:17:00.0984 1500 aic78u2 - ok
21:17:01.0000 1500 aic78xx - ok
21:17:01.0015 1500 Alerter - ok
21:17:01.0015 1500 ALG - ok
21:17:01.0031 1500 AliIde - ok
21:17:01.0046 1500 alim1541 - ok
21:17:01.0046 1500 amdagp - ok
21:17:01.0062 1500 amsint - ok
21:17:01.0078 1500 ApfiltrService - ok
21:17:01.0078 1500 AppMgmt - ok
21:17:01.0093 1500 AR5211 - ok
21:17:01.0109 1500 asc - ok
21:17:01.0109 1500 asc3350p - ok
21:17:01.0125 1500 asc3550 - ok
21:17:01.0156 1500 aspnet_state - ok
21:17:01.0156 1500 AsyncMac - ok
21:17:01.0171 1500 atapi - ok
21:17:01.0187 1500 Atdisk - ok
21:17:01.0203 1500 Atmarpc - ok
21:17:01.0203 1500 AudioSrv - ok
21:17:01.0218 1500 audstub - ok
21:17:01.0234 1500 BCM43XX - ok
21:17:01.0234 1500 BCMModem - ok
21:17:01.0250 1500 Beep - ok
21:17:01.0265 1500 BITS - ok
21:17:01.0265 1500 Brother XP spl Service - ok
21:17:01.0281 1500 Browser - ok
21:17:01.0296 1500 catchme - ok
21:17:01.0312 1500 cbidf - ok
21:17:01.0312 1500 cbidf2k - ok
21:17:01.0328 1500 CCDECODE - ok
21:17:01.0328 1500 cd20xrnt - ok
21:17:01.0343 1500 Cdaudio - ok
21:17:01.0359 1500 Cdfs - ok
21:17:01.0375 1500 Cdr4_xp - ok
21:17:01.0375 1500 Cdralw2k - ok
21:17:01.0390 1500 Cdrom - ok
21:17:01.0406 1500 CDRPDACC - ok
21:17:01.0406 1500 cdudf_xp - ok
21:17:01.0421 1500 Changer - ok
21:17:01.0421 1500 CiSvc - ok
21:17:01.0437 1500 ClipSrv - ok
21:17:01.0453 1500 clr_optimization_v2.0.50727_32 - ok
21:17:01.0453 1500 CmdIde - ok
21:17:01.0468 1500 Compbatt - ok
21:17:01.0484 1500 COMSysApp - ok
21:17:01.0500 1500 Cpqarray - ok
21:17:01.0515 1500 cpuz135 - ok
21:17:01.0515 1500 Creative Service for CDROM Access - ok
21:17:01.0546 1500 CryptSvc - ok
21:17:01.0546 1500 dac2w2k - ok
21:17:01.0562 1500 dac960nt - ok
21:17:01.0578 1500 DCamUSB20 - ok
21:17:01.0578 1500 DCamUSBSony4 - ok
21:17:01.0593 1500 DcomLaunch - ok
21:17:01.0609 1500 Dhcp - ok
21:17:01.0609 1500 Disk - ok
21:17:01.0625 1500 dmadmin - ok
21:17:01.0640 1500 dmboot - ok
21:17:01.0640 1500 dmio - ok
21:17:01.0656 1500 dmload - ok
21:17:01.0671 1500 dmserver - ok
21:17:01.0671 1500 DMusic - ok
21:17:01.0687 1500 Dnscache - ok
21:17:01.0703 1500 Dot3svc - ok
21:17:01.0703 1500 dpti2o - ok
21:17:01.0718 1500 drmkaud - ok
21:17:01.0734 1500 dvd_2K - ok
21:17:01.0734 1500 E100B - ok
21:17:01.0750 1500 EapHost - ok
21:17:01.0781 1500 EL90XBC - ok
21:17:01.0781 1500 ERSvc - ok
21:17:01.0796 1500 Eventlog - ok
21:17:01.0812 1500 EventSystem - ok
21:17:01.0828 1500 Fastfat - ok
21:17:01.0843 1500 FastUserSwitchingCompatibility - ok
21:17:01.0843 1500 Fax - ok
21:17:01.0859 1500 Fdc - ok
21:17:01.0875 1500 FileMonitor - ok
21:17:01.0875 1500 Fips - ok
21:17:01.0890 1500 Flpydisk - ok
21:17:01.0906 1500 FltMgr - ok
21:17:01.0921 1500 Fs_Rec - ok
21:17:01.0921 1500 Ftdisk - ok
21:17:01.0937 1500 getPlusHelper - ok
21:17:01.0953 1500 Gpc - ok
21:17:01.0953 1500 gupdate - ok
21:17:01.0968 1500 gupdatem - ok
21:17:01.0984 1500 helpsvc - ok
21:17:02.0000 1500 HidServ - ok
21:17:02.0000 1500 HidUsb - ok
21:17:02.0015 1500 hkmsvc - ok
21:17:02.0031 1500 hpn - ok
21:17:02.0031 1500 hpqcxs08 - ok
21:17:02.0046 1500 hpqddsvc - ok
21:17:02.0062 1500 HPSLPSVC - ok
21:17:02.0078 1500 HPZid412 - ok
21:17:02.0078 1500 HPZipr12 - ok
21:17:02.0093 1500 HPZius12 - ok
21:17:02.0109 1500 hSONYPVh - ok
21:17:02.0109 1500 HTTP - ok
21:17:02.0125 1500 HTTPFilter - ok
21:17:02.0140 1500 i2omgmt - ok
21:17:02.0140 1500 i2omp - ok
21:17:02.0156 1500 i8042prt - ok
21:17:02.0171 1500 i81x - ok
21:17:02.0171 1500 iAimFP0 - ok
21:17:02.0187 1500 iAimFP1 - ok
21:17:02.0203 1500 iAimFP2 - ok
21:17:02.0203 1500 iAimFP3 - ok
21:17:02.0218 1500 iAimFP4 - ok
21:17:02.0234 1500 iAimTV0 - ok
21:17:02.0234 1500 iAimTV1 - ok
21:17:02.0250 1500 iAimTV2 - ok
21:17:02.0265 1500 iAimTV3 - ok
21:17:02.0265 1500 iAimTV4 - ok
21:17:02.0281 1500 Imapi - ok
21:17:02.0296 1500 ImapiService - ok
21:17:02.0312 1500 IMFservice - ok
21:17:02.0328 1500 ini910u - ok
21:17:02.0343 1500 IntelIde - ok
21:17:02.0343 1500 intelppm - ok
21:17:02.0359 1500 Ip6Fw - ok
21:17:02.0375 1500 IpFilterDriver - ok
21:17:02.0375 1500 IpInIp - ok
21:17:02.0390 1500 IpNat - ok
21:17:02.0406 1500 IPSec - ok
21:17:02.0406 1500 IRENUM - ok
21:17:02.0421 1500 isapnp - ok
21:17:02.0437 1500 JavaQuickStarterService - ok
21:17:02.0437 1500 Kbdclass - ok
21:17:02.0453 1500 KLIF - ok
21:17:02.0468 1500 kmixer - ok
21:17:02.0468 1500 KSecDD - ok
21:17:02.0484 1500 L8042Kbd - ok
21:17:02.0500 1500 L8042mou - ok
21:17:02.0500 1500 lanmanserver - ok
21:17:02.0515 1500 lanmanworkstation - ok
21:17:02.0531 1500 LanscsiBus - ok
21:17:02.0531 1500 lanscsiminiport - ok
21:17:02.0546 1500 lbrtfdc - ok
21:17:02.0562 1500 LHidFilt - ok
21:17:02.0578 1500 LHidFlt2 - ok
21:17:02.0578 1500 LHidUsbK - ok
21:17:02.0593 1500 LmHosts - ok
21:17:02.0609 1500 LMouFilt - ok
21:17:02.0625 1500 LMouKE - ok
21:17:02.0625 1500 LUsbFilt - ok
21:17:02.0640 1500 MDM - ok
21:17:02.0656 1500 Messenger - ok
21:17:02.0656 1500 Microsoft Office Groove Audit Service - ok
21:17:02.0671 1500 mmc_2K - ok
21:17:02.0687 1500 mnmdd - ok
21:17:02.0687 1500 mnmsrvc - ok
21:17:02.0703 1500 Modem - ok
21:17:02.0718 1500 MODEMCSA - ok
21:17:02.0718 1500 Mouclass - ok
21:17:02.0734 1500 mouhid - ok
21:17:02.0734 1500 MountMgr - ok
21:17:02.0750 1500 mraid35x - ok
21:17:02.0765 1500 MRxDAV - ok
21:17:02.0765 1500 MRxSmb - ok
21:17:02.0781 1500 MSDTC - ok
21:17:02.0796 1500 Msfs - ok
21:17:02.0812 1500 MSIServer - ok
21:17:02.0812 1500 MSKSSRV - ok
21:17:02.0828 1500 MSPCLOCK - ok
21:17:02.0843 1500 MSPQM - ok
21:17:02.0843 1500 mssmbios - ok
21:17:02.0859 1500 MSTEE - ok
21:17:02.0875 1500 Mup - ok
21:17:02.0875 1500 NABTSFEC - ok
21:17:02.0906 1500 napagent - ok
21:17:02.0921 1500 NCHSSVAD - ok
21:17:02.0937 1500 NDIS - ok
21:17:02.0937 1500 NdisIP - ok
21:17:02.0953 1500 NdisTapi - ok
21:17:02.0968 1500 Ndisuio - ok
21:17:02.0968 1500 NdisWan - ok
21:17:02.0984 1500 NDProxy - ok
21:17:03.0000 1500 Net Driver HPZ12 - ok
21:17:03.0000 1500 NetBIOS - ok
21:17:03.0015 1500 NetBT - ok
21:17:03.0031 1500 NetDDE - ok
21:17:03.0031 1500 NetDDEdsdm - ok
21:17:03.0046 1500 Netlogon - ok
21:17:03.0062 1500 Netman - ok
21:17:03.0062 1500 NetSvc - ok
21:17:03.0078 1500 Nla - ok
21:17:03.0093 1500 Npfs - ok
21:17:03.0093 1500 Ntfs - ok
21:17:03.0109 1500 NtLmSsp - ok
21:17:03.0125 1500 NtmsSvc - ok
21:17:03.0125 1500 Null - ok
21:17:03.0140 1500 nv - ok
21:17:03.0156 1500 nvsvc - ok
21:17:03.0156 1500 NwlnkFlt - ok
21:17:03.0171 1500 NwlnkFwd - ok
21:17:03.0187 1500 odserv - ok
21:17:03.0187 1500 omci - ok
21:17:03.0203 1500 ose - ok
21:17:03.0218 1500 P3 - ok
21:17:03.0234 1500 Parport - ok
21:17:03.0234 1500 PartMgr - ok
21:17:03.0250 1500 ParVdm - ok
21:17:03.0265 1500 pbfilter - ok
21:17:03.0265 1500 PCI - ok
21:17:03.0281 1500 PCIDump - ok
21:17:03.0281 1500 PCIIde - ok
21:17:03.0296 1500 Pcmcia - ok
21:17:03.0312 1500 Pcouffin - ok
21:17:03.0328 1500 PCPitstop Scheduling - ok
21:17:03.0328 1500 PDCOMP - ok
21:17:03.0343 1500 PDFRAME - ok
21:17:03.0359 1500 PDRELI - ok
21:17:03.0359 1500 PDRFRAME - ok
21:17:03.0375 1500 perc2 - ok
21:17:03.0390 1500 perc2hib - ok
21:17:03.0421 1500 pfc - ok
21:17:03.0421 1500 PlugPlay - ok
21:17:03.0437 1500 Pml Driver HPZ12 - ok
21:17:03.0453 1500 PnkBstrA - ok
21:17:03.0453 1500 PnkBstrB - ok
21:17:03.0468 1500 Point32 - ok
21:17:03.0468 1500 PolicyAgent - ok
21:17:03.0484 1500 ppped - ok
21:17:03.0500 1500 PptpMiniport - ok
21:17:03.0500 1500 Processor - ok
21:17:03.0515 1500 ProtectedStorage - ok
21:17:03.0531 1500 PSched - ok
21:17:03.0531 1500 Ptilink - ok
21:17:03.0546 1500 pwd_2k - ok
21:17:03.0562 1500 PxHelp20 - ok
21:17:03.0562 1500 ql1080 - ok
21:17:03.0578 1500 Ql10wnt - ok
21:17:03.0593 1500 ql12160 - ok
21:17:03.0609 1500 ql1240 - ok
21:17:03.0609 1500 ql1280 - ok
21:17:03.0625 1500 RasAcd - ok
21:17:03.0640 1500 RasAuto - ok
21:17:03.0640 1500 Rasl2tp - ok
21:17:03.0656 1500 RasMan - ok
21:17:03.0671 1500 RasPppoe - ok
21:17:03.0671 1500 Raspti - ok
21:17:03.0687 1500 Rdbss - ok
21:17:03.0703 1500 RDPCDD - ok
21:17:03.0718 1500 rdpdr - ok
21:17:03.0734 1500 RDPWD - ok
21:17:03.0734 1500 RDSessMgr - ok
21:17:03.0750 1500 redbook - ok
21:17:03.0765 1500 RegFilter - ok
21:17:03.0765 1500 RemoteAccess - ok
21:17:03.0781 1500 RivaTuner32 - ok
21:17:03.0796 1500 RpcLocator - ok
21:17:03.0812 1500 RpcSs - ok
21:17:03.0812 1500 RSVP - ok
21:17:03.0828 1500 SamSs - ok
21:17:03.0843 1500 SCardSvr - ok
21:17:03.0843 1500 Schedule - ok
21:17:03.0859 1500 Secdrv - ok
21:17:03.0875 1500 seclogon - ok
21:17:03.0890 1500 SENS - ok
21:17:03.0890 1500 serenum - ok
21:17:03.0906 1500 Serial - ok
21:17:03.0921 1500 Sfloppy - ok
21:17:03.0921 1500 SharedAccess - ok
21:17:03.0937 1500 ShellHWDetection - ok
21:17:03.0953 1500 Simbad - ok
21:17:03.0953 1500 sisagp - ok
21:17:03.0968 1500 SLIP - ok
21:17:03.0984 1500 SmartDefragDriver - ok
21:17:04.0000 1500 smwdm - ok
21:17:04.0015 1500 Sparrow - ok
21:17:04.0015 1500 splitter - ok
21:17:04.0031 1500 Spooler - ok
21:17:04.0046 1500 sr - ok
21:17:04.0046 1500 srescan - ok
21:17:04.0062 1500 srservice - ok
21:17:04.0078 1500 Srv - ok
21:17:04.0078 1500 SSDPSRV - ok
21:17:04.0093 1500 StillCam - ok
21:17:04.0109 1500 stisvc - ok
21:17:04.0125 1500 streamip - ok
21:17:04.0125 1500 swenum - ok
21:17:04.0140 1500 swmidi - ok
21:17:04.0156 1500 SwPrv - ok
21:17:04.0171 1500 symc810 - ok
21:17:04.0171 1500 symc8xx - ok
21:17:04.0187 1500 sym_hi - ok
21:17:04.0203 1500 sym_u3 - ok
21:17:04.0203 1500 sysaudio - ok
21:17:04.0218 1500 SysmonLog - ok
21:17:04.0234 1500 TapiSrv - ok
21:17:04.0234 1500 Tcpip - ok
21:17:04.0250 1500 TDPIPE - ok
21:17:04.0265 1500 TDTCP - ok
21:17:04.0281 1500 TermDD - ok
21:17:04.0281 1500 TermService - ok
21:17:04.0296 1500 Themes - ok
21:17:04.0312 1500 TosIde - ok
21:17:04.0328 1500 tpcdrdrv - ok
21:17:04.0328 1500 TrkWks - ok
21:17:04.0359 1500 TSP - ok
21:17:04.0359 1500 TVICHW32 - ok
21:17:04.0375 1500 UdfReadr_xp - ok
21:17:04.0390 1500 Udfs - ok
21:17:04.0390 1500 ultra - ok
21:17:04.0406 1500 Update - ok
21:17:04.0421 1500 upnphost - ok
21:17:04.0421 1500 UPS - ok
21:17:04.0437 1500 UrlFilter - ok
21:17:04.0453 1500 Usb20Scan - ok
21:17:04.0468 1500 usbaudio - ok
21:17:04.0468 1500 usbbus - ok
21:17:04.0484 1500 usbccgp - ok
21:17:04.0500 1500 UsbDiag - ok
21:17:04.0500 1500 usbehci - ok
21:17:04.0515 1500 usbhub - ok
21:17:04.0531 1500 USBModem - ok
21:17:04.0531 1500 usbohci - ok
21:17:04.0546 1500 usbprint - ok
21:17:04.0562 1500 usbscan - ok
21:17:04.0562 1500 usbser - ok
21:17:04.0578 1500 USBSTOR - ok
21:17:04.0593 1500 usbuhci - ok
21:17:04.0609 1500 VgaSave - ok
21:17:04.0609 1500 viaagp - ok
21:17:04.0625 1500 ViaIde - ok
21:17:04.0640 1500 VolSnap - ok
21:17:04.0640 1500 vsdatant - ok
21:17:04.0656 1500 vsmon - ok
21:17:04.0671 1500 VSS - ok
21:17:04.0687 1500 w32time - ok
21:17:04.0703 1500 Wanarp - ok
21:17:04.0703 1500 wanatw - ok
21:17:04.0718 1500 Wdf01000 - ok
21:17:04.0734 1500 WDICA - ok
21:17:04.0734 1500 wdmaud - ok
21:17:04.0750 1500 WebClient - ok
21:17:04.0765 1500 winmgmt - ok
21:17:04.0781 1500 WmdmPmSN - ok
21:17:04.0812 1500 WmiApSrv - ok
21:17:04.0812 1500 WpdUsb - ok
21:17:04.0828 1500 WS2IFSL - ok
21:17:04.0843 1500 wscsvc - ok
21:17:04.0859 1500 WSTCODEC - ok
21:17:04.0859 1500 wuauserv - ok
21:17:04.0875 1500 WudfPf - ok
21:17:04.0890 1500 WudfRd - ok
21:17:04.0890 1500 WudfSvc - ok
21:17:04.0906 1500 WZCSVC - ok
21:17:04.0921 1500 x10nets - ok
21:17:04.0921 1500 xmlprov - ok
21:17:04.0937 1500 XUIF - ok
21:17:04.0953 1500 ZSMC301b - ok
21:17:04.0968 1500 ================ Scan global ===============================
21:17:04.0968 1500 [Global] - ok
21:17:04.0984 1500 ================ Scan MBR ==================================
21:17:04.0984 1500 [ 35C6B2FCDE68FACBEFE0A4A7200BAE58 ] \Device\Harddisk0\DR0
21:17:05.0171 1500 \Device\Harddisk0\DR0 - ok
21:17:05.0187 1500 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR3
21:17:19.0468 1500 \Device\Harddisk1\DR3 - ok
21:17:19.0468 1500 ================ Scan VBR ==================================
21:17:19.0703 1500 [ 962BDD4EC0D216D6DA15FDC9F46EDBD4 ] \Device\Harddisk0\DR0\Partition1
21:17:19.0703 1500 \Device\Harddisk0\DR0\Partition1 - ok
21:17:19.0718 1500 [ EE5FDADF4959B72952B9B127955DD738 ] \Device\Harddisk1\DR3\Partition1
21:17:19.0718 1500 \Device\Harddisk1\DR3\Partition1 - ok
21:17:19.0718 1500 ============================================================
21:17:19.0718 1500 Scan finished
21:17:19.0718 1500 ============================================================
21:17:19.0734 1092 Detected object count: 0
21:17:19.0734 1092 Actual detected object count: 0
21:19:10.0796 3580 ============================================================
21:19:10.0796 3580 Scan started
21:19:10.0796 3580 Mode: Manual; SigCheck; TDLFS;
21:19:10.0796 3580 ============================================================
21:19:10.0796 3580 ================ Scan system memory ========================
21:19:10.0796 3580 System memory - ok
21:19:10.0812 3580 ================ Scan services =============================
21:19:10.0843 3580 Abiosdsk - ok
21:19:10.0843 3580 abp480n5 - ok
21:19:10.0859 3580 ACPI - ok
21:19:10.0859 3580 ACPIEC - ok
21:19:10.0875 3580 ACS - ok
21:19:10.0890 3580 adpu160m - ok
21:19:10.0890 3580 AdvancedSystemCareService6 - ok
21:19:10.0906 3580 aeaudio - ok
21:19:10.0921 3580 aec - ok
21:19:10.0921 3580 AegisP - ok
21:19:10.0937 3580 Afc - ok
21:19:10.0953 3580 AFD - ok
21:19:10.0953 3580 agp440 - ok
21:19:10.0968 3580 agpCPQ - ok
21:19:10.0968 3580 Aha154x - ok
21:19:10.0984 3580 aic78u2 - ok
21:19:11.0000 3580 aic78xx - ok
21:19:11.0000 3580 Alerter - ok
21:19:11.0015 3580 ALG - ok
21:19:11.0031 3580 AliIde - ok
21:19:11.0031 3580 alim1541 - ok
21:19:11.0046 3580 amdagp - ok
21:19:11.0062 3580 amsint - ok
21:19:11.0062 3580 ApfiltrService - ok
21:19:11.0078 3580 AppMgmt - ok
21:19:11.0093 3580 AR5211 - ok
21:19:11.0093 3580 asc - ok
21:19:11.0109 3580 asc3350p - ok
21:19:11.0125 3580 asc3550 - ok
21:19:11.0156 3580 aspnet_state - ok
21:19:11.0156 3580 AsyncMac - ok
21:19:11.0171 3580 atapi - ok
21:19:11.0171 3580 Atdisk - ok
21:19:11.0187 3580 Atmarpc - ok
21:19:11.0203 3580 AudioSrv - ok
21:19:11.0218 3580 audstub - ok
21:19:11.0234 3580 BCM43XX - ok
21:19:11.0234 3580 BCMModem - ok
21:19:11.0250 3580 Beep - ok
21:19:11.0250 3580 BITS - ok
21:19:11.0265 3580 Brother XP spl Service - ok
21:19:11.0281 3580 Browser - ok
21:19:11.0281 3580 catchme - ok
21:19:11.0312 3580 cbidf - ok
21:19:11.0312 3580 cbidf2k - ok
21:19:11.0328 3580 CCDECODE - ok
21:19:11.0343 3580 cd20xrnt - ok
21:19:11.0343 3580 Cdaudio - ok
21:19:11.0359 3580 Cdfs - ok
21:19:11.0359 3580 Cdr4_xp - ok
21:19:11.0375 3580 Cdralw2k - ok
21:19:11.0390 3580 Cdrom - ok
21:19:11.0390 3580 CDRPDACC - ok
21:19:11.0406 3580 cdudf_xp - ok
21:19:11.0421 3580 Changer - ok
21:19:11.0421 3580 CiSvc - ok
21:19:11.0437 3580 ClipSrv - ok
21:19:11.0453 3580 clr_optimization_v2.0.50727_32 - ok
21:19:11.0453 3580 CmdIde - ok
21:19:11.0468 3580 Compbatt - ok
21:19:11.0468 3580 COMSysApp - ok
21:19:11.0500 3580 Cpqarray - ok
21:19:11.0500 3580 cpuz135 - ok
21:19:11.0515 3580 Creative Service for CDROM Access - ok
21:19:11.0531 3580 CryptSvc - ok
21:19:11.0531 3580 dac2w2k - ok
21:19:11.0546 3580 dac960nt - ok
21:19:11.0562 3580 DCamUSB20 - ok
21:19:11.0562 3580 DCamUSBSony4 - ok
21:19:11.0578 3580 DcomLaunch - ok
21:19:11.0593 3580 Dhcp - ok
21:19:11.0593 3580 Disk - ok
21:19:11.0609 3580 dmadmin - ok
21:19:11.0625 3580 dmboot - ok
21:19:11.0625 3580 dmio - ok
21:19:11.0640 3580 dmload - ok
21:19:11.0656 3580 dmserver - ok
21:19:11.0656 3580 DMusic - ok
21:19:11.0671 3580 Dnscache - ok
21:19:11.0687 3580 Dot3svc - ok
21:19:11.0687 3580 dpti2o - ok
21:19:11.0703 3580 drmkaud - ok
21:19:11.0703 3580 dvd_2K - ok
21:19:11.0718 3580 E100B - ok
21:19:11.0734 3580 EapHost - ok
21:19:11.0750 3580 EL90XBC - ok
21:19:11.0765 3580 ERSvc - ok
21:19:11.0765 3580 Eventlog - ok
21:19:11.0781 3580 EventSystem - ok
21:19:11.0796 3580 Fastfat - ok
21:19:11.0796 3580 FastUserSwitchingCompatibility - ok
21:19:11.0812 3580 Fax - ok
21:19:11.0828 3580 Fdc - ok
21:19:11.0828 3580 FileMonitor - ok
21:19:11.0843 3580 Fips - ok
21:19:11.0859 3580 Flpydisk - ok
21:19:11.0859 3580 FltMgr - ok
21:19:11.0875 3580 Fs_Rec - ok
21:19:11.0890 3580 Ftdisk - ok
21:19:11.0890 3580 getPlusHelper - ok
21:19:11.0906 3580 Gpc - ok
21:19:11.0921 3580 gupdate - ok
21:19:11.0921 3580 gupdatem - ok
21:19:11.0937 3580 helpsvc - ok
21:19:11.0937 3580 HidServ - ok
21:19:11.0953 3580 HidUsb - ok
21:19:11.0968 3580 hkmsvc - ok
21:19:11.0968 3580 hpn - ok
21:19:11.0984 3580 hpqcxs08 - ok
21:19:12.0000 3580 hpqddsvc - ok
21:19:12.0000 3580 HPSLPSVC - ok
21:19:12.0015 3580 HPZid412 - ok
21:19:12.0031 3580 HPZipr12 - ok
21:19:12.0031 3580 HPZius12 - ok
21:19:12.0046 3580 hSONYPVh - ok
21:19:12.0062 3580 HTTP - ok
21:19:12.0078 3580 HTTPFilter - ok
21:19:12.0078 3580 i2omgmt - ok
21:19:12.0093 3580 i2omp - ok
21:19:12.0109 3580 i8042prt - ok
21:19:12.0109 3580 i81x - ok
21:19:12.0125 3580 iAimFP0 - ok
21:19:12.0125 3580 iAimFP1 - ok
21:19:12.0140 3580 iAimFP2 - ok
21:19:12.0156 3580 iAimFP3 - ok
21:19:12.0171 3580 iAimFP4 - ok
21:19:12.0171 3580 iAimTV0 - ok
21:19:12.0187 3580 iAimTV1 - ok
21:19:12.0203 3580 iAimTV2 - ok
21:19:12.0203 3580 iAimTV3 - ok
21:19:12.0218 3580 iAimTV4 - ok
21:19:12.0234 3580 Imapi - ok
21:19:12.0250 3580 ImapiService - ok
21:19:12.0250 3580 IMFservice - ok
21:19:12.0265 3580 ini910u - ok
21:19:12.0281 3580 IntelIde - ok
21:19:12.0296 3580 intelppm - ok
21:19:12.0312 3580 Ip6Fw - ok
21:19:12.0328 3580 IpFilterDriver - ok
21:19:12.0328 3580 IpInIp - ok
21:19:12.0343 3580 IpNat - ok
21:19:12.0343 3580 IPSec - ok
21:19:12.0359 3580 IRENUM - ok
21:19:12.0375 3580 isapnp - ok
21:19:12.0390 3580 JavaQuickStarterService - ok
21:19:12.0390 3580 Kbdclass - ok
21:19:12.0406 3580 KLIF - ok
21:19:12.0421 3580 kmixer - ok
21:19:12.0421 3580 KSecDD - ok
21:19:12.0437 3580 L8042Kbd - ok
21:19:12.0453 3580 L8042mou - ok
21:19:12.0453 3580 lanmanserver - ok
21:19:12.0468 3580 lanmanworkstation - ok
21:19:12.0484 3580 LanscsiBus - ok
21:19:12.0484 3580 lanscsiminiport - ok
21:19:12.0500 3580 lbrtfdc - ok
21:19:12.0515 3580 LHidFilt - ok
21:19:12.0515 3580 LHidFlt2 - ok
21:19:12.0531 3580 LHidUsbK - ok
21:19:12.0546 3580 LmHosts - ok
21:19:12.0562 3580 LMouFilt - ok
21:19:12.0578 3580 LMouKE - ok
21:19:12.0578 3580 LUsbFilt - ok
21:19:12.0593 3580 MDM - ok
21:19:12.0609 3580 Messenger - ok
21:19:12.0609 3580 Microsoft Office Groove Audit Service - ok
21:19:12.0625 3580 mmc_2K - ok
21:19:12.0640 3580 mnmdd - ok
21:19:12.0640 3580 mnmsrvc - ok
21:19:12.0656 3580 Modem - ok
21:19:12.0671 3580 MODEMCSA - ok
21:19:12.0671 3580 Mouclass - ok
21:19:12.0687 3580 mouhid - ok
21:19:12.0703 3580 MountMgr - ok
21:19:12.0703 3580 mraid35x - ok
21:19:12.0718 3580 MRxDAV - ok
21:19:12.0718 3580 MRxSmb - ok
21:19:12.0734 3580 MSDTC - ok
21:19:12.0750 3580 Msfs - ok
21:19:12.0750 3580 MSIServer - ok
21:19:12.0765 3580 MSKSSRV - ok
21:19:12.0781 3580 MSPCLOCK - ok
21:19:12.0781 3580 MSPQM - ok
21:19:12.0796 3580 mssmbios - ok
21:19:12.0812 3580 MSTEE - ok
21:19:12.0828 3580 Mup - ok
21:19:12.0843 3580 NABTSFEC - ok
21:19:12.0843 3580 napagent - ok
21:19:12.0859 3580 NCHSSVAD - ok
21:19:12.0875 3580 NDIS - ok
21:19:12.0875 3580 NdisIP - ok
21:19:12.0890 3580 NdisTapi - ok
21:19:12.0906 3580 Ndisuio - ok
21:19:12.0906 3580 NdisWan - ok
21:19:12.0921 3580 NDProxy - ok
21:19:12.0921 3580 Net Driver HPZ12 - ok
21:19:12.0937 3580 NetBIOS - ok
21:19:12.0953 3580 NetBT - ok
21:19:12.0953 3580 NetDDE - ok
21:19:12.0968 3580 NetDDEdsdm - ok
21:19:12.0984 3580 Netlogon - ok
21:19:12.0984 3580 Netman - ok
21:19:13.0000 3580 NetSvc - ok
21:19:13.0015 3580 Nla - ok
21:19:13.0015 3580 Npfs - ok
21:19:13.0031 3580 Ntfs - ok
21:19:13.0046 3580 NtLmSsp - ok
21:19:13.0062 3580 NtmsSvc - ok
21:19:13.0062 3580 Null - ok
21:19:13.0078 3580 nv - ok
21:19:13.0093 3580 nvsvc - ok
21:19:13.0093 3580 NwlnkFlt - ok
21:19:13.0109 3580 NwlnkFwd - ok
21:19:13.0109 3580 odserv - ok
21:19:13.0125 3580 omci - ok
21:19:13.0140 3580 ose - ok
21:19:13.0156 3580 P3 - ok
21:19:13.0156 3580 Parport - ok
21:19:13.0171 3580 PartMgr - ok
21:19:13.0187 3580 ParVdm - ok
21:19:13.0187 3580 pbfilter - ok
21:19:13.0203 3580 PCI - ok
21:19:13.0218 3580 PCIDump - ok
21:19:13.0218 3580 PCIIde - ok
21:19:13.0234 3580 Pcmcia - ok
21:19:13.0250 3580 Pcouffin - ok
21:19:13.0250 3580 PCPitstop Scheduling - ok
21:19:13.0265 3580 PDCOMP - ok
21:19:13.0281 3580 PDFRAME - ok
21:19:13.0281 3580 PDRELI - ok
21:19:13.0296 3580 PDRFRAME - ok
21:19:13.0312 3580 perc2 - ok
21:19:13.0312 3580 perc2hib - ok
21:19:13.0359 3580 pfc - ok
21:19:13.0359 3580 PlugPlay - ok
21:19:13.0375 3580 Pml Driver HPZ12 - ok
21:19:13.0375 3580 PnkBstrA - ok
21:19:13.0390 3580 PnkBstrB - ok
21:19:13.0406 3580 Point32 - ok
21:19:13.0406 3580 PolicyAgent - ok
21:19:13.0421 3580 ppped - ok
21:19:13.0437 3580 PptpMiniport - ok
21:19:13.0437 3580 Processor - ok
21:19:13.0453 3580 ProtectedStorage - ok
21:19:13.0468 3580 PSched - ok
21:19:13.0468 3580 Ptilink - ok
21:19:13.0484 3580 pwd_2k - ok
21:19:13.0500 3580 PxHelp20 - ok
21:19:13.0500 3580 ql1080 - ok
21:19:13.0515 3580 Ql10wnt - ok
21:19:13.0531 3580 ql12160 - ok
21:19:13.0531 3580 ql1240 - ok
21:19:13.0546 3580 ql1280 - ok
21:19:13.0562 3580 RasAcd - ok
21:19:13.0562 3580 RasAuto - ok
21:19:13.0578 3580 Rasl2tp - ok
21:19:13.0593 3580 RasMan - ok
21:19:13.0609 3580 RasPppoe - ok
21:19:13.0609 3580 Raspti - ok
21:19:13.0625 3580 Rdbss - ok
21:19:13.0640 3580 RDPCDD - ok
21:19:13.0656 3580 rdpdr - ok
21:19:13.0671 3580 RDPWD - ok
21:19:13.0671 3580 RDSessMgr - ok
21:19:13.0687 3580 redbook - ok
21:19:13.0703 3580 RegFilter - ok
21:19:13.0703 3580 RemoteAccess - ok
21:19:13.0718 3580 RivaTuner32 - ok
21:19:13.0734 3580 RpcLocator - ok
21:19:13.0750 3580 RpcSs - ok
21:19:13.0765 3580 RSVP - ok
21:19:13.0765 3580 SamSs - ok
21:19:13.0781 3580 SCardSvr - ok
21:19:13.0796 3580 Schedule - ok
21:19:13.0812 3580 Secdrv - ok
21:19:13.0812 3580 seclogon - ok
21:19:13.0828 3580 SENS - ok
21:19:13.0843 3580 serenum - ok
21:19:13.0859 3580 Serial - ok
21:19:13.0859 3580 Sfloppy - ok
21:19:13.0875 3580 SharedAccess - ok
21:19:13.0890 3580 ShellHWDetection - ok
21:19:13.0890 3580 Simbad - ok
21:19:13.0906 3580 sisagp - ok
21:19:13.0921 3580 SLIP - ok
21:19:13.0937 3580 SmartDefragDriver - ok
21:19:13.0937 3580 smwdm - ok
21:19:13.0953 3580 Sparrow - ok
21:19:13.0953 3580 splitter - ok
21:19:13.0968 3580 Spooler - ok
21:19:13.0984 3580 sr - ok
21:19:13.0984 3580 srescan - ok
21:19:14.0000 3580 srservice - ok
21:19:14.0015 3580 Srv - ok
21:19:14.0015 3580 SSDPSRV - ok
21:19:14.0031 3580 StillCam - ok
21:19:14.0046 3580 stisvc - ok
21:19:14.0046 3580 streamip - ok
21:19:14.0062 3580 swenum - ok
21:19:14.0078 3580 swmidi - ok
21:19:14.0093 3580 SwPrv - ok
21:19:14.0109 3580 symc810 - ok
21:19:14.0125 3580 symc8xx - ok
21:19:14.0125 3580 sym_hi - ok
21:19:14.0140 3580 sym_u3 - ok
21:19:14.0156 3580 sysaudio - ok
21:19:14.0156 3580 SysmonLog - ok
21:19:14.0171 3580 TapiSrv - ok
21:19:14.0187 3580 Tcpip - ok
21:19:14.0203 3580 TDPIPE - ok
21:19:14.0203 3580 TDTCP - ok
21:19:14.0218 3580 TermDD - ok
21:19:14.0234 3580 TermService - ok
21:19:14.0234 3580 Themes - ok
21:19:14.0250 3580 TosIde - ok
21:19:14.0265 3580 tpcdrdrv - ok
21:19:14.0265 3580 TrkWks - ok
21:19:14.0281 3580 TSP - ok
21:19:14.0296 3580 TVICHW32 - ok
21:19:14.0312 3580 UdfReadr_xp - ok
21:19:14.0328 3580 Udfs - ok
21:19:14.0328 3580 ultra - ok
21:19:14.0343 3580 Update - ok
21:19:14.0359 3580 upnphost - ok
21:19:14.0375 3580 UPS - ok
21:19:14.0375 3580 UrlFilter - ok
21:19:14.0406 3580 Usb20Scan - ok
21:19:14.0406 3580 usbaudio - ok
21:19:14.0421 3580 usbbus - ok
21:19:14.0437 3580 usbccgp - ok
21:19:14.0437 3580 UsbDiag - ok
21:19:14.0453 3580 usbehci - ok
21:19:14.0453 3580 usbhub - ok
21:19:14.0468 3580 USBModem - ok
21:19:14.0484 3580 usbohci - ok
21:19:14.0484 3580 usbprint - ok
21:19:14.0500 3580 usbscan - ok
21:19:14.0515 3580 usbser - ok
21:19:14.0515 3580 USBSTOR - ok
21:19:14.0531 3580 usbuhci - ok
21:19:14.0546 3580 VgaSave - ok
21:19:14.0546 3580 viaagp - ok
21:19:14.0562 3580 ViaIde - ok
21:19:14.0578 3580 VolSnap - ok
21:19:14.0593 3580 vsdatant - ok
21:19:14.0593 3580 vsmon - ok
21:19:14.0609 3580 VSS - ok
21:19:14.0625 3580 w32time - ok
21:19:14.0640 3580 Wanarp - ok
21:19:14.0656 3580 wanatw - ok
21:19:14.0656 3580 Wdf01000 - ok
21:19:14.0671 3580 WDICA - ok
21:19:14.0687 3580 wdmaud - ok
21:19:14.0687 3580 WebClient - ok
21:19:14.0703 3580 winmgmt - ok
21:19:14.0734 3580 WmdmPmSN - ok
21:19:14.0750 3580 WmiApSrv - ok
21:19:14.0765 3580 WpdUsb - ok
21:19:14.0781 3580 WS2IFSL - ok
21:19:14.0781 3580 wscsvc - ok
21:19:14.0796 3580 WSTCODEC - ok
21:19:14.0812 3580 wuauserv - ok
21:19:14.0812 3580 WudfPf - ok
21:19:14.0828 3580 WudfRd - ok
21:19:14.0843 3580 WudfSvc - ok
21:19:14.0843 3580 WZCSVC - ok
21:19:14.0859 3580 x10nets - ok
21:19:14.0875 3580 xmlprov - ok
21:19:14.0875 3580 XUIF - ok
21:19:14.0890 3580 ZSMC301b - ok
21:19:14.0906 3580 ================ Scan global ===============================
21:19:14.0921 3580 [Global] - ok
21:19:14.0921 3580 ================ Scan MBR ==================================
21:19:14.0937 3580 [ 35C6B2FCDE68FACBEFE0A4A7200BAE58 ] \Device\Harddisk0\DR0
21:19:15.0203 3580 \Device\Harddisk0\DR0 - ok
21:19:15.0218 3580 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR3
21:19:29.0234 3580 \Device\Harddisk1\DR3 - ok
21:19:29.0234 3580 ================ Scan VBR ==================================
21:19:29.0234 3580 [ 962BDD4EC0D216D6DA15FDC9F46EDBD4 ] \Device\Harddisk0\DR0\Partition1
21:19:29.0234 3580 \Device\Harddisk0\DR0\Partition1 - ok
21:19:29.0250 3580 [ EE5FDADF4959B72952B9B127955DD738 ] \Device\Harddisk1\DR3\Partition1
21:19:29.0250 3580 \Device\Harddisk1\DR3\Partition1 - ok
21:19:29.0250 3580 ============================================================
21:19:29.0250 3580 Scan finished
21:19:29.0250 3580 ============================================================
21:19:29.0281 3488 Detected object count: 0
21:19:29.0281 3488 Actual detected object count: 0
21:20:47.0406 2368 Deinitialize success
5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555
Vino's Event Viewer v01c run on Windows XP in English
Report run at 01/02/2013 9:36:00 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/02/2013 9:33:13 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF
Log: 'System' Date/Time: 01/02/2013 9:32:56 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 01/02/2013 9:12:31 PM
Type: error Category: 0
Event: 15006 Source: HTTP
Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR is invalid. This could be because another user has already created the log file or the directory.
Log: 'System' Date/Time: 01/02/2013 9:02:14 PM
Type: error Category: 0
Event: 7016 Source: Service Control Manager
The BrSplService service has reported an invalid current state 0.
Log: 'System' Date/Time: 01/02/2013 9:01:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PowerPanel Personal Edition Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 01/02/2013 9:01:56 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Atheros Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 01/02/2013 9:00:49 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF
Log: 'System' Date/Time: 01/02/2013 9:00:47 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 01/02/2013 8:58:10 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The PowerPanel Personal Edition Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 01/02/2013 8:58:10 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Atheros Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 01/02/2013 8:48:58 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 01/02/2013 8:32:35 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF
Log: 'System' Date/Time: 01/02/2013 8:30:39 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 01/02/2013 3:22:28 PM
Type: error Category: 0
Event: 15006 Source: HTTP
Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR is invalid. This could be because another user has already created the log file or the directory.
Log: 'System' Date/Time: 01/02/2013 3:18:13 PM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
Log: 'System' Date/Time: 01/02/2013 3:16:49 PM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
Log: 'System' Date/Time: 01/02/2013 9:52:57 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF
Log: 'System' Date/Time: 01/02/2013 9:51:05 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The X10 Device Network Service service failed to start due to the following error: The system cannot find the path specified.
Log: 'System' Date/Time: 31/01/2013 10:14:47 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: KLIF
Log: 'System' Date/Time: 31/01/2013 10:13:41 AM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/02/2013 9:01:56 PM
Type: warning Category: 0
Event: 263 Source: PlugPlayManager
The service "ACS" may not have unregistered for device event notifications before it was stopped.
Log: 'System' Date/Time: 01/02/2013 8:30:40 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.
Log: 'System' Date/Time: 01/02/2013 3:22:21 PM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.
Log: 'System' Date/Time: 01/02/2013 3:19:53 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 000FB54F40E4. The IP address being used is 169.254.137.234.
Log: 'System' Date/Time: 01/02/2013 3:16:03 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 01/02/2013 9:51:01 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 01/02/2013 9:50:49 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 31/01/2013 10:12:42 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.
Log: 'System' Date/Time: 30/01/2013 2:06:34 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 30/01/2013 2:06:29 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 30/01/2013 2:06:19 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 30/01/2013 2:06:14 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 30/01/2013 2:06:14 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 30/01/2013 2:06:09 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 30/01/2013 2:06:04 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 30/01/2013 2:05:59 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 30/01/2013 10:26:11 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 000FB54F40E4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 28/01/2013 11:27:09 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.
Log: 'System' Date/Time: 28/01/2013 11:24:14 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.
Log: 'System' Date/Time: 28/01/2013 10:27:53 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{A541BE98-85DC-437C-82E2-3EBAF83AD596}.
66666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666
OTL logfile created on: 2/1/2013 9:37:57 PM - Run 8
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Charles Carey\Desktop\Removal tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 73.88% Memory free
3.85 Gb Paging File | 3.48 Gb Available in Paging File | 90.30% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 46.46 Gb Free Space | 31.18% Space Free | Partition Type: NTFS
Drive F: | 39.10 Mb Total Space | 32.45 Mb Free Space | 83.01% Space Free | Partition Type: FAT
Drive G: | 966.72 Mb Total Space | 947.38 Mb Free Space | 98.00% Space Free | Partition Type: FAT32
Computer Name: DADSDELL | User Name: Charles Carey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/01/26 16:46:49 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/01/26 14:24:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Charles Carey\Desktop\Removal tools\OTL.exe
PRC - [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/01/15 18:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2008/11/13 15:18:56 | 002,405,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
PRC - [2008/11/13 15:18:56 | 000,981,904 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\acs.exe
PRC - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () -- C:\CyberPower\ppped.exe
========== Modules (No Company Name) ========== MOD - [2013/01/19 00:22:15 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msdmo.dll
MOD - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\acs.exe
MOD - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () -- C:\CyberPower\ppped.exe
========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/26 16:46:49 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/01/15 18:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2010/01/25 10:02:20 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009/04/26 13:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2008/11/13 15:18:56 | 002,405,776 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2006/04/25 17:30:38 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\acs.exe -- (ACS)
SRV - [2005/05/06 14:12:22 | 000,466,944 | ---- | M] () [Auto | Running] -- C:\CyberPower\ppped.exe -- (ppped)
SRV - [2003/03/03 13:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbVM31b.sys -- (ZSMC301b)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klif.sys -- (TSP)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\tpcdrdrv.sys -- (tpcdrdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\LHidFlt2.sys -- (LHidFlt2)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\lanscsiminiport.sys -- (lanscsiminiport)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\LanscsiBus.sys -- (LanscsiBus)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\CHARLE~1\LOCALS~1\Temp\hSONYPVh.sys -- (hSONYPVh)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\CHARLE~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\bcmwl5.sys -- (BCM43XX)
DRV - [2012/07/05 13:54:18 | 000,016,248 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 13:54:16 | 000,030,408 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2012/01/05 18:07:40 | 000,246,816 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/09/21 09:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cpuz135_x32.sys -- (cpuz135)
DRV - [2010/11/26 18:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/06 22:24:30 | 000,019,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/08/22 13:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\RivaTuner v2.24\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009/08/11 13:43:50 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nchssvad.sys -- (NCHSSVAD)
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 11:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042mou.Sys -- (L8042mou)
DRV - [2009/05/01 16:03:38 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/05/01 16:03:38 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2008/11/13 15:19:00 | 000,353,680 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\vsdatant.sys -- (vsdatant)
DRV - [2008/04/21 07:19:58 | 000,051,648 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2007/01/23 15:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006/05/10 08:56:26 | 000,036,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006/04/25 17:30:40 | 000,469,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311T13.sys -- (AR5211)
DRV - [2005/03/02 14:26:02 | 000,018,560 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\x10ufx2.sys -- (XUIF)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2004/08/04 00:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 00:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 00:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 00:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 00:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 00:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 00:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 00:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 00:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 00:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/10/28 15:17:52 | 000,005,273 | ---- | M] (Arrowkey) [Kernel | Auto | Running] -- C:\Program Files\321Studios\Shared\CDRPDACC.SYS -- (CDRPDACC)
DRV - [2003/03/18 14:55:04 | 000,046,248 | ---- | M] (Crescentec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CsMini20.sys -- (DCamUSB20)
DRV - [2003/02/27 17:36:04 | 000,090,852 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/01/17 20:36:02 | 000,424,127 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\snyucam4.sys -- (DCamUSBSony4)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/11/11 16:52:58 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/11/05 15:56:48 | 000,012,692 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cresscan.sys -- (Usb20Scan)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...ie=utf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\..\SearchScopes\{06A26EB0-0041-46FC-85F4-B733CE0570CD}: "URL" =
http://www.google.co...ie=utf8&oe=utf8IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\..\SearchScopes\{74EA43EB-373B-48C9-A2D3-B1EB32CD68C3}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "
http://www.jeepforum.com/"FF - prefs.js..extensions.enabledAddons: %7BC0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51%7D:2.3.54
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1
FF - prefs.js..extensions.enabledAddons: %7B45d8ff86-d909-11db-9705-005056c00008%7D:1.1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.3.54
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "
http://search.yahoo....type=382950&p="FF - prefs.js..network.proxy.no_proxies_on: "localhost"
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPCShowPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/03/07 19:27:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 10:52:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 00:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/19 00:22:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/03/07 19:27:20 | 000,000,000 | ---D | M]
[2012/10/25 10:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Extensions
[2009/08/04 12:29:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Extensions\
[email protected][2013/02/01 20:26:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions
[2010/02/11 10:08:51 | 000,000,000 | ---D | M] (Answers) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2008/02/07 11:18:38 | 000,000,000 | ---D | M] (Game-Monitor Extension) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{DEDDA510-573D-44d9-BF81-F85C3FA1FE54}(2)
[2010/02/11 15:59:35 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2008/02/07 11:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\temp
[2013/01/29 12:47:35 | 000,060,243 | ---- | M] () (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
[2013/01/26 00:22:45 | 000,242,136 | ---- | M] () (No name found) -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla\Firefox\Profiles\4kv8080x.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/01/26 16:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2013/01/19 00:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/01/19 00:22:01 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2012/01/11 10:52:44 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/01/19 00:22:16 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2002/09/27 07:59:00 | 000,090,112 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NpPopup.dll
[2012/08/29 10:58:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/12 23:04:23 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - homepage:
http://www.google.com/CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
http://www.google.com/CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: AmericanGreetings.com Popup Plugin 1.0.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpPopup.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16260 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/02/01 21:10:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: cars.com ([siy] https in Trusted sites)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C}
http://messenger.zon...ry/msgrchkr.cab (Checkers Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
http://support.us.de...iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E}
http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
http://messenger.zon...nt.cab28578.cab (MessengerStatsClient Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....204&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94}
http://pcpitstop.com...cpConnCheck.cab (iCC Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}
http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.micros...b?1262649780406 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1262649770265 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6}
http://www.nick.com/.../GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
http://messenger.zon...StatsClient.cab (MessengerStatsClient Class)
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D}
http://toolbar.googl...gleActivate.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4}
http://messenger.zon...ry/ZAxRcMgr.cab (ZoneAxRcMgr Class)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F}
http://utilities.pcp...ols/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E}
http://www.microsoft.../20/SassCln.CAB (SassCln Object)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}
http://messenger.zon...ro.cab28578.cab (ZoneIntro Class)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697}
http://www.imgag.com...tall/AxCtp2.cab (Create & Print ActiveX Plug-in)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8}
http://messenger.zon...ot.cab28578.cab (CBreakshotControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
http://www.shockwave...aploader_v5.cab (Reg Error: Value error.)
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269}
http://www.shockwave...ownloadCtrl.cab (Reg Error: Value error.)
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF}
http://messenger.zon...ireShowdown.cab (Solitaire Showdown Class)
O16 - DPF: DirectAnimation Java Classes file://c:\I386\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://c:\I386\xmldso.cab (Reg Error: Key error.)
O16 - DPF: PackageCab
http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig
http://www2.verizon....vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A541BE98-85DC-437C-82E2-3EBAF83AD596}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Eudora mail\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 08:59:58 | 000,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/04/15 15:49:10 | 000,000,398 | ---- | M] () - F:\AUTOEXEC.UP -- [ FAT ]
O32 - AutoRun File - [2003/04/15 15:49:10 | 000,000,398 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Charles Carey^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg:
Apoint - hkey= - key= - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig - StartUpReg:
ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg:
DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg:
DVDSentry - hkey= - key= - File not found
MsConfig - StartUpReg:
GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg:
HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg:
IndexSearch - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
MsConfig - StartUpReg:
IntelliPoint - hkey= - key= - c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
MsConfig - StartUpReg:
Kernel and Hardware Abstraction Layer - hkey= - key= - C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
MsConfig - StartUpReg:
Logitech Hardware Abstraction Layer - hkey= - key= - C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
MsConfig - StartUpReg:
NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg:
NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg:
PaperPort PTD - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
MsConfig - StartUpReg:
QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg:
RoxioAudioCentral - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe (Roxio, Inc.)
MsConfig - StartUpReg:
RoxioDragToDisc - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe (Roxio)
MsConfig - StartUpReg:
RoxioEngineUtility - hkey= - key= - C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe (Roxio)
MsConfig - StartUpReg:
SigmaTel StacMon - hkey= - key= - C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe ()
MsConfig - StartUpReg:
SSBkgdUpdate - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
MsConfig - StartUpReg:
SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg:
WD Button Manager - hkey= - key= - File not found
MsConfig - StartUpReg:
WD_SRT - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: IMFservice - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8EFA4753-7169-4CC3-A28B-0A1643B8A39B} - Microsoft .NET Framework 1.1 Hotfix (KB886903)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: {f5de1b93-9d38-416b-b09e-aa85a8e84309} - Q818529
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.enc - C:\WINDOWS\System32\ITIG726.acm (Ingenient Technologies, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.dll (Intel® Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\SYSTEM32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\SYSTEM32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2013/02/01 20:56:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/02/01 20:54:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/02/01 20:54:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/02/01 20:54:29 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/02/01 20:54:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/02/01 20:46:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/01 20:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Desktop\Removal tools
[2013/01/28 10:39:19 | 000,029,528 | ---- | C] (IObit) -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2013/01/28 10:38:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2013/01/26 22:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Sun
[2013/01/26 16:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/01/26 16:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
[2013/01/26 16:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 6
[2013/01/26 16:47:11 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/01/26 16:47:11 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/01/26 16:47:04 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/01/26 16:47:03 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/01/26 16:47:03 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/01/23 15:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Application Data\wsInspector
[2013/01/23 15:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\My Documents\wsInspector
[2013/01/23 15:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Startup Inspector for Windows
[2013/01/23 15:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup Inspector for Windows
[2013/01/19 00:22:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/16 12:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/15 21:47:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/15 21:47:41 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/15 21:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/15 21:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\Revo Uninstaller
[2013/01/15 21:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Charles Carey\Start Menu\Programs\Revo Uninstaller
========== Files - Modified Within 30 Days ========== [2013/02/01 21:33:23 | 000,348,373 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2013/02/01 21:32:45 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/02/01 21:32:34 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1caf3eebc635d38.job
[2013/02/01 21:32:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2013/02/01 21:32:08 | 2146,488,320 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/01 21:20:19 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/01 21:10:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2013/02/01 20:56:46 | 000,000,327 | RHS- | M] () -- C:\BOOT.INI
[2013/02/01 20:11:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA.job
[2013/02/01 20:01:57 | 009,196,023 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020118080.pdf
[2013/02/01 15:23:22 | 000,002,367 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/01 13:49:44 | 001,746,414 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020114120.pdf
[2013/01/30 23:08:54 | 000,138,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013/01/29 14:30:21 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/01/29 00:11:02 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core.job
[2013/01/26 16:46:50 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/01/26 16:46:48 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/01/26 16:46:48 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/01/26 16:46:48 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/01/26 16:46:48 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/01/26 16:46:48 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/01/23 15:24:48 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\Startup Inspector for Windows.lnk
[2013/01/23 00:17:11 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Charles Carey\My Documents\resume1.pub
[2013/01/23 00:17:11 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\resume1.pub
[2013/01/18 10:11:14 | 000,002,603 | ---- | M] () -- C:\Documents and Settings\Charles Carey\install.rdf
[2013/01/15 21:23:33 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\Revo Uninstaller.lnk
[2013/01/14 11:42:28 | 013,462,931 | ---- | M] () -- C:\Documents and Settings\Charles Carey\Desktop\mbar-1.01.0.1016.zip
[2013/01/12 21:35:34 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
========== Files Created - No Company Name ========== [2013/02/01 20:56:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/02/01 20:56:42 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/02/01 20:54:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/02/01 20:54:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/02/01 20:54:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/02/01 20:54:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/02/01 20:54:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/02/01 20:01:47 | 009,196,023 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020118080.pdf
[2013/02/01 13:49:40 | 001,746,414 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\SKMBT_C22013020114120.pdf
[2013/01/28 10:39:14 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/01/28 10:39:11 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2013/01/27 00:47:54 | 000,122,225 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\09_tori-praver_16.jpg
[2013/01/27 00:46:13 | 000,154,404 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\09_cintia-dicker_02.jpg
[2013/01/23 15:24:48 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\Startup Inspector for Windows.lnk
[2013/01/23 00:20:30 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\resume1.pub
[2013/01/18 10:11:14 | 000,002,603 | ---- | C] () -- C:\Documents and Settings\Charles Carey\install.rdf
[2013/01/15 21:27:57 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/15 21:23:33 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\Revo Uninstaller.lnk
[2013/01/14 11:42:20 | 013,462,931 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Desktop\mbar-1.01.0.1016.zip
[2012/08/07 18:04:05 | 000,000,236 | ---- | C] () -- C:\Program Files\Common Files\dx.reg
[2012/08/07 18:04:03 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2012/08/07 18:04:03 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll
[2012/08/07 18:04:03 | 000,716,153 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2012/08/07 18:04:03 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll
[2012/08/07 18:04:03 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll
[2012/08/07 18:04:03 | 000,002,937 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2011/09/13 12:35:41 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011/08/13 12:55:53 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/17 08:40:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\{A9519275-C8CC-4D3F-B470-52419ACD6894}
[2011/02/13 22:46:54 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/02/13 22:46:49 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/02/13 22:46:49 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/02/13 22:46:38 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/06/11 11:46:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\AVSMediaPlayer.m3u
[2009/01/08 10:44:56 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\PFP110JPR.{PB
[2009/01/08 10:44:56 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Application Data\PFP110JCM.{PB
[2006/08/22 19:24:23 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2004/12/05 07:49:59 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\fusioncache.dat
[2004/05/05 17:51:29 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Charles Carey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ========== [2003/08/08 12:10:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: WDC WD1600AAJB-00PVA0
Partitions: 2
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 - Removable media other than\tfloppy
Interface type: USB
Media Type: Removable media other than\tfloppy
Model: HP Officejet 6500 E USB Device
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 39.00MB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 149.00GB
Starting Offset: 41126400
Hidden sectors: 0
DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 969.00MB
Starting Offset: 127488
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe >[2000/06/21 16:46:28 | 001,489,152 | R--- | M] (Microsoft Corporation) -- C:\INSTMSI.EXE
[2000/06/21 16:46:30 | 001,499,904 | R--- | M] (Microsoft Corporation) -- C:\INSTMSIW.EXE
< %systemroot%\assembly\GAC_32\*.ini > < %systemroot%\assembly\GAC_64\*.ini > < %SYSTEMDRIVE%\*.exe >[2000/06/21 16:46:28 | 001,489,152 | R--- | M] (Microsoft Corporation) -- C:\INSTMSI.EXE
[2000/06/21 16:46:30 | 001,499,904 | R--- | M] (Microsoft Corporation) -- C:\INSTMSIW.EXE
< %ALLUSERSPROFILE%\Application Data\*.exe > < %APPDATA%\*. >[2012/08/08 14:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Adobe
[2012/07/11 13:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\AdobeUM
[2008/02/07 11:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Apple Computer
[2009/03/25 11:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ArcSoft
[2008/07/31 09:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ATI
[2009/01/23 14:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\AVS4YOU
[2008/02/07 11:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Broderbund
[2008/02/07 11:17:49 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Brother
[2008/03/29 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Chessmaster Challenge
[2009/01/08 10:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Corel
[2008/02/07 11:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Creative
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\CyberLink
[2012/12/14 11:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\DDMSettings
[2012/12/23 21:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\DivX
[2012/06/09 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\DTV
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\EDrawings
[2011/09/13 12:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\FreeBurner
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Google
[2010/12/08 12:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Help
[2010/02/12 20:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\HP
[2010/11/20 01:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\HPAppData
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Identities
[2013/01/26 16:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\IObit
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Kontiki
[2008/02/07 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Lavasoft
[2008/02/07 11:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Leadertech
[2008/02/07 11:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Macromedia
[2009/10/03 14:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Malwarebytes
[2012/08/08 14:35:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Charles Carey\Application Data\Microsoft
[2008/02/07 11:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Move Networks
[2008/08/27 09:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Mozilla
[2008/02/07 11:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\MSN6
[2008/02/07 11:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\MX
[2009/08/11 13:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\NCH Swift Sound
[2008/02/07 11:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Novosoft
[2008/02/07 11:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Raptisoft
[2010/10/21 10:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Real
[2010/06/27 13:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Roxio
[2008/02/07 11:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Roxio.old
[2010/02/15 18:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ScanSoft
[2008/02/07 11:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\SmartFTP
[2008/02/07 11:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Sony Corporation
[2008/02/26 16:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\SpinTop
[2008/02/07 11:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Sun
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Symantec
[2011/06/03 11:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\SystemRequirementsLab
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Talkback
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\teamspeak2
[2009/08/04 12:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\TomTom
[2008/02/07 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\ubi.com
[2012/02/20 22:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\Ventrilo
[2008/02/07 11:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\WholeSecurity
[2012/08/01 21:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\WinRAR
[2013/01/26 12:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Charles Carey\Application Data\wsInspector
< MD5 for: ATAPI.SYS >[2002/08/29 05:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2002/08/29 05:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:atapi.sys
[2004/08/27 16:58:05 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys
[2009/03/20 11:17:13 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:atapi.sys
[2004/08/27 16:58:05 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009/03/20 11:17:13 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2003/01/31 15:43:30 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=3C33F5479520844A186C2D43ECFFD477 -- C:\I386\atapi.sys
[2002/08/29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DLLCACHE\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CSRSS.EXE >[2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\SYSTEM32\csrss.exe
[2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\SYSTEM32\DLLCACHE\csrss.exe
[2002/08/29 05:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=B82CD0AD8B605F64EAD6C46D70A2C993 -- C:\I386\CSRSS.EXE
[2004/08/04 02:56:48 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
< MD5 for: EXPLORER.EXE >[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SYSTEM32\DLLCACHE\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 02:56:49 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2002/08/29 05:00:00 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtUninstallKB820291$\explorer.exe
< MD5 for: MSWSOCK.DLL >[2002/08/29 05:00:00 | 000,228,352 | ---- | M] (Microsoft Corporation) MD5=18A8BE5A66B93F9C9615F7D4C148EDE2 -- C:\I386\MSWSOCK.DLL
[2004/08/04 02:56:44 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 12:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\ERDNT\cache\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\SYSTEM32\DLLCACHE\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\SYSTEM32\mswsock.dll
[2008/04/13 19:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/04/13 19:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
< MD5 for: NWPROVAU.DLL >[2008/04/13 19:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
[2008/04/13 19:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\SYSTEM32\DLLCACHE\nwprovau.dll
[2008/04/13 19:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\SYSTEM32\nwprovau.dll
[2002/08/29 05:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=4A3D059857FBAFFFEA7997C3839E8803 -- C:\I386\NWPROVAU.DLL
[2006/10/13 07:41:38 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=808CB47D7F6BE51B0354CD628CF45978 -- C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
[2006/10/13 07:35:12 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=AEEB687B865E1BAB04BB9C3604F92CEF -- C:\WINDOWS\$NtServicePackUninstall$\nwprovau.dll
[2004/08/04 02:56:44 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=F01D97A8E0380BA52F58249A7B3BD7F1 -- C:\WINDOWS\$NtUninstallKB923980$\nwprovau.dll
< MD5 for: PNRPNSP.DLL >[2004/08/04 02:56:44 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\$NtServicePackUninstall$\pnrpnsp.dll
[2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
[2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\SYSTEM32\DLLCACHE\pnrpnsp.dll
[2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\SYSTEM32\pnrpnsp.dll
< MD5 for: SERVICES.EXE >[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\SYSTEM32\DLLCACHE\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\SYSTEM32\services.exe
[2004/08/04 02:56:55 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2002/08/29 05:00:00 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=E3DF4A0252D287C44606EE55355E1623 -- C:\I386\SERVICES.EXE
< MD5 for: SVCHOST.EXE >[2002/08/29 05:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\I386\SVCHOST.EXE
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SYSTEM32\DLLCACHE\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SYSTEM32\svchost.exe
[2004/08/04 02:56:57 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/04 02:56:57 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2011/09/13 10:32:34 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2011/09/13 10:28:28 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2011/09/13 10:32:34 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\DLLCACHE\userinit.exe
[2011/09/13 10:32:34 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe
[2002/08/29 05:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\I386\USERINIT.EXE
< MD5 for: WINLOGON.EXE >[2004/08/04 02:56:57 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2002/08/29 05:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\I386\WINLOGON.EXE
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\DLLCACHE\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\winlogon.exe
< MD5 for: WINRNR.DLL >[2004/08/04 02:56:46 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\$NtServicePackUninstall$\winrnr.dll
[2002/08/29 05:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=54332DB2DC5B851709CD78D2DA22F2FB -- C:\I386\WINRNR.DLL
[2008/04/13 19:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
[2008/04/13 19:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\SYSTEM32\DLLCACHE\winrnr.dll
[2008/04/13 19:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\SYSTEM32\winrnr.dll
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 05:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/01/19 00:22:14 | 000,864,656 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/01/19 00:22:15 | 000,917,400 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Charles Carey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2013/01/25 21:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/05/11 06:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 05:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles >< End of report >
77777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777
OTL Extras logfile created on: 2/1/2013 9:37:58 PM - Run 8
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Charles Carey\Desktop\Removal tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 73.88% Memory free
3.85 Gb Paging File | 3.48 Gb Available in Paging File | 90.30% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 46.46 Gb Free Space | 31.18% Space Free | Partition Type: NTFS
Drive F: | 39.10 Mb Total Space | 32.45 Mb Free Space | 83.01% Space Free | Partition Type: FAT
Drive G: | 966.72 Mb Total Space | 947.38 Mb Free Space | 98.00% Space Free | Partition Type: FAT32
Computer Name: DADSDELL | User Name: Charles Carey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"9220:TCP" = 9220:TCP:*:Enabled:9220
"161:UDP" = 161:UDP:*:Enabled:161
"427:UDP" = 427:UDP:*:Enabled:427
"9500:TCP" = 9500:TCP:*:Enabled:9500
"9290:TCP" = 9290:TCP:*:Enabled:9290
"139:UDP" = 139:UDP:*:Enabled:139
"137:TCP" = 137:TCP:*:Enabled:137
"9100:TCP" = 9100:TCP:*:Enabled:9100
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"E:\setup\hpznui01.exe" = E:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (TODO: <Company name>)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Broadband Networking\MSBNUtil.exe" = C:\Program Files\Microsoft Broadband Networking\MSBNUtil.exe:*:Enabled:Microsoft Broadband Network Utility -- (Microsoft Corporation)
"C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe" = C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe:*:Enabled:Microsoft Broadband Networking Tray -- (Microsoft Corporation)
"C:\Program Files\Microsoft Broadband Networking\MSBNCfg.exe" = C:\Program Files\Microsoft Broadband Networking\MSBNCfg.exe:*:Enabled:Microsoft Broadband Networking Setup -- (Microsoft Corporation)
"C:\Program Files\Microsoft Broadband Networking\MSBNUpdate.exe" = C:\Program Files\Microsoft Broadband Networking\MSBNUpdate.exe:*:Enabled:Microsoft Broadband Networking Update -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\SmartFTP Client 2.0\SmartFTP.exe" = C:\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0 -- (SmartFTP GmbH)
"C:\Battlefield 2\BF2.exe" = C:\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqdstcp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqdstcp.exe:*:Enabled:hpqdstcp -- (Hewlett-Packard Co.)
"C:\Program Files\321Studios\Platinum\BugTool.exe" = C:\Program Files\321Studios\Platinum\BugTool.exe:*:Enabled:321 Studios Support Utility -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (TODO: <Company name>)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{FA0F0A01-4631-4161-A6C2-948BF694382E}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2: Deluxe Edition
"{07397346-C8BA-4F57-A625-55AC31108AEC}" = CyberPower PowerPanel Personal Edition
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{1A22C818-D44D-4691-BF27-8884CB5B44B1}" = AVerDVD EZMaker USB 2.0 Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{32A3A4F4-B792-11D6-A78A-00B0D0170110}" = Java SE Development Kit 7 Update 11
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369B36BE-3D64-4641-9AEA-808D436FE134}" = Microsoft Digital Image Pro 7.0
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{3F695596-85E6-4224-BC70-538F9036797A}" = MovieShop
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{55BC7EFA-D832-4EE3-9DEA-49B0C07539D9}" =
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E835305-63BB-4E55-BBB7-EEBBE67774DB}" = MyDVD
"{5F3783B7-F809-45A7-8A92-A44B441FDA7C}" = DIRECTV Player
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64116298-93C5-401D-B06C-39D8E3338508}" = DAO
"{644F9DBE-CEDB-45AF-ACB8-E26692B74F62}" = Easy CD & DVD Creator 6
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69A0D256-A72C-4C33-9413-E1C0174CA7F4}" = C-Major Audio
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6F512339-216D-4FBE-8A83-3EDCC3F03F51}" = WD Win98 SE USB Disk Driver, v1.00.09
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0
"{74335A80-207A-4112-A08F-CEB1DC229450}" = KENWOOD Music Editor
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty® 2 Patch 1.3
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC15633-2327-43F4-BA85-B83FDB4B59BE}" = Microsoft Broadband Networking
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90190409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Publisher 2003
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9EBDAF91-DADA-47CE-94F2-F5B004007934}" = System Requirements Lab
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A351224F-533A-4EED-89F4-0BF3417FD31D}" = WD Backup
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600133}" = MSN Messenger 6.2
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600777}" = MSN Messenger 7.0
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{AF131494-F5D8-45C5-938C-D5F020CF1B0D}" = Tom Clancy's Rainbow Six 3: Raven Shield
"{AFFA4BBF-051D-4926-A603-1F729240C7F7}" = COD2 RCON Commander
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C169D3BB-9A27-43F5-9979-09A0D65FE95C}" = SmartFTP Client 2.0
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEA5EF64-B694-4B79-9A2C-0FF738906A1D}" = DriverGuide Toolkit
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D1AD7439-FBCA-4345-A780-2A5617EBA9DE}" = neoDVDstandard4
"{D3943D0B-C281-4BF7-9FFB-2A4497986BF9}" = Memory Key Boot Utility
"{D4B84055-7CFB-4178-8ECF-2AEBF16FF207}" = Eudora
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}" = Ghost Recon
"{DCDC8E79-4600-4C02-9824-CD3BB8971D4E}" =
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E432C362-6A71-4E8A-A68A-AE5246520656}" = Art Explosion Scrapbook Factory
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{EFD0BFEB-980E-491B-833B-A8848E5E0F0F}" = Hyplay
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FD6C6B7F-5696-48C5-A601-2EE9E50C3D46}" = WD Firewire HID Driver
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Call of Duty" = Call of Duty
"Call of Duty - United Offensive Map and Mod Tools" = Call of Duty - United Offensive Map and Mod Tools
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60
"Creative Jukebox Driver" = Creative Jukebox Driver
"Dark Angel's Ghost Recon Mod 4.8" = Dark Angel's Ghost Recon Mod 4.8
"D-Fend Reloaded" = D-Fend Reloaded 0.9.1 (deinstall)
"dimaondtools" = Diamond Tools
"DirectX10 for Windows XP - Win2000, 2003,..._is1" = DirectX10 RC2 Pre Fix 3
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"DriverAgent.exe" = DriverAgent by eSupport.com
"DVD X Rescue" = DVD X Rescue
"DVDXCopyPlatinum" = DVD X Copy Platinum 4.0.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Easy Burner_is1" = Free Easy Burner V 5.0
"Frostbite" = Frostbite
"Frostbite Full version 1.2" = Frostbite Full version 1.2
"Game Booster_is1" = Game Booster
"Golden" = Golden Records Vinyl to CD Converter
"HijackThis" = HijackThis 1.99.1
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Install Creator Pro" = Install Creator Pro
"InstallShield_{1A22C818-D44D-4691-BF27-8884CB5B44B1}" = AVerDVD EZMaker USB 2.0 Driver
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"InstallShield_{D1AD7439-FBCA-4345-A780-2A5617EBA9DE}" = neoDVDstandard
"InterActual Player" = InterActual Player
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IrfanView" = IrfanView (remove only)
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"MSPersonalTutorMathopolis" = Microsoft Mathopolis
"MSPersonalTutorReaderRailway" = Microsoft Reader Railway
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nomad MuVo" = NOMAD MuVo
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Prism" = Prism Video Converter
"PROSet" = Intel® PRO Network Adapters and Drivers
"QCDrivers" = QuickCam Drivers
"Revo Uninstaller" = Revo Uninstaller 1.94
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Shockwave" = Shockwave
"Shockwave.com Zuma" = Shockwave.com Zuma
"Smart Defrag 2_is1" = Smart Defrag 2
"SmartFTP Client 2.0 Setup Files" = SmartFTP Client 2.0 Setup Files (remove only)
"SoundTap" = SoundTap Streaming Audio Recorder
"ST6UNST #1" = RCON 4 Call Of Duty 2 V1.0 (10/Nov/05)
"Steam" = Steam
"Switch" = Switch Sound File Converter
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeakOverlay" = TeamSpeak Overlay BETA 2 (#63)
"WavePad" = WavePad Sound Editor
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoneAlarm" = ZoneAlarm
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 12/30/2012 1:06:26 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application quicktimeplayer.exe, version 7.72.80.56, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 1/1/2013 1:49:14 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application wlancfg5.exe, version 4.3.18.306, faulting module
wcapi.dll, version 4.1.0.161, fault address 0x0000dd60.
Error - 1/1/2013 3:18:38 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.
Error - 1/14/2013 1:34:14 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.
Error - 1/14/2013 7:34:02 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.
Error - 1/15/2013 10:33:27 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.
Error - 1/16/2013 6:38:30 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.
Error - 1/21/2013 5:45:16 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.
Error - 1/24/2013 8:45:03 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.
Error - 1/29/2013 6:54:49 PM | Computer Name = DADSDELL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec674b2.
[ OSession Events ]
Error - 10/30/2010 4:30:23 PM | Computer Name = DADSDELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 827 seconds with 480 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 2/1/2013 9:58:10 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7034
Description = The Atheros Configuration Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 2/1/2013 9:58:10 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7034
Description = The PowerPanel Personal Edition Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 2/1/2013 10:00:47 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7000
Description = The X10 Device Network Service service failed to start due to the
following error: %%3
Error - 2/1/2013 10:00:49 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KLIF
Error - 2/1/2013 10:01:56 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7034
Description = The Atheros Configuration Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 2/1/2013 10:01:56 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7034
Description = The PowerPanel Personal Edition Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 2/1/2013 10:02:14 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7016
Description = The BrSplService service has reported an invalid current state 0.
Error - 2/1/2013 10:12:31 PM | Computer Name = DADSDELL | Source = HTTP | ID = 15006
Description = Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR
is invalid. This could be because another user has already created the log file
or the directory.
Error - 2/1/2013 10:32:56 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7000
Description = The X10 Device Network Service service failed to start due to the
following error: %%3
Error - 2/1/2013 10:33:13 PM | Computer Name = DADSDELL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KLIF
< End of report >
8888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888
Process PID CPU Description Company Name Verified Signer
System Idle Process 0 96.88
procexp.exe 1844 1.56 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts n/a 1.56 Hardware Interrupts and DPCs
zlclient.exe 2136 ZoneAlarm Client Check Point Software Technologies LTD (Verified) Check Point Software Technologies Ltd.
wscntfy.exe 3300 Windows Security Center Notification App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
wmiprvse.exe 2292 WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
winlogon.exe 624 Windows NT Logon Application Microsoft Corporation (Verified) Microsoft Windows Component Publisher
vsmon.exe 252 TrueVector Service Check Point Software Technologies LTD (Verified) Check Point Software Technologies Ltd.
System 4
svchost.exe 940 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 988 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1024 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1064 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1156 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1588 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1604 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1764 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1796 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 208 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 3472 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1888 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
spoolsv.exe 1392 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smss.exe 528 Windows NT Session Manager Microsoft Corporation (Verified) Microsoft Windows Component Publisher
services.exe 668 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Component Publisher
ppped.exe 1864 (Unable to verify) (null)
PnkBstrB.exe 1820 (Verified) Even Balance
PnkBstrA.exe 1808 (Verified) Even Balance
nvsvc32.exe 880 NVIDIA Driver Helper Service, Version 266.58 NVIDIA Corporation (Verified) NVIDIA Corporation
MDM.EXE 1672 Machine Debug Manager Microsoft Corporation (Verified) Microsoft Corporation
lsass.exe 680 LSA Shell (Export Version) Microsoft Corporation (Verified) Microsoft Windows Component Publisher
jusched.exe 2236 Java Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America
jqs.exe 1620 Java Quick Starter Service Oracle Corporation (Verified) Oracle America
IMFsrv.exe 1432 IObit Malware Fighter Service IObit (Verified) IObit Information Technology
fxssvc.exe 1176 Fax Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher
firefox.exe 2248 Firefox Mozilla Corporation (Verified) Mozilla Corporation
explorer.exe 584 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
CTSVCCDA.EXE 1496 Creative Service for CDROM Access Creative Technology Ltd (Unable to verify) Creative Technology Ltd
ctfmon.exe 2316 CTF Loader Microsoft Corporation (Verified) Microsoft Windows Component Publisher
csrss.exe 600 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Component Publisher
brsvc01a.exe 1356 brsvc01a brother Industries Ltd (Unable to verify) brother Industries Ltd
brss01a.exe 1384 brss01a.exe brother Industries Ltd (Unable to verify) brother Industries Ltd
ASCService.exe 840 Advanced SystemCare Service IObit (Verified) IObit Information Technology
alg.exe 3684 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher
acs.exe 1476 (Unable to verify) (null)
999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999
Summary
Operating System
Microsoft Windows XP Home Edition 32-bit SP3
CPU
Intel Pentium 4
Northwood 0.13um Technology
RAM
2.00 GB Single-Channel DDR @ 166MHz (2.5-3-3-7)
Motherboard
Dell Computer Corp. 02Y832 (Microprocessor)
Graphics
CM2019 (1280x1024@60Hz)
256MB GeForce 6200 (Undefined) 51 °C
Hard Drives
149GB Western Digital WDC WD1600AAJB-00PVA0 (PATA) 32 °C
Optical Drives
HL-DT-ST CD-ROM GCR-8481B
NEC DVD+RW ND-1100A
Audio
USB Audio Device
Operating System
Microsoft Windows XP Home Edition 32-bit SP3
Computer type: Mini Tower
Installation Date : 8/11/2003 5:24:28 PM
Serial Number:
Windows Security Center
Windows Update
AutoUpdate Not configured
Firewall
Firewall Enabled
Company Name Check Point, LTD.
Display Name ZoneAlarm Firewall
Product Version 8.0.065.000
Antivirus
Avira AntiVir PersonalEdition Classic
Antivirus Enabled
Company Name Avira GmbH
Product Version 0.0.0.0
Virus Signature Database Up to date
Microsoft Security Essentials
Antivirus Disabled
Company Name Microsoft Corporation
Product Version 4.0.1526.0
Virus Signature Database Up to date
.NET Frameworks installed
v2.0 SP1
v1.1 SP1
Internet Explorer
Version 8.0.6001.18702
Java
Java Runtime Environment
Path C:\Program Files\Java\jdk1.7.0_11\bin\java.exe
Version 7.0
Update 11
Build 21
Java Runtime Environment
Path C:\Program Files\Java\jre7\bin\java.exe
Version 7.0
Update 11
Build 21
Environment Variables
USERPROFILE C:\Documents and Settings\Charles Carey
SystemRoot C:\WINDOWS
User Variables
TEMP C:\Documents and Settings\Charles Carey\Local Settings\Temp
TMP C:\Documents and Settings\Charles Carey\Local Settings\Temp
Machine Variables
CLASSPATH .;"C\QTJava.zip";C:\Program Files\Java\jre6\lib\ext\QTJava.zip
ComSpec C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK NO
NUMBER_OF_PROCESSORS 1
OS Windows_NT
Path C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\system32\wbem
C:\Program Files\Sonic\MyDVD
C:\Program Files\Common Files\Roxio Shared\DLLShared
C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier
C:\Program Files\Common Files\DivX Shared
C:\Program Files\Common Files\HP\Digital Imaging\bin
C:\Program Files\HP\Digital Imaging\bin
C:\Program Files\HP\Digital Imaging\bin\Qt\Qt 4.3.3
C:\Program Files\QuickTime\QTSystem
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE x86
PROCESSOR_IDENTIFIER x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL 15
PROCESSOR_REVISION 0209
PS5ROOT C:\Program Files\Roxio\Easy CD Creator 6\PhotoSuite\
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
tvdumpflags 8
windir C:\WINDOWS
QTJAVA C:\Program Files\Java\jre6\lib\ext\QTJava.zip
Power Profile
Active power scheme Gaming Mode Power Plan
Hibernation Enabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Hard Disk after: (On AC Power) Never
Suspend after: (On AC Power) Never
Screen saver Enabled
Uptime
Current Session
Current Time 2/1/2013 11:53:33 PM
Current Uptime 8,502 sec (0 d, 02 h, 21 m, 42 s)
Last Boot Time 2/1/2013 9:31:51 PM
TimeZone
TimeZone GMT -5:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Process List
acs.exe
Process ID 1476
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\SYSTEM32\acs.exe
Memory Usage 6.05 MB
Peak Memory Usage 6.05 MB
alg.exe
Process ID 3684
Path C:\WINDOWS\System32\alg.exe
Memory Usage 3.52 MB
Peak Memory Usage 3.53 MB
ascservice.exe
Process ID 840
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
Memory Usage 756KB
Peak Memory Usage 22 MB
brss01a.exe
Process ID 1384
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\brss01a.exe
Memory Usage 1.82 MB
Peak Memory Usage 10 MB
brsvc01a.exe
Process ID 1356
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\brsvc01a.exe
Memory Usage 1.27 MB
Peak Memory Usage 1.28 MB
csrss.exe
Process ID 600
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\csrss.exe
Memory Usage 3.84 MB
Peak Memory Usage 7.66 MB
ctfmon.exe
Process ID 2316
User Charles Carey
Domain DADSDELL
Path C:\WINDOWS\system32\ctfmon.exe
Memory Usage 3.52 MB
Peak Memory Usage 3.61 MB
ctsvccda.exe
Process ID 1496
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\CTsvcCDA.EXE
Memory Usage 1.38 MB
Peak Memory Usage 1.38 MB
explorer.exe
Process ID 584
User Charles Carey
Domain DADSDELL
Path C:\WINDOWS\Explorer.EXE
Memory Usage 1.81 MB
Peak Memory Usage 26 MB
firefox.exe
Process ID 2248
User Charles Carey
Domain DADSDELL
Path C:\Program Files\Mozilla Firefox\firefox.exe
Memory Usage 121MB
Peak Memory Usage 174MB
fxssvc.exe
Process ID 1176
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\fxssvc.exe
Memory Usage 3.52 MB
Peak Memory Usage 3.52 MB
imfsrv.exe
Process ID 1432
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
Memory Usage 2.02 MB
Peak Memory Usage 4.41 MB
jqs.exe
Process ID 1620
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Java\jre7\bin\jqs.exe
Memory Usage 1.36 MB
Peak Memory Usage 28 MB
jusched.exe
Process ID 2236
User Charles Carey
Domain DADSDELL
Path C:\Program Files\Common Files\Java\Java Update\jusched.exe
Memory Usage 96 KB
Peak Memory Usage 2.62 MB
lsass.exe
Process ID 680
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\lsass.exe
Memory Usage 1.70 MB
Peak Memory Usage 6.25 MB
mdm.exe
Process ID 1672
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Memory Usage 3.25 MB
Peak Memory Usage 3.26 MB
nvsvc32.exe
Process ID 880
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\nvsvc32.exe
Memory Usage 5.91 MB
Peak Memory Usage 7.95 MB
pnkbstra.exe
Process ID 1808
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\PnkBstrA.exe
Memory Usage 2.45 MB
Peak Memory Usage 2.45 MB
pnkbstrb.exe
Process ID 1820
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\PnkBstrB.exe
Memory Usage 2.66 MB
Peak Memory Usage 2.66 MB
ppped.exe
Process ID 1864
User SYSTEM
Domain NT AUTHORITY
Path C:\CyberPower\ppped.exe
Memory Usage 4.15 MB
Peak Memory Usage 4.85 MB
services.exe
Process ID 668
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\services.exe
Memory Usage 5.77 MB
Peak Memory Usage 5.82 MB
smss.exe
Process ID 528
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 420KB
Peak Memory Usage 704KB
speccy.exe
Process ID 2524
User Charles Carey
Domain DADSDELL
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 25 MB
Peak Memory Usage 42 MB
spoolsv.exe
Process ID 1392
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\spoolsv.exe
Memory Usage 6.04 MB
Peak Memory Usage 7.21 MB
svchost.exe
Process ID 1796
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 2.88 MB
Peak Memory Usage 2.88 MB
svchost.exe
Process ID 940
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.77 MB
Peak Memory Usage 4.86 MB
svchost.exe
Process ID 208
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 4.78 MB
Peak Memory Usage 4.86 MB
svchost.exe
Process ID 1024
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 26 MB
Peak Memory Usage 26 MB
svchost.exe
Process ID 1064
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.31 MB
Peak Memory Usage 3.34 MB
svchost.exe
Process ID 1156
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 3.57 MB
Peak Memory Usage 4.16 MB
svchost.exe
Process ID 1588
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.87 MB
Peak Memory Usage 5.99 MB
svchost.exe
Process ID 1604
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 7.13 MB
Peak Memory Usage 7.15 MB
svchost.exe
Process ID 3472
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 3.73 MB
Peak Memory Usage 3.89 MB
svchost.exe
Process ID 1888
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 7.09 MB
Peak Memory Usage 7.11 MB
svchost.exe
Process ID 988
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.22 MB
Peak Memory Usage 4.25 MB
svchost.exe
Process ID 1764
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 2.91 MB
Peak Memory Usage 2.91 MB
system
Process ID 4
Memory Usage 224KB
Peak Memory Usage 9.63 MB
system idle process
Process ID 0
vsmon.exe
Process ID 252
winlogon.exe
Process ID 624
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\winlogon.exe
Memory Usage 4.11 MB
Peak Memory Usage 22 MB
wmiprvse.exe
Process ID 2264
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 8.56 MB
Peak Memory Usage 10 MB
wmiprvse.exe
Process ID 2292
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 4.92 MB
Peak Memory Usage 4.93 MB
wscntfy.exe
Process ID 3300
User Charles Carey
Domain DADSDELL
Path C:\WINDOWS\system32\wscntfy.exe
Memory Usage 296KB
Peak Memory Usage 2.12 MB
zlclient.exe
Process ID 2136
Scheduler
2/2/2013 12:11 AM;Every 1 hour(s) from 12:11 AM for 24 hour(s) every day, starting 9/9/2012 GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007UA
2/2/2013 12:11 AM;At 12:11 AM every day, starting 9/9/2012 GoogleUpdateTaskUserS-1-5-21-3162243025-2914418921-482965129-1007Core
2/2/2013 12:20 AM;Every 1 hour(s) from 7:20 PM for 24 hour(s) every day, starting 9/17/2012 GoogleUpdateTaskMachineUA
2/2/2013 7:20 PM;Run at user logon GoogleUpdateTaskMachineCore1caf3eebc635d38
Run at user logon SmartDefragUpdate
Hotfixes
1/29/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1078.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/28/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.990.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/27/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.931.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/25/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.856.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/24/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.723.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/22/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.455.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/20/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.376.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/19/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.370.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/18/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.265.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/17/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.103.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/15/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3946.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/14/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3868.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/13/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3811.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/11/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3721.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/10/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3608.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/9/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3520.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/7/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3314.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/5/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3225.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/3/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3062.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/1/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2916.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/31/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2863.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2800.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2655.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2573.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2498.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/22/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2452.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/20/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2314.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/18/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2140.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2032.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1943.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/13/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1788.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1697.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/11/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1598.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/9/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1470.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/8/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1431.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/6/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1254.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/5/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1166.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/3/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.979.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/1/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.912.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/30/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.828.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.742.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.571.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.437.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.368.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/23/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.282.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.153.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/19/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2377.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2307.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2168.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2160.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/14/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2054.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1888.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1805.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/9/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1734.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/8/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1623.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/6/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1448.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/5/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1329.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/3/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1296.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/1/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1140.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.863.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.745.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.670.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/25/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.593.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.508.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/23/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.405.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.281.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/20/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.228.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/18/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.67.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/16/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1929.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/13/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1741.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1663.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1511.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/9/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1401.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/7/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1273.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/6/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1243.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/5/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1185.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/3/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.1026.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/1/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.832.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.748.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/28/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.673.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.596.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.501.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.310.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/22/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.246.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.176.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/19/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1568.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1409.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1326.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/13/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1173.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.1067.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.873.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/8/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.790.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/7/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.699.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/5/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.530.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/4/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.434.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/1/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.304.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/31/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.225.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.135.74.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/27/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.427.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/25/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.316.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/23/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.200.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.61.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/20/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.2365.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/18/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.2322.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.2256.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.2131.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/12/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.1879.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.1793.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
8/9/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/9/2012 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2387149)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2707511)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2659262)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2478971)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/8/2012 Security Update for Windows XP (KB2491683)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Update for Windows XP (KB2345886)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
8/8/2012 Security Update for Windows XP (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2646524)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2585542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/8/2012 Security Update for Windows XP (KB2631813)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2296011)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2691442)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2718523)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB975558)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2443105)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2655992)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
8/8/2012 Security Update for Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package (KB2565063)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2481109)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2485663)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2598479)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2440591)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2686509)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB982132)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2507938)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2476490)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2347290)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2483185)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2624667)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB979687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2719985)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2592799)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Update for Windows XP (KB2718704)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
8/8/2012 Windows Malicious Software Removal Tool - July 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/8/2012 Update Rollup for ActiveX Killbits for Windows XP (KB2695962)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2535512)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2699988)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/8/2012 Security Update for Windows XP (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2685939)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB981322)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2507618)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Security Update for Windows XP (KB2603381)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/8/2012 Microsoft .NET Framework 2.0 Service Pack 1 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB953300)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.