Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by User at 2013-10-12 19:59:49 Run:3
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB212] - command /c del "C:\WINDOWS\system32\nqBeNXyb.ini2"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD8548] - cmd /c del "C:\WINDOWS\system32\nqBeNXyb.ini2"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB4962] - command /c del "C:\WINDOWS\system32\nqBeNXyb.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD4629] - cmd /c del "C:\WINDOWS\system32\nqBeNXyb.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB9292] - command.com /c del "C:\Program Files\Application Updater\config.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD2776] - cmd.exe /c del "C:\Program Files\Application Updater\config.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB7206] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\baidu_ff.xml"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD623] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\baidu_ff.xml"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB4635] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\baidu_ie.xml"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD3117] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\baidu_ie.xml"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB8955] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\config.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD6534] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\config.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB1676] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\yandex_ff.xml"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD6326] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\yandex_ff.xml"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB7234] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\yandex_ie.xml"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD8805] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\yandex_ie.xml"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB3523] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1031.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD6481] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1031.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB1400] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1033.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD3854] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1033.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB5520] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1034.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD6325] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1034.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB1850] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1036.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD2173] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1036.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB4402] - command.com /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1040.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD7390] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1040.ini"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB1973] - command.com /c del "C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD262] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingB7254] - command.com /c del "C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [SpybotDeletingD204] - cmd.exe /c del "C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt"
HKU\Administrator.VERYFASTUSER\...\RunOnce: [Report] - C:\AdwCleaner\AdwCleaner[S2].txt [ 2013-10-08] ()
*****************
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB212 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD8548 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB4962 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD4629 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB9292 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD2776 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB7206 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD623 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB4635 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD3117 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB8955 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD6534 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB1676 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD6326 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB7234 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD8805 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB3523 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD6481 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB1400 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD3854 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB5520 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD6325 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB1850 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD2173 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB4402 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD7390 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB1973 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD262 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB7254 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD204 => Value deleted successfully.
HKU\Administrator.VERYFASTUSER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Report => Value deleted successfully.
==== End of Fixlog ====
Vino's Event Viewer v01c run on Windows XP in English
Report run at 12/10/2013 8:04:25 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vino's Event Viewer v01c run on Windows XP in English
Report run at 12/10/2013 8:11:35 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/10/2013 8:02:49 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error: %%1290
Log: 'System' Date/Time: 12/10/2013 8:02:49 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1290" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Log: 'System' Date/Time: 12/10/2013 8:02:37 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error: %%1290
Log: 'System' Date/Time: 12/10/2013 8:02:37 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1290" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Log: 'System' Date/Time: 12/10/2013 8:02:30 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error: %%1290
Log: 'System' Date/Time: 12/10/2013 7:25:25 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error: %%1290
Log: 'System' Date/Time: 12/10/2013 7:25:25 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1290" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Log: 'System' Date/Time: 12/10/2013 7:25:08 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error: %%1290
Log: 'System' Date/Time: 12/10/2013 7:25:08 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1290" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Log: 'System' Date/Time: 12/10/2013 7:25:04 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error: %%1290
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/10/2013 7:40:30 PM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Log: 'System' Date/Time: 12/10/2013 4:48:11 PM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by User (administrator) on VERYFASTUSER on 12-10-2013 20:07:14
Running from C:\Documents and Settings\User\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(ArcSoft, Inc.) C:\Temp\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\WgaTray.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPNSCFG.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKCU\...\Run: [cdloader] - C:\Documents and Settings\User\Application Data\mjusbsp\cdloader2.exe [50592 2011-08-23] (magicJack L.P.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2006-10-18] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF0F71F77E4C6CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search
SearchScopes: HKCU - {0D7191D1-C6C9-4AE4-9515-1735958A3719} URL =
http://search.yahoo....=utf-8&fr=b2ie7
SearchScopes: HKCU - {3F8C7A0E-E4EB-4196-9531-4D194A1B16C0} URL =
http://search.micros...q={searchTerms}
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL =
http://search.yahoo....p={searchTerms}
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.micr.../OGAControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.micros...b?1280912913343
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\5haej2ap.default-1381604455187
FF Homepage: hxxp://www.msn.com/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @videolan.org/vlc,version=1.1.11 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Documents and Settings\User\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
==================== Services (All) ========================
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257416 2013-10-09] (Adobe Systems Incorporated)
S4 Alerter; C:\Windows\system32\alrsvc.dll [17408 2008-04-13] (Microsoft Corporation)
R3 ALG; C:\Windows\System32\alg.exe [44544 2008-04-13] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [167936 2008-04-13] (Microsoft Corporation)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\audiosrv.dll [42496 2008-04-13] (Microsoft Corporation)
S2 BITS; C:\Windows\System32\qmgr.dll [409088 2008-04-13] (Microsoft Corporation)
R2 Browser; C:\Windows\System32\browser.dll [77824 2008-04-13] (Microsoft Corporation)
S3 cisvc; C:\Windows\system32\cisvc.exe [5632 2008-04-13] (Microsoft Corporation)
S3 ClipSrv; C:\Windows\system32\clipsrv.exe [33280 2008-04-13] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [5120 2008-04-13] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\System32\cryptsvc.dll [62464 2008-04-13] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\Windows\System32\dhcpcsvc.dll [126976 2008-04-13] (Microsoft Corporation)
S3 dmadmin; C:\Windows\System32\dmadmin.exe [224768 2008-04-13] (Microsoft Corp., Veritas Software)
R2 dmserver; C:\Windows\System32\dmserver.dll [23552 2008-04-13] (Microsoft Corp.)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\Windows\System32\dot3svc.dll [132096 2008-04-13] (Microsoft Corporation)
S3 EapHost; C:\Windows\System32\eapsvc.dll [33792 2008-04-13] (Microsoft Corporation)
R2 ERSvc; C:\Windows\System32\ersvc.dll [23040 2008-04-13] (Microsoft Corporation)
R2 Eventlog; C:\Windows\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R3 EventSystem; C:\WINDOWS\System32\es.dll [253952 2008-07-07] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\Windows\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-10-10] (Macrovision Europe Ltd.)
S3 FontCache3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-13] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\System32\kmsvc.dll [61440 2008-04-13] (Microsoft Corporation)
R3 HTTPFilter; C:\Windows\System32\w3ssl.dll [15872 2008-04-13] (Microsoft Corporation)
S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\Windows\system32\imapi.exe [150528 2008-04-13] (Microsoft Corporation)
R2 lanmanserver; C:\Windows\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation)
R2 lanmanworkstation; C:\Windows\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation)
R2 LmHosts; C:\Windows\System32\lmhsvc.dll [13824 2008-04-13] (Microsoft Corporation)
S4 Messenger; C:\Windows\System32\msgsvc.dll [33792 2008-04-13] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\System32\mnmsrvc.exe [32768 2008-04-13] (Microsoft Corporation)
S4 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [118680 2013-09-18] (Mozilla Foundation)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [6144 2008-04-13] (Microsoft Corporation)
S3 MSIServer; C:\Windows\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation)
S3 napagent; C:\Windows\System32\qagentrt.dll [291328 2008-04-13] (Microsoft Corporation)
S4 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208 2009-06-18] (Nero AG)
S4 NetBurnerService; C:\Program Files\Paragon Software\Drive Backup 8.5 Professional\Net Burner Service\NetBurnerService.exe [223248 2007-02-21] (Paragon GmbH)
S4 NetDDE; C:\Windows\system32\netdde.exe [111104 2008-04-13] (Microsoft Corporation)
S4 NetDDEdsdm; C:\Windows\system32\netdde.exe [111104 2008-04-13] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [13312 2008-04-13] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [198144 2008-04-13] (Microsoft Corporation)
S4 NetTcpPortSharing; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
R3 Nla; C:\Windows\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
S3 NtLmSsp; C:\Windows\System32\lsass.exe [13312 2008-04-13] (Microsoft Corporation)
S3 NtmsSvc; C:\Windows\system32\ntmssvc.dll [435200 2008-04-13] (Microsoft Corporation)
S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S4 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [87344 2009-09-01] (Prolific Technology Inc.)
R2 PlugPlay; C:\Windows\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R2 PolicyAgent; C:\Windows\system32\lsass.exe [13312 2008-04-13] (Microsoft Corporation)
R2 ProtectedStorage; C:\Windows\system32\lsass.exe [13312 2008-04-13] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [88576 2008-04-13] (Microsoft Corporation)
R3 RasMan; C:\Windows\System32\rasmans.dll [186368 2008-04-13] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-13] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [53248 2008-04-13] (Microsoft Corporation)
R2 RemoteRegistry; C:\Windows\system32\regsvc.dll [59904 2008-04-13] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\System32\locator.exe [75264 2008-04-13] (Microsoft Corporation)
R2 RpcSs; C:\Windows\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S3 RSVP; C:\Windows\System32\rsvp.exe [132608 2001-08-23] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [13312 2008-04-13] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.exe [95744 2008-04-13] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [192512 2008-04-13] (Microsoft Corporation)
R2 seclogon; C:\Windows\System32\seclogon.dll [18944 2008-04-13] (Microsoft Corporation)
R2 SENS; C:\Windows\system32\sens.dll [39424 2008-04-13] (Microsoft Corporation)
R2 SharedAccess; C:\Windows\System32\ipnathlp.dll [331264 2008-04-13] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 Spooler; C:\Windows\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 srservice; C:\Windows\system32\srsvc.dll [171008 2008-04-13] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [71680 2008-04-13] (Microsoft Corporation)
R2 stisvc; C:\Windows\system32\wiaservc.dll [333824 2008-04-13] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS\System32\dllhost.exe [5120 2008-04-13] (Microsoft Corporation)
S3 SysmonLog; C:\Windows\system32\smlogsvc.exe [89600 2008-04-13] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [249856 2008-04-13] (Microsoft Corporation)
R3 TermService; C:\Windows\System32\termsrv.dll [295424 2008-04-13] (Microsoft Corporation)
R2 Themes; C:\Windows\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S3 TlntSvr; C:\WINDOWS\System32\tlntsvr.exe [73216 2008-04-13] (Microsoft Corporation)
R2 TrkWks; C:\Windows\system32\trkwks.dll [90112 2008-04-13] (Microsoft Corporation)
R2 uCamMonitor; C:\Temp\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R3 upnphost; C:\Windows\System32\upnphost.dll [185856 2008-04-13] (Microsoft Corporation)
S3 UPS; C:\Windows\System32\ups.exe [18432 2008-04-13] (Microsoft Corporation)
S3 VSS; C:\Windows\System32\vssvc.exe [289792 2008-04-13] (Microsoft Corporation)
R2 W32Time; C:\Windows\system32\w32time.dll [175104 2008-04-13] (Microsoft Corporation)
R2 WebClient; C:\Windows\System32\webclnt.dll [68096 2008-04-13] (Microsoft Corporation)
R2 winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [144896 2008-04-13] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-19] (Microsoft Corporation)
S3 Wmi; C:\Windows\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS\System32\wbem\wmiapsrv.exe [126464 2008-04-13] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504 2010-03-18] (Microsoft Corporation)
R2 wscsvc; C:\Windows\system32\wscsvc.dll [80896 2008-04-13] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [439808 2008-05-27] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuauserv.dll [6656 2008-04-13] (Microsoft Corporation)
R2 WudfSvc; C:\Windows\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\System32\wzcsvc.dll [483840 2008-04-13] (Microsoft Corporation)
S3 xmlprov; C:\Windows\System32\xmlprov.dll [129024 2008-04-13] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [14336 2008-04-25] (ArcSoft, Inc.)
S3 CA561; C:\Windows\System32\Drivers\SPCA561.SYS [119798 2002-10-01] (SP)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [134616 2010-08-02] (Deterministic Networks, Inc.)
R3 FET5X86V; C:\Windows\System32\DRIVERS\fetnd5bv.sys [42496 2007-02-27] (VIA Technologies, Inc. )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R0 hotcore3; C:\Windows\System32\drivers\hotcore3.sys [38448 2007-02-21] (Paragon Software Group)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 NetBurn; C:\Windows\System32\DRIVERS\NetBurn.sys [84752 2007-02-21] (Rocket Division Software)
R3 S3GIGP; C:\Windows\System32\DRIVERS\S3gIGPm.sys [714240 2007-06-04] (S3 Graphics Co., Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [32352 2007-02-21] (Windows ® 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [131456 2007-02-21] (Paragon)
R0 viaagp1; C:\Windows\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
R0 ViBus; C:\Windows\System32\DRIVERS\ViBus.sys [16896 2007-03-26] (VIA Technologies, Inc.)
R0 videX32; C:\Windows\System32\DRIVERS\videX32.sys [9216 2007-03-29] (VIA Technologies, Inc.)
R0 ViPrt; C:\Windows\System32\DRIVERS\ViPrt.sys [52224 2007-03-26] (VIA Technologies, Inc.)
R0 xfilt; C:\Windows\System32\DRIVERS\xfilt.sys [22168 2009-05-05] (VIA Technologies,Inc)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
========================== Drivers MD5 =======================
C:\Windows\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\Windows\System32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\Windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\Windows\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys 35A6A419D7526F5CF824AFB23AFA08D6
C:\Windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\Windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Windows\System32\Drivers\SPCA561.SYS 50DED7C73E0FB40693EDAB8CAD7C46E7
C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\Windows\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\Windows\System32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\Windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\Windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\Windows\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\Windows\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\Windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\Windows\System32\DRIVERS\dne2000.sys 04E6D6842778A76D25A952BAA22C409F
C:\Windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\Windows\System32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\Windows\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\Windows\System32\DRIVERS\fetnd5bv.sys 5FAA391F5B4CD2C38BE7CA270E13B444
C:\Windows\System32\DRIVERS\fetnd5.sys E9648254056BCE81A85380C0C3647DC4
C:\Windows\System32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\Windows\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\Windows\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\Windows\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\Windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\Windows\System32\drivers\grmnusb.sys CEC45180029F1012054A41CEEEA9CEAB
C:\Windows\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\Windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\Windows\System32\drivers\hotcore3.sys 944CCB9C681CD4991A7929A9D20AC579
C:\Windows\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\Windows\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\Windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\Windows\System32\drivers\RtkHDAud.sys 915CE2A58C6917E3C53BE1E91FA66BA8
C:\Windows\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\Windows\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\Windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\Windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\Windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\Windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\Windows\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\Windows\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\Windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\Windows\System32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\Windows\System32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\Windows\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\Windows\System32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\Windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\Windows\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\Windows\System32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\Windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\Windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\Windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\Windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\Windows\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\Windows\System32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\Windows\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\Windows\System32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\Windows\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\Windows\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\Windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\Windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\Windows\System32\Drivers\NDProxy.sys 9282BD12DFB069D3889EB3FCC1000A9B
C:\Windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\Windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\Windows\System32\DRIVERS\NetBurn.sys 521AC031B415AE02C4C18AC5085A32F1
C:\Windows\System32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\Windows\System32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\Windows\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\Windows\System32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\Windows\System32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\Windows\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\Windows\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\Windows\System32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\Windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\Windows\System32\DRIVERS\processr.sys A32BEBAF723557681BFC6BD93E98BD26
C:\Windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\Windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\Windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\Windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\Windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\Windows\System32\Drivers\RDPWD.sys 6589DB6E5969F8EEE594CF71171C5028
C:\Windows\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\Windows\System32\Drivers\RimUsb.sys 4F4A4C09CC5BE58A76CAC1C337E004E6
C:\Windows\System32\DRIVERS\RimSerial.sys 3A5633AD615E2B15291BD0B1B97CCD8A
C:\Windows\System32\Drivers\RootMdm.sys D8B0B4ADE32574B2D9C5CC34DC0DBBE7
C:\Windows\System32\DRIVERS\S3gIGPm.sys BE0EA04C57E2B6BDC135DEFFE786B493
C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\Windows\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\Windows\System32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\Windows\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\Windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\Windows\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\Windows\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\Windows\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\Windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\Windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\Windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\Windows\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\Windows\System32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\Windows\System32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\Windows\System32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\Windows\System32\DRIVERS\UimBus.sys 5741D8BC26F43D2761AB45E85317B7AD
C:\Windows\System32\Drivers\Uim_IM.sys 37A8F2FF6EB760B018C9F987A4E676ED
C:\Windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\Windows\System32\drivers\usbaudio.sys E919708DB44ED8543A7C017953148330
C:\Windows\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8
C:\Windows\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7
C:\Windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\Windows\System32\DRIVERS\usbscan.sys A0B8CF9DEB1184FBDD20784A58FA75D4
C:\Windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\Windows\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\Windows\System32\Drivers\usbvideo.sys 63BBFCA7F390F4C49ED4B96BFB1633E0
C:\Windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\Windows\System32\DRIVERS\viaagp1.sys 4B039BBD037B01F5DB5A144C837F283A
C:\Windows\System32\DRIVERS\viaide.sys 3B3EFCDA263B8AC14FDF9CBDD0791B2E
C:\Windows\System32\DRIVERS\ViBus.sys FD85C55B66797542A8C8A7348ED0675A
C:\Windows\System32\DRIVERS\videX32.sys 510B5097E81CD36D603D7D5C93820BBD
C:\Windows\System32\DRIVERS\ViPrt.sys 7C69B1B6DEC5F8584AA352E522AF1476
C:\Windows\System32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\Windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\Windows\System32\Drivers\wdf01000.sys D918617B46457B9AC28027722E30F647
C:\Windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\Windows\System32\DRIVERS\wimfltr.sys F9AD3A5E3FD7E0BDB18B8202B0FDD4E4
C:\Windows\System32\DRIVERS\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104
C:\Windows\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\Windows\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\Windows\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\Windows\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B
C:\Windows\System32\DRIVERS\xfilt.sys A1B2B0211441F9C822F8CBC0C2D1B41E
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-12 20:06 - 2013-10-12 20:06 - 00003092 _____ C:\VEW System.txt
2013-10-12 20:04 - 2013-10-12 20:04 - 00000358 _____ C:\Documents and Settings\User\Desktop\VEW Application.txt
2013-10-12 10:22 - 2013-10-12 10:22 - 00106496 _____ C:\WINDOWS\Minidump\Mini101213-02.dmp
2013-10-12 08:29 - 2013-10-12 08:29 - 00106496 _____ C:\WINDOWS\Minidump\Mini101213-01.dmp
2013-10-11 16:52 - 2013-10-11 16:52 - 00003365 _____ C:\junk.txt
2013-10-11 16:43 - 2013-10-11 16:43 - 00000000 ____D C:\Documents and Settings\User\Start Menu\Programs\NirSoft BlueScreenView
2013-10-11 16:16 - 2013-10-11 16:16 - 00106496 _____ C:\WINDOWS\Minidump\Mini101113-01.dmp
2013-10-10 18:00 - 2013-10-10 18:00 - 00000000 ____D C:\FRST
2013-10-10 17:59 - 2013-10-10 17:59 - 00011155 _____ C:\ComboFix.txt
2013-10-10 17:49 - 2008-04-13 13:40 - 00096512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\atapi.sys
2013-10-10 17:49 - 2008-04-13 13:40 - 00096512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2013-10-10 17:43 - 2013-10-10 17:43 - 01087213 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2013-10-09 20:47 - 2013-10-09 20:47 - 00106496 _____ C:\WINDOWS\Minidump\Mini100913-02.dmp
2013-10-09 20:24 - 2013-10-09 20:28 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-10-09 20:22 - 2013-10-09 20:41 - 00000743 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-09 20:22 - 2013-10-09 20:38 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-09 20:22 - 2013-10-09 20:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-09 20:22 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-09 20:06 - 2013-10-09 20:06 - 00000000 _RSHD C:\cmdcons
2013-10-09 20:06 - 2013-06-27 19:21 - 00000211 _____ C:\Boot.bak
2013-10-09 20:06 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr
2013-10-09 20:03 - 2013-10-10 17:59 - 00000000 ____D C:\Qoobox
2013-10-09 20:03 - 2013-10-09 20:16 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-09 20:03 - 2011-06-26 01:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-10-09 20:03 - 2010-11-07 12:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-10-09 20:03 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-10-09 20:03 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-10-09 20:03 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-10-09 20:03 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-10-09 20:03 - 2000-08-30 19:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-10-09 20:03 - 2000-08-30 19:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-10-09 20:03 - 2000-08-30 19:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-10-09 19:56 - 2013-10-09 19:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\User\Desktop\tdsskiller.exe
2013-10-09 19:55 - 2013-10-09 19:55 - 05131844 ____R (Swearware) C:\Documents and Settings\User\Desktop\ComboFix.exe
2013-10-09 10:31 - 2013-10-09 10:30 - 00106496 _____ C:\WINDOWS\Minidump\Mini100913-01.dmp
2013-10-08 20:58 - 2013-10-08 20:58 - 00106496 _____ C:\WINDOWS\Minidump\Mini100813-03.dmp
2013-10-08 20:12 - 2013-10-08 20:10 - 00742742 _____ C:\Documents and Settings\Default User\Desktop\Can't use windows update anymore - Geeks to Go Forums.htm
2013-10-08 20:12 - 2013-10-08 18:51 - 00358923 _____ (Farbar) C:\Documents and Settings\Default User\Desktop\FSS.exe
2013-10-08 20:12 - 2013-10-08 18:39 - 04009167 _____ C:\Documents and Settings\Default User\Desktop\ServicesRepair.exe
2013-10-08 20:11 - 2013-10-08 20:10 - 00742742 _____ C:\Documents and Settings\Administrator\Desktop\Can't use windows update anymore - Geeks to Go Forums.htm
2013-10-08 20:11 - 2013-10-08 20:10 - 00742742 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\Can't use windows update anymore - Geeks to Go Forums.htm
2013-10-08 20:11 - 2013-10-08 18:51 - 00358923 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FSS.exe
2013-10-08 20:11 - 2013-10-08 18:51 - 00358923 _____ (Farbar) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\FSS.exe
2013-10-08 20:11 - 2013-10-08 18:39 - 04009167 _____ C:\Documents and Settings\Administrator\Desktop\ServicesRepair.exe
2013-10-08 20:11 - 2013-10-08 18:39 - 04009167 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\ServicesRepair.exe
2013-10-08 20:11 - 2013-10-07 19:34 - 04745728 _____ (AVAST Software) C:\Documents and Settings\All Users\Desktop\aswmbr.exe
2013-10-08 20:09 - 2013-10-08 20:09 - 00000694 _____ C:\Documents and Settings\All Users\Desktop\Speccy.lnk
2013-10-08 18:52 - 2013-10-08 18:52 - 00106496 _____ C:\WINDOWS\Minidump\Mini100813-02.dmp
2013-10-08 18:39 - 2013-10-08 18:39 - 04009167 _____ C:\Documents and Settings\User\Desktop\ServicesRepair.exe
2013-10-08 18:39 - 2013-10-08 18:39 - 00000000 ____D C:\Documents and Settings\All Users\Desktop\CC Support
2013-10-08 18:32 - 2013-10-08 18:32 - 00000000 ____D C:\_OTL
2013-10-08 17:25 - 2013-10-08 20:09 - 00000694 _____ C:\Documents and Settings\Default User\Desktop\Speccy.lnk
2013-10-08 17:25 - 2013-10-08 17:19 - 01032220 _____ (Thisisu) C:\Documents and Settings\Default User\Desktop\JRT.exe
2013-10-08 17:25 - 2013-10-07 20:25 - 00891167 _____ C:\Documents and Settings\Default User\Desktop\SecurityCheck.exe
2013-10-08 17:25 - 2013-10-07 19:34 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Default User\Desktop\aswmbr.exe
2013-10-08 17:25 - 2013-10-07 19:12 - 01045226 _____ C:\Documents and Settings\Default User\Desktop\adwcleaner.exe
2013-10-08 17:25 - 2013-10-07 18:58 - 00061440 _____ ( ) C:\Documents and Settings\Default User\Desktop\VEW.exe
2013-10-08 17:25 - 2013-10-06 19:25 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Default User\Desktop\OTL.exe
2013-10-08 17:24 - 2013-10-08 20:09 - 00000694 _____ C:\Documents and Settings\Administrator\Desktop\Speccy.lnk
2013-10-08 17:24 - 2013-10-08 20:09 - 00000694 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\Speccy.lnk
2013-10-08 17:24 - 2013-10-08 17:19 - 01032220 _____ (Thisisu) C:\Documents and Settings\Administrator\Desktop\JRT.exe
2013-10-08 17:24 - 2013-10-08 17:19 - 01032220 _____ (Thisisu) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\JRT.exe
2013-10-08 17:24 - 2013-10-07 20:25 - 00891167 _____ C:\Documents and Settings\Administrator\Desktop\SecurityCheck.exe
2013-10-08 17:24 - 2013-10-07 20:25 - 00891167 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\SecurityCheck.exe
2013-10-08 17:24 - 2013-10-07 19:34 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Administrator\Desktop\aswmbr.exe
2013-10-08 17:24 - 2013-10-07 19:34 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\aswmbr.exe
2013-10-08 17:24 - 2013-10-07 19:12 - 01045226 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\adwcleaner.exe
2013-10-08 17:24 - 2013-10-07 18:58 - 00061440 _____ ( ) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\VEW.exe
2013-10-08 17:24 - 2013-10-06 19:25 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator\Desktop\OTL.exe
2013-10-08 17:24 - 2013-10-06 19:25 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\OTL.exe
2013-10-08 17:23 - 2013-10-07 19:12 - 01045226 _____ C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
2013-10-08 17:19 - 2013-10-08 17:19 - 01032220 _____ (Thisisu) C:\Documents and Settings\User\Desktop\JRT.exe
2013-10-08 17:16 - 2013-10-08 17:16 - 00106496 _____ C:\WINDOWS\Minidump\Mini100813-01.dmp
2013-10-07 20:43 - 2013-10-07 20:43 - 00000000 ____D C:\Documents and Settings\Administrator.VERYFASTUSER\Local Settings\Application Data\Mozilla
2013-10-07 20:43 - 2013-10-07 20:43 - 00000000 ____D C:\Documents and Settings\Administrator.VERYFASTUSER\Application Data\Mozilla
2013-10-07 20:25 - 2013-10-07 20:25 - 00891167 _____ C:\Documents and Settings\User\Desktop\SecurityCheck.exe
2013-10-07 20:08 - 2013-10-08 20:09 - 00000000 ____D C:\Program Files\Speccy
2013-10-07 20:08 - 2013-10-07 20:08 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
2013-10-07 20:05 - 2013-10-07 20:05 - 00000512 _____ C:\Documents and Settings\User\Desktop\MBR.dat
2013-10-07 19:34 - 2013-10-07 19:34 - 04745728 _____ (AVAST Software) C:\Documents and Settings\User\Desktop\aswmbr.exe
2013-10-07 19:24 - 2013-10-07 19:24 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-07 19:23 - 2013-10-08 18:32 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\GreatArcadeHits
2013-10-07 19:23 - 2013-09-09 02:57 - 00773968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2013-10-07 19:23 - 2013-09-09 02:57 - 00632656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-10-07 19:23 - 2013-09-09 02:57 - 00554832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-10-07 19:23 - 2013-09-09 02:57 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcm80.dll
2013-10-07 19:23 - 2013-09-09 02:57 - 00421200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-10-07 19:23 - 2013-09-09 02:57 - 00001870 _____ C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest
2013-10-07 19:13 - 2013-10-08 20:27 - 00000000 ____D C:\AdwCleaner
2013-10-07 19:12 - 2013-10-07 19:12 - 01045226 _____ C:\Documents and Settings\User\Desktop\adwcleaner.exe
2013-10-07 19:00 - 2013-10-12 20:05 - 00003092 _____ C:\VEW.txt
2013-10-07 18:58 - 2013-10-07 18:58 - 00061440 _____ ( ) C:\Documents and Settings\User\Desktop\VEW.exe
2013-10-07 18:58 - 2013-10-07 18:58 - 00061440 _____ ( ) C:\Documents and Settings\Administrator\Desktop\VEW.exe
2013-10-07 17:29 - 2013-10-07 17:29 - 00106496 _____ C:\WINDOWS\Minidump\Mini100713-01.dmp
2013-10-06 23:54 - 2013-10-06 23:54 - 00377856 _____ C:\Documents and Settings\User\Desktop\2lx1649c.exe
2013-10-06 19:47 - 2013-10-12 14:48 - 00012098 _____ C:\WINDOWS\bitssetup.log
2013-10-06 19:25 - 2013-10-06 19:25 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\User\Desktop\OTL.exe
2013-10-06 19:15 - 2013-10-06 19:15 - 00048656 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-06 19:15 - 2013-10-06 19:15 - 00000000 __SHD C:\Documents and Settings\Administrator.VERYFASTUSER\PrivacIE
2013-10-04 16:13 - 2013-10-04 16:13 - 00106496 _____ C:\WINDOWS\Minidump\Mini100413-01.dmp
2013-10-03 21:03 - 2013-10-03 21:03 - 00106496 _____ C:\WINDOWS\Minidump\Mini100313-01.dmp
2013-10-02 17:36 - 2013-10-02 17:36 - 00106496 _____ C:\WINDOWS\Minidump\Mini100213-01.dmp
2013-10-01 11:53 - 2013-10-01 11:53 - 00106496 _____ C:\WINDOWS\Minidump\Mini100113-01.dmp
2013-09-28 19:53 - 2013-09-28 19:53 - 00106496 _____ C:\WINDOWS\Minidump\Mini092813-01.dmp
2013-09-27 22:14 - 2013-09-27 22:14 - 00106496 _____ C:\WINDOWS\Minidump\Mini092713-01.dmp
2013-09-25 15:22 - 2013-09-25 15:22 - 00106496 _____ C:\WINDOWS\Minidump\Mini092513-01.dmp
2013-09-22 21:23 - 2013-09-22 21:23 - 00106496 _____ C:\WINDOWS\Minidump\Mini092213-01.dmp
2013-09-21 13:46 - 2013-09-21 13:46 - 00106496 _____ C:\WINDOWS\Minidump\Mini092113-01.dmp
2013-09-18 18:43 - 2013-10-07 19:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2013-10-12 20:06 - 2013-10-12 20:06 - 00003092 _____ C:\VEW System.txt
2013-10-12 20:05 - 2013-10-07 19:00 - 00003092 _____ C:\VEW.txt
2013-10-12 20:04 - 2013-10-12 20:04 - 00000358 _____ C:\Documents and Settings\User\Desktop\VEW Application.txt
2013-10-12 20:03 - 2008-01-24 21:17 - 01605724 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-12 20:02 - 2013-01-30 18:51 - 00000000 ____D C:\Documents and Settings\User\Application Data\Skype
2013-10-12 20:02 - 2008-01-24 21:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-12 20:02 - 2008-01-24 13:00 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-12 20:02 - 2008-01-24 13:00 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-12 20:02 - 2001-08-23 07:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-12 20:01 - 2008-01-24 21:11 - 00000278 ___SH C:\Documents and Settings\User\ntuser.ini
2013-10-12 20:01 - 2008-01-24 21:10 - 00032494 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-12 19:56 - 2012-03-28 20:58 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-12 16:41 - 2005-01-13 22:59 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-10-12 14:48 - 2013-10-06 19:47 - 00012098 _____ C:\WINDOWS\bitssetup.log
2013-10-12 10:22 - 2013-10-12 10:22 - 00106496 _____ C:\WINDOWS\Minidump\Mini101213-02.dmp
2013-10-12 10:22 - 2009-11-08 14:19 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-12 08:29 - 2013-10-12 08:29 - 00106496 _____ C:\WINDOWS\Minidump\Mini101213-01.dmp
2013-10-11 17:20 - 2013-01-30 18:51 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk
2013-10-11 16:52 - 2013-10-11 16:52 - 00003365 _____ C:\junk.txt
2013-10-11 16:43 - 2013-10-11 16:43 - 00000000 ____D C:\Documents and Settings\User\Start Menu\Programs\NirSoft BlueScreenView
2013-10-11 16:20 - 2013-01-30 18:51 - 00000000 ___RD C:\Program Files\Skype
2013-10-11 16:20 - 2013-01-30 18:51 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-10-11 16:16 - 2013-10-11 16:16 - 00106496 _____ C:\WINDOWS\Minidump\Mini101113-01.dmp
2013-10-10 18:00 - 2013-10-10 18:00 - 00000000 ____D C:\FRST
2013-10-10 17:59 - 2013-10-10 17:59 - 00011155 _____ C:\ComboFix.txt
2013-10-10 17:59 - 2013-10-09 20:03 - 00000000 ____D C:\Qoobox
2013-10-10 17:56 - 2001-08-23 07:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-10-10 17:43 - 2013-10-10 17:43 - 01087213 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2013-10-10 16:49 - 2008-05-16 09:39 - 00015587 _____ C:\Documents and Settings\User\My Documents\personal info.txt
2013-10-09 20:47 - 2013-10-09 20:47 - 00106496 _____ C:\WINDOWS\Minidump\Mini100913-02.dmp
2013-10-09 20:41 - 2013-10-09 20:22 - 00000743 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-09 20:38 - 2013-10-09 20:22 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-09 20:28 - 2013-10-09 20:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-10-09 20:22 - 2013-10-09 20:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-09 20:16 - 2013-10-09 20:03 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-09 20:14 - 2005-01-13 22:32 - 00000000 ____D C:\Documents and Settings\Administrator
2013-10-09 20:06 - 2013-10-09 20:06 - 00000000 _RSHD C:\cmdcons
2013-10-09 20:06 - 2008-01-24 12:56 - 00000327 __RSH C:\boot.ini
2013-10-09 19:56 - 2013-10-09 19:56 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\User\Desktop\tdsskiller.exe
2013-10-09 19:55 - 2013-10-09 19:55 - 05131844 ____R (Swearware) C:\Documents and Settings\User\Desktop\ComboFix.exe
2013-10-09 11:56 - 2012-03-28 20:58 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 11:56 - 2011-05-16 05:26 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-09 10:30 - 2013-10-09 10:31 - 00106496 _____ C:\WINDOWS\Minidump\Mini100913-01.dmp
2013-10-08 20:58 - 2013-10-08 20:58 - 00106496 _____ C:\WINDOWS\Minidump\Mini100813-03.dmp
2013-10-08 20:27 - 2013-10-07 19:13 - 00000000 ____D C:\AdwCleaner
2013-10-08 20:27 - 2008-08-17 19:41 - 00000178 ___SH C:\Documents and Settings\Administrator.VERYFASTUSER\ntuser.ini
2013-10-08 20:10 - 2013-10-08 20:12 - 00742742 _____ C:\Documents and Settings\Default User\Desktop\Can't use windows update anymore - Geeks to Go Forums.htm
2013-10-08 20:10 - 2013-10-08 20:11 - 00742742 _____ C:\Documents and Settings\Administrator\Desktop\Can't use windows update anymore - Geeks to Go Forums.htm
2013-10-08 20:10 - 2013-10-08 20:11 - 00742742 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\Can't use windows update anymore - Geeks to Go Forums.htm
2013-10-08 20:09 - 2013-10-08 20:09 - 00000694 _____ C:\Documents and Settings\All Users\Desktop\Speccy.lnk
2013-10-08 20:09 - 2013-10-08 17:25 - 00000694 _____ C:\Documents and Settings\Default User\Desktop\Speccy.lnk
2013-10-08 20:09 - 2013-10-08 17:24 - 00000694 _____ C:\Documents and Settings\Administrator\Desktop\Speccy.lnk
2013-10-08 20:09 - 2013-10-08 17:24 - 00000694 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\Speccy.lnk
2013-10-08 20:09 - 2013-10-07 20:08 - 00000000 ____D C:\Program Files\Speccy
2013-10-08 20:09 - 2008-06-08 13:20 - 00643265 _____ C:\WINDOWS\setupapi.log
2013-10-08 18:52 - 2013-10-08 18:52 - 00106496 _____ C:\WINDOWS\Minidump\Mini100813-02.dmp
2013-10-08 18:51 - 2013-10-08 20:12 - 00358923 _____ (Farbar) C:\Documents and Settings\Default User\Desktop\FSS.exe
2013-10-08 18:51 - 2013-10-08 20:11 - 00358923 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FSS.exe
2013-10-08 18:51 - 2013-10-08 20:11 - 00358923 _____ (Farbar) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\FSS.exe
2013-10-08 18:39 - 2013-10-08 20:12 - 04009167 _____ C:\Documents and Settings\Default User\Desktop\ServicesRepair.exe
2013-10-08 18:39 - 2013-10-08 20:11 - 04009167 _____ C:\Documents and Settings\Administrator\Desktop\ServicesRepair.exe
2013-10-08 18:39 - 2013-10-08 20:11 - 04009167 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\ServicesRepair.exe
2013-10-08 18:39 - 2013-10-08 18:39 - 04009167 _____ C:\Documents and Settings\User\Desktop\ServicesRepair.exe
2013-10-08 18:39 - 2013-10-08 18:39 - 00000000 ____D C:\Documents and Settings\All Users\Desktop\CC Support
2013-10-08 18:32 - 2013-10-08 18:32 - 00000000 ____D C:\_OTL
2013-10-08 18:32 - 2013-10-07 19:23 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\GreatArcadeHits
2013-10-08 17:19 - 2013-10-08 17:25 - 01032220 _____ (Thisisu) C:\Documents and Settings\Default User\Desktop\JRT.exe
2013-10-08 17:19 - 2013-10-08 17:24 - 01032220 _____ (Thisisu) C:\Documents and Settings\Administrator\Desktop\JRT.exe
2013-10-08 17:19 - 2013-10-08 17:24 - 01032220 _____ (Thisisu) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\JRT.exe
2013-10-08 17:19 - 2013-10-08 17:19 - 01032220 _____ (Thisisu) C:\Documents and Settings\User\Desktop\JRT.exe
2013-10-08 17:16 - 2013-10-08 17:16 - 00106496 _____ C:\WINDOWS\Minidump\Mini100813-01.dmp
2013-10-07 20:43 - 2013-10-07 20:43 - 00000000 ____D C:\Documents and Settings\Administrator.VERYFASTUSER\Local Settings\Application Data\Mozilla
2013-10-07 20:43 - 2013-10-07 20:43 - 00000000 ____D C:\Documents and Settings\Administrator.VERYFASTUSER\Application Data\Mozilla
2013-10-07 20:25 - 2013-10-08 17:25 - 00891167 _____ C:\Documents and Settings\Default User\Desktop\SecurityCheck.exe
2013-10-07 20:25 - 2013-10-08 17:24 - 00891167 _____ C:\Documents and Settings\Administrator\Desktop\SecurityCheck.exe
2013-10-07 20:25 - 2013-10-08 17:24 - 00891167 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\SecurityCheck.exe
2013-10-07 20:25 - 2013-10-07 20:25 - 00891167 _____ C:\Documents and Settings\User\Desktop\SecurityCheck.exe
2013-10-07 20:09 - 2009-10-29 05:50 - 00000152 _____ C:\Documents and Settings\User\Application Data\default.rss
2013-10-07 20:09 - 2008-03-27 21:03 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2013-10-07 20:08 - 2013-10-07 20:08 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
2013-10-07 20:05 - 2013-10-07 20:05 - 00000512 _____ C:\Documents and Settings\User\Desktop\MBR.dat
2013-10-07 19:34 - 2013-10-08 20:11 - 04745728 _____ (AVAST Software) C:\Documents and Settings\All Users\Desktop\aswmbr.exe
2013-10-07 19:34 - 2013-10-08 17:25 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Default User\Desktop\aswmbr.exe
2013-10-07 19:34 - 2013-10-08 17:24 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Administrator\Desktop\aswmbr.exe
2013-10-07 19:34 - 2013-10-08 17:24 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\aswmbr.exe
2013-10-07 19:34 - 2013-10-07 19:34 - 04745728 _____ (AVAST Software) C:\Documents and Settings\User\Desktop\aswmbr.exe
2013-10-07 19:24 - 2013-10-07 19:24 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-07 19:23 - 2013-09-18 18:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-07 19:22 - 2008-01-24 12:53 - 00000000 ____D C:\WINDOWS\Resources
2013-10-07 19:12 - 2013-10-08 17:25 - 01045226 _____ C:\Documents and Settings\Default User\Desktop\adwcleaner.exe
2013-10-07 19:12 - 2013-10-08 17:24 - 01045226 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\adwcleaner.exe
2013-10-07 19:12 - 2013-10-08 17:23 - 01045226 _____ C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
2013-10-07 19:12 - 2013-10-07 19:12 - 01045226 _____ C:\Documents and Settings\User\Desktop\adwcleaner.exe
2013-10-07 18:58 - 2013-10-08 17:25 - 00061440 _____ ( ) C:\Documents and Settings\Default User\Desktop\VEW.exe
2013-10-07 18:58 - 2013-10-08 17:24 - 00061440 _____ ( ) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\VEW.exe
2013-10-07 18:58 - 2013-10-07 18:58 - 00061440 _____ ( ) C:\Documents and Settings\User\Desktop\VEW.exe
2013-10-07 18:58 - 2013-10-07 18:58 - 00061440 _____ ( ) C:\Documents and Settings\Administrator\Desktop\VEW.exe
2013-10-07 17:29 - 2013-10-07 17:29 - 00106496 _____ C:\WINDOWS\Minidump\Mini100713-01.dmp
2013-10-06 23:54 - 2013-10-06 23:54 - 00377856 _____ C:\Documents and Settings\User\Desktop\2lx1649c.exe
2013-10-06 19:25 - 2013-10-08 17:25 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Default User\Desktop\OTL.exe
2013-10-06 19:25 - 2013-10-08 17:24 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator\Desktop\OTL.exe
2013-10-06 19:25 - 2013-10-08 17:24 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator.VERYFASTUSER\Desktop\OTL.exe
2013-10-06 19:25 - 2013-10-06 19:25 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\User\Desktop\OTL.exe
2013-10-06 19:23 - 2003-07-29 11:37 - 00051712 _____ C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-06 19:15 - 2013-10-06 19:15 - 00048656 _____ C:\Documents and Settings\Administrator.VERYFASTUSER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-06 19:15 - 2013-10-06 19:15 - 00000000 __SHD C:\Documents and Settings\Administrator.VERYFASTUSER\PrivacIE
2013-10-06 19:14 - 2008-01-24 12:58 - 00998376 _____ C:\WINDOWS\ocgen.log
2013-10-04 16:13 - 2013-10-04 16:13 - 00106496 _____ C:\WINDOWS\Minidump\Mini100413-01.dmp
2013-10-03 21:03 - 2013-10-03 21:03 - 00106496 _____ C:\WINDOWS\Minidump\Mini100313-01.dmp
2013-10-02 17:36 - 2013-10-02 17:36 - 00106496 _____ C:\WINDOWS\Minidump\Mini100213-01.dmp
2013-10-01 20:06 - 2009-01-18 20:31 - 00000000 ____D C:\Program Files\ Hijack This
2013-10-01 20:01 - 2008-01-24 21:29 - 00048656 _____ C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-01 19:03 - 2008-01-24 12:57 - 00218448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-01 11:53 - 2013-10-01 11:53 - 00106496 _____ C:\WINDOWS\Minidump\Mini100113-01.dmp
2013-09-28 19:53 - 2013-09-28 19:53 - 00106496 _____ C:\WINDOWS\Minidump\Mini092813-01.dmp
2013-09-27 22:14 - 2013-09-27 22:14 - 00106496 _____ C:\WINDOWS\Minidump\Mini092713-01.dmp
2013-09-25 15:22 - 2013-09-25 15:22 - 00106496 _____ C:\WINDOWS\Minidump\Mini092513-01.dmp
2013-09-23 21:39 - 2008-01-24 21:25 - 00073963 _____ C:\WINDOWS\wmsetup.log
2013-09-22 21:23 - 2013-09-22 21:23 - 00106496 _____ C:\WINDOWS\Minidump\Mini092213-01.dmp
2013-09-21 15:18 - 2013-07-04 21:23 - 00000000 ____D C:\Documents and Settings\User\Application Data\mp3tagpro
2013-09-21 13:46 - 2013-09-21 13:46 - 00106496 _____ C:\WINDOWS\Minidump\Mini092113-01.dmp
2013-09-21 13:46 - 2013-02-06 17:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-19 06:24 - 2012-07-03 19:48 - 00000501 _____ C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
2013-09-17 19:51 - 2008-03-24 00:12 - 00002852 _____ C:\email addresses.txt
2013-09-17 17:06 - 2008-08-17 10:05 - 00000000 ____D C:\Documents and Settings\User\My Documents\Certs
2013-09-15 12:12 - 2008-04-06 00:04 - 00000000 ____D C:\Documents and Settings\User\My Documents\Codes
Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\temp\WD Passport 2.5 W98 installer.exe
C:\Documents and Settings\User\Local Settings\temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013
Ran by User at 2013-10-12 20:10:48
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
"Nero SoundTrax Help (Version: 4.4.32.0)
µTorrent (HKCU Version: 3.3.1.30017)
Adobe Acrobat 8 Professional - English, Français, Deutsch (Version: 8.1.2)
Adobe Acrobat 8.1.2 Professional (Version: 8.1.2)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Photoshop Album 2.0 (Version: 2.0)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Advertising Center (Version: 0.0.0.2)
Alcohol 120% (Version: 1.9.2.1705)
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.11.138)
ArcSoft WebCam Companion 3 (Version: 3.0.45.413)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.37)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
DolbyFiles (Version: 2.0)
Elevated Installer (Version: 2.1.13)
Garmin City Navigator North America NT 2010.10 Update (Version: 13.0.0.0)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin Express (Version: 2.1.13)
Garmin Express Tray (Version: 2.1.13)
Garmin Update Service (Version: 2.1.13)
Garmin USB Drivers (Version: 2.3.1.0)
Garmin WebUpdater (Version: 2.5.6)
GoToMeeting 5.5.0.1133 (HKCU Version: 5.5.0.1133)
GreatArcadeHits (HKCU Version: 1.0)
HijackThis 1.99.1 (Version: 1.99.1)
HP Webcam User's Guide
ICatch (VI) PC Camera
ImagXpress (Version: 7.0.74.0)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Magic ISO Maker v5.4 (build 0251)
magicJack (HKCU Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Menu Templates - Pack 1 (Version: 9.4.6.0)
Menu Templates - Pack 2 (Version: 9.4.6.0)
Menu Templates - Pack 3 (Version: 9.4.6.0)
Menu Templates - Starter Kit (Version: 9.4.6.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Movie Templates - Pack 1 (Version: 9.4.6.0)
Movie Templates - Starter Kit (Version: 9.4.6.0)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
mp3Tag Pro 8.1
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Nero 9
Nero BackItUp (Version: 5.2.6000)
Nero BackItUp and Burn (Version: 1.2.0009)
Nero Burning ROM Help (Version: 9.4.17.100)
Nero BurnRights (Version: 3.4.11.100)
Nero BurnRights (Version: 3.6.17000)
Nero BurnRights Help (Version: 3.4.4.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.9.100)
Nero CoverDesigner Help (Version: 4.4.9.100)
Nero DiscSpeed (Version: 5.4.12.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.11.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express (Version: 9.6.11000)
Nero Express Help (Version: 9.4.17.100)
Nero InfoTool (Version: 6.4.11.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Live (Version: 1.4.48.0)
Nero Live Help (Version: 1.4.48.0)
Nero PhotoSnap (Version: 1.53.2.0)
Nero PhotoSnap Help (Version: 1.53.2.0)
Nero Recode (Version: 4.4.31.0)
Nero Recode Help (Version: 4.4.31.0)
Nero Rescue Agent (Version: 2.4.12.100)
Nero RescueAgent (Version: 2.6.13000)
Nero RescueAgent Help (Version: 2.4.4.100)
Nero ShowTime (Version: 5.4.0.100)
Nero ShowTime (Version: 5.4.14.100)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart Help (Version: 9.4.12.100)
Nero Vision (Version: 6.4.10.205)
Nero Vision Help (Version: 6.4.8.100)
Nero WaveEditor (Version: 5.4.32.0)
NeroBurningROM (Version: 9.4.17.100)
NeroExpress (Version: 9.4.17.100)
neroxml (Version: 1.0.0)
NirSoft BlueScreenView
NTFS4DOS
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
Paragon Drive Backup 8.5 Professional
Platform (Version: 1.24)
QuickPar 0.9 (Version: 0.9)
QuickShare (Version: 1.135.60.12323)
Realtek High Definition Audio Driver (Version: 5.10.0.5433)
Skype Click to Call (Version: 6.12.13601)
Skype™ 6.9 (Version: 6.9.106)
SoundTrax (Version: 4.4.32.0)
Speccy (Version: 1.23)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB975364) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
UseNeXT by Tangysoft
VIA Display Driver 6.14.10.0095
VIA Platform Device Manager (Version: 1.24)
VIA Rhine-Family Fast-Ethernet Adapter
VLC media player 1.1.11 (Version: 1.1.11)
WebFldrs XP (Version: 9.50.5318)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation (Version: 3.0.6920.0)
WinRAR archiver
WinZip (Version: 8.1 (4331))
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger
YouTube Downloader Toolbar v6.0 (Version: 6.0)
YTD Video Downloader 4.5.1 (Version: 4.5.1)
==================== Restore Points =========================
15-07-2013 04:13:27 System Checkpoint
16-07-2013 04:25:27 System Checkpoint
17-07-2013 04:37:31 System Checkpoint
18-07-2013 05:49:31 System Checkpoint
19-07-2013 11:30:41 System Checkpoint
20-07-2013 14:54:55 System Checkpoint
21-07-2013 15:23:21 System Checkpoint
22-07-2013 15:47:20 System Checkpoint
23-07-2013 16:02:23 System Checkpoint
24-07-2013 16:42:14 System Checkpoint
25-07-2013 17:39:09 System Checkpoint
26-07-2013 17:51:11 System Checkpoint
27-07-2013 18:56:28 System Checkpoint
28-07-2013 18:57:57 System Checkpoint
29-07-2013 21:05:04 System Checkpoint
30-07-2013 22:48:24 System Checkpoint
31-07-2013 23:27:16 System Checkpoint
01-08-2013 23:48:24 System Checkpoint
03-08-2013 00:41:09 System Checkpoint
04-08-2013 00:53:09 System Checkpoint
05-08-2013 01:05:08 System Checkpoint
06-08-2013 01:26:28 System Checkpoint
07-08-2013 01:32:24 System Checkpoint
08-08-2013 01:50:53 System Checkpoint
09-08-2013 11:15:08 System Checkpoint
10-08-2013 15:27:07 System Checkpoint
11-08-2013 15:43:11 System Checkpoint
12-08-2013 16:43:11 System Checkpoint
13-08-2013 16:46:21 System Checkpoint
14-08-2013 16:58:20 System Checkpoint
15-08-2013 17:43:28 System Checkpoint
16-08-2013 18:23:02 System Checkpoint
17-08-2013 18:37:15 System Checkpoint
18-08-2013 19:16:22 System Checkpoint
19-08-2013 19:45:11 System Checkpoint
20-08-2013 21:11:26 System Checkpoint
21-08-2013 22:19:16 System Checkpoint
22-08-2013 22:35:48 System Checkpoint
23-08-2013 23:59:47 System Checkpoint
25-08-2013 00:35:47 System Checkpoint
26-08-2013 01:23:48 System Checkpoint
27-08-2013 11:18:11 System Checkpoint
28-08-2013 11:59:08 System Checkpoint
29-08-2013 13:35:08 System Checkpoint
30-08-2013 14:59:08 System Checkpoint
31-08-2013 15:58:10 System Checkpoint
01-09-2013 16:23:13 System Checkpoint
02-09-2013 17:14:17 System Checkpoint
03-09-2013 18:47:53 System Checkpoint
04-09-2013 18:52:59 System Checkpoint
05-09-2013 19:41:29 System Checkpoint
06-09-2013 20:51:00 System Checkpoint
07-09-2013 21:43:30 System Checkpoint
08-09-2013 22:47:58 System Checkpoint
09-09-2013 23:46:11 System Checkpoint
11-09-2013 00:17:17 System Checkpoint
12-09-2013 00:47:48 System Checkpoint
13-09-2013 01:20:26 System Checkpoint
14-09-2013 01:31:13 System Checkpoint
15-09-2013 02:30:07 System Checkpoint
16-09-2013 02:40:58 System Checkpoint
17-09-2013 03:11:11 System Checkpoint
18-09-2013 11:29:34 System Checkpoint
19-09-2013 11:45:31 System Checkpoint
20-09-2013 12:56:52 System Checkpoint
21-09-2013 12:59:45 System Checkpoint
22-09-2013 13:47:39 System Checkpoint
23-09-2013 14:04:16 System Checkpoint
24-09-2013 14:50:11 System Checkpoint
25-09-2013 15:49:07 System Checkpoint
26-09-2013 16:00:52 System Checkpoint
27-09-2013 17:09:57 System Checkpoint
28-09-2013 17:19:35 System Checkpoint
29-09-2013 18:35:01 System Checkpoint
30-09-2013 18:53:02 System Checkpoint
01-10-2013 19:12:41 System Checkpoint
02-10-2013 20:40:30 System Checkpoint
03-10-2013 23:04:40 System Checkpoint
05-10-2013 00:05:59 System Checkpoint
06-10-2013 00:42:20 System Checkpoint
07-10-2013 02:52:02 System Checkpoint
08-10-2013 01:16:13 OTL Restore Point - 10/7/2013 8:16:10 PM
08-10-2013 01:26:40 OTL Restore Point - 10/7/2013 8:26:37 PM
08-10-2013 23:57:35 OTL Restore Point - 10/8/2013 6:57:31 PM
10-10-2013 00:34:46 System Checkpoint
11-10-2013 01:19:10 System Checkpoint
12-10-2013 01:26:15 System Checkpoint
==================== Hosts content: ==========================
2001-08-23 07:00 - 2013-10-09 20:15 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-09-18 18:43 - 2013-09-18 18:44 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-10-09 11:56 - 2013-10-09 11:56 - 16233864 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Documents and Settings\User\Desktop\FRST.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: Plug and Play BIOS Extension
Description: Plug and Play BIOS Extension
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: a347bus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (10/12/2013 08:02:49 PM) (Source: Service Control Manager) (User: )
Description: The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error:
%%1290
Error: (10/12/2013 08:02:49 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1290" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (10/12/2013 08:02:37 PM) (Source: Service Control Manager) (User: )
Description: The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error:
%%1290
Error: (10/12/2013 08:02:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1290" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (10/12/2013 08:02:30 PM) (Source: Service Control Manager) (User: )
Description: The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error:
%%1290
Error: (10/12/2013 07:25:25 PM) (Source: Service Control Manager) (User: )
Description: The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error:
%%1290
Error: (10/12/2013 07:25:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1290" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (10/12/2013 07:25:08 PM) (Source: Service Control Manager) (User: )
Description: The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error:
%%1290
Error: (10/12/2013 07:25:08 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1290" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (10/12/2013 07:25:04 PM) (Source: Service Control Manager) (User: )
Description: The @%SystemRoot%\system32\qmgr.dll,-1000 service failed to start due to the following error:
%%1290
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 1790.42 MB
Available physical RAM: 1211.2 MB
Total Pagefile: 3688.37 MB
Available Pagefile: 3256.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:127.99 GB) (Free:23.61 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive k: () (Network) (Total:127.99 GB) (Free:23.61 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 186 GB) (Disk ID: FA9AFA9A)
Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)
==================== End Of Log ============================