PDA

View Full Version : Win32:Sirefef-AAP Rtk



JohnShooter
2012-06-30, 03:23
Greetings. I scanned my computer with AVAST! Anti-Virus and found several detections of rootkits and potential malware in my system. One example is the Win32:Sirefef-AAP [rtk]. I have tried quarantined these infections in "chests," but when my computer restarts and I run another scan, the infections reappear as if the scan did nothing to help. Can you please help me successfully remove these infections from my computer's system?

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_29
Run by JR at 20:18:47 on 2012-06-29
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1013.345 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\V0330Mon.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Program Files\Zune\ZuneBusEnum.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uWindow Title = Windows Internet Explorer provided by Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.9\youtubedownloaderToolbarIE.dll
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Yahoo! IE Suggest: {5a263cf7-56a6-4d68-a8cf-345be45bc911} - c:\program files\yahoo!\searchsuggest\YSearchSuggest.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.9\youtubedownloaderToolbarIE.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.9\youtubedownloaderToolbarIE.dll
EB: &Research: {ff059e31-cc5a-4e2e-bf3b-96e929d65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Creative WebCam Tray] "c:\program files\creative\shared files\CamTray.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [V0330Mon.exe] c:\windows\V0330Mon.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [<NO NAME>]
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{82411E56-F798-4380-873D-17893A7C6322} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jr\application data\mozilla\firefox\profiles\1ahcevcn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-2-28 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-12-9 337880]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-6-13 792512]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-9 20696]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-22 44768]
R3 V0330VID;WebCam Vista/Live! Cam Chat;c:\windows\system32\drivers\V0330Vid.sys [2009-9-28 185183]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-2-25 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-31 250056]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-2-25 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-26 113120]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2011-8-5 268512]
.
=============== Created Last 30 ================
.
2012-06-26 04:34:53 -------- d-----w- c:\documents and settings\jr\application data\KendallHunt
2012-06-19 02:45:58 -------- d-----w- c:\documents and settings\jr\application data\wtxpcom
2012-06-18 22:23:39 -------- d-----w- c:\documents and settings\jr\application data\Search Settings
2012-06-18 22:23:32 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2012-06-18 22:23:32 -------- d-----w- c:\program files\common files\Spigot
2012-06-18 22:23:32 -------- d-----w- c:\program files\Application Updater
2012-06-08 15:56:25 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-06-08 15:56:25 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-05-31 03:18:05 -------- d-----w- c:\documents and settings\jr\application data\YouTube Downloader
.
==================== Find3M ====================
.
2012-06-27 20:51:51 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-27 20:51:51 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:39:54 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 14:46:47 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-04-23 14:46:47 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-04-23 14:46:47 17408 ----a-w- c:\windows\system32\corpol.dll
2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 20:21:52.89 ===============

maxi
2012-07-02, 21:43
Welcome to Safer Networking. I am maxi, and I will be helping you out with your malware problems.

Before we go further, there are a few things that I would like to make clear so that we are share the same understanding.


Please observe and follow these Forum Rules (http://forums.spybot.info/showthread.php?t=288).
Any advice is for your computer only and is taken at your own risk. Fixes sometimes will cause unexpected results, but I will do my best to assist you.
Please read the instructions carefully and follow them closely, in the order they are presented to you.
If you have any doubts or problems during the fix, please stop and ask.
All the tools that I will ask you to download and use are safe. Please allow if prompted by any of your security softwares.
Do not use or run any malware cleaning tools without supervision as they may cause more harm if improperly used.
Refrain from installing any new programs except those that I request during the fix to prevent interference to my diagnosis of the problem.
Lack of malware symptoms does not mean your computer is clean. Stick to this topic until I give the All Clear.
If you do not reply within 3 days, this topic will be closed.

If you are agreeable to the above, then everything should go smoothly

Note:
As I am currently still in training, everything that I post to you must be first checked by my teacher. This may add a tiny delay between replies so please be patient :)

Do you still require help ? If so could you please post the attach.txt. You may have to run DDS again to get this if you have not already saved it.

JohnShooter
2012-07-02, 23:43
Hi, Maxi. I wasn't initially sure if I should've included it; therefore, I didn't post it. Fortunately, I had it saved on my desktop. Here it is...


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/4/2009 2:57:02 PM
System Uptime: 6/29/2012 8:06:50 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0RY007
Processor: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz | Socket 775 | 1595/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 229 GiB total, 171.786 GiB free.
D: is Removable
E: is Removable
F: is Removable
G: is Removable
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP635: 3/30/2012 11:08:22 PM - System Checkpoint
RP636: 3/31/2012 5:00:02 PM - Removed YouTube Downloader Toolbar v5.2.
RP637: 4/1/2012 5:18:16 PM - System Checkpoint
RP638: 4/2/2012 7:40:13 PM - System Checkpoint
RP639: 4/4/2012 11:58:25 PM - System Checkpoint
RP640: 4/6/2012 1:42:18 AM - System Checkpoint
RP641: 4/8/2012 10:07:21 AM - System Checkpoint
RP642: 4/10/2012 7:52:10 PM - System Checkpoint
RP643: 4/12/2012 1:11:50 AM - System Checkpoint
RP644: 4/13/2012 1:13:29 AM - System Checkpoint
RP645: 4/13/2012 2:26:32 AM - Software Distribution Service 3.0
RP646: 4/14/2012 5:23:08 PM - System Checkpoint
RP647: 4/15/2012 7:40:33 PM - System Checkpoint
RP648: 4/16/2012 7:55:02 PM - System Checkpoint
RP649: 4/17/2012 8:34:08 PM - System Checkpoint
RP650: 4/18/2012 9:39:39 PM - System Checkpoint
RP651: 4/20/2012 12:34:38 AM - System Checkpoint
RP652: 4/21/2012 1:11:51 AM - System Checkpoint
RP653: 4/22/2012 4:18:28 PM - System Checkpoint
RP654: 4/23/2012 10:26:02 PM - System Checkpoint
RP655: 4/25/2012 7:45:17 PM - System Checkpoint
RP656: 4/27/2012 9:50:07 AM - System Checkpoint
RP657: 4/28/2012 12:33:19 PM - System Checkpoint
RP658: 4/29/2012 10:17:31 PM - System Checkpoint
RP659: 5/1/2012 12:39:41 AM - System Checkpoint
RP660: 5/2/2012 1:46:56 PM - System Checkpoint
RP661: 5/3/2012 5:14:59 PM - System Checkpoint
RP662: 5/5/2012 1:12:46 AM - System Checkpoint
RP663: 5/6/2012 2:30:49 PM - System Checkpoint
RP664: 5/7/2012 6:39:40 PM - System Checkpoint
RP665: 5/8/2012 6:10:25 PM - Software Distribution Service 3.0
RP666: 5/10/2012 12:01:05 AM - System Checkpoint
RP667: 5/11/2012 1:02:16 AM - System Checkpoint
RP668: 5/13/2012 1:51:26 AM - System Checkpoint
RP669: 5/14/2012 3:29:34 AM - System Checkpoint
RP670: 5/15/2012 3:48:15 PM - System Checkpoint
RP671: 5/16/2012 11:27:59 PM - System Checkpoint
RP672: 5/18/2012 7:19:58 PM - System Checkpoint
RP673: 5/20/2012 1:43:26 AM - System Checkpoint
RP674: 5/21/2012 10:08:07 PM - System Checkpoint
RP675: 5/21/2012 10:39:17 PM - Software Distribution Service 3.0
RP676: 5/22/2012 10:49:32 PM - System Checkpoint
RP677: 5/24/2012 1:59:40 AM - System Checkpoint
RP678: 5/25/2012 11:45:40 PM - System Checkpoint
RP679: 5/28/2012 3:32:36 PM - System Checkpoint
RP680: 5/29/2012 6:40:29 PM - System Checkpoint
RP681: 5/31/2012 3:42:44 PM - System Checkpoint
RP682: 6/1/2012 4:57:55 PM - System Checkpoint
RP683: 6/3/2012 1:22:39 AM - System Checkpoint
RP684: 6/4/2012 3:00:45 PM - Software Distribution Service 3.0
RP685: 6/8/2012 5:11:59 PM - System Checkpoint
RP686: 6/13/2012 1:15:44 AM - Software Distribution Service 3.0
RP687: 6/14/2012 8:27:49 PM - System Checkpoint
RP688: 6/18/2012 1:39:28 PM - System Checkpoint
RP689: 6/19/2012 2:15:08 PM - System Checkpoint
RP690: 6/21/2012 1:21:54 PM - System Checkpoint
RP691: 6/25/2012 9:58:20 PM - System Checkpoint
RP692: 6/27/2012 12:05:59 AM - System Checkpoint
RP693: 6/29/2012 2:40:25 AM - System Checkpoint
.
==== Installed Programs ======================
.
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Apple Application Support
Apple Software Update
avast! Free Antivirus
Creative Live! Cam Center
Creative Software AutoUpdate
Creative System Information
Creative WebCam Center
Creative WebCam Vista User's Guide (English)
Creative WebCam Vista/Live! Cam Chat Driver (1.02.02.00)
ESET Online Scanner v3
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format 11 SDK (KB973442)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 29
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WinUsb 1.0
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
Photo Story 3 for Windows
QuickTime
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Spybot - Search & Destroy
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Driver Package - AMD System (02/28/2003 1.0.0.0)
Windows Driver Package - Intel (e1express) Net (02/06/2008 9.12.18.0)
Windows Driver Package - Intel hdc (02/05/2007 8.3.0.1016)
Windows Driver Package - Intel hdc (09/25/2007 8.3.0.1016)
Windows Driver Package - Intel System (01/10/2005 7.0.0.1011)
Windows Driver Package - Intel System (01/13/2007 8.3.0.1008)
Windows Driver Package - Intel System (07/02/2001 4.00.1001)
Windows Driver Package - Intel System (07/11/2001 3.30.1002)
Windows Driver Package - Intel System (09/25/2007 8.3.0.1016)
Windows Driver Package - Intel System (12/11/2007 8.4.0.1018)
Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (04/17/2008 5.10.0.5605)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Mobile Device Updater Component
Windows Search 4.0
Windows XP Service Pack 3
Yahoo! Search Suggest Add-on for IE7
YouTube Downloader Toolbar v5.9
YTD YouTube Downloader & Converter 3.7
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
6/29/2012 8:07:17 PM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 001D098E3D81 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/29/2012 3:59:33 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD aswRdr aswSnx aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
6/29/2012 3:59:33 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
6/29/2012 3:59:33 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/29/2012 3:59:33 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/29/2012 3:59:33 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
6/29/2012 3:58:47 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/29/2012 3:58:44 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
6/26/2012 5:35:08 PM, error: Dhcp [1002] - The IP address lease 192.168.1.8 for the Network Card with network address 001D098E3D81 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================

maxi
2012-07-03, 18:04
Hi JohnShooter :)

The first thing you you need to do is update your Avast! virus definitions, Then you need to locate the detected files in the virus chest and rescan them. You can do this by right clicking on the detected file and selecting scan. If the files come back clean you can right click them again and this time select restore.

Please let me know if the files are still showing as infected and if so could you supply me with the files and paths of the infected files.

Step 1 (if you havn't already done so)
Back Up registry with ERUNT


Please download ERUNT (http://www.aumha.org/downloads/erunt-setup.exe) and save it to your desktop.
Alternate Download (http://dundats.mvps.org/Files/erunt-setup.exe)
Double-click on erunt_setup.exe to install the program
Untick the NTREGOPT desktop shortcut option
Click No when you get the option to run Erunt at Windows startup.
During the installation, tick Launch Erunt.
Accept the default options for running a backup.
Erunt will then backup your registry.
Click OK to finish.
If you are unable to back up your Registry with ERUNT ....

Let me know.
Do not follow any further instructions until I tell you to.

Step 2
Add/Remove programs
Click on start
Then Run
In the open text entry box please copy/paste appwiz.cpl Then click enter.
Press the "Remove" or "Change/Remove"...button to uninstall the following if present.

Java Auto Updater
Java(TM) 6 Update 29
YouTube Downloader Toolbar v5.9
YTD YouTube Downloader & Converter 3.7

You can download the latest version of Java from here (http://download.oracle.com/otn-pub/java/jdk/7u5-b05/jre-7u5-windows-i586.exe), Just download the file to your desktop and install the program.


Step 3
TDSSKiller

Please download TDSSKiller.exe (http://support.kaspersky.com/downloads/utils/tdsskiller.exe) and save it to your Desktop.
Double click on TDSSKiller.exe to launch it.
Click on Start Scan, the scan will run.
When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
Now click on Report to open the log file created by TDSSKiller in your root directory C:\
To find the log go to Start > Computer > C:
Post the contents of that log in your next reply please.
DO NOT TRY TO FIX ANYTHING AT THIS POINT

Step 4
Please download OTL (http://oldtimer.geekstogo.com/OTL.exe) by Old Timer and save it to your Desktop.

Double click on OTL.exe to run it.
Under Output, ensure that Standard Output is selected.
Under Extra Registry section, select Use SafeList.
Click the Scan All Users checkbox.
Click on Run Scan at the top left hand corner.
When done, two Notepad files will open.
OTL.txt <-- Will be opened
Extra.txt <-- Will be minimized
Please post the contents of these 2 Notepad files in your next reply.

In your next reply please include:
The results of the file rescan with Avast.
The TDSSKiller log.
Both logs from OTL.
Any problems you had with my instructions.
Any symptoms of Malware you are experiencing.

Regards maxi :)

JohnShooter
2012-07-03, 22:09
After the Avast Scan, cercsyr6.sys was found not to have any virus, so I restored it. The I/I.class, on the other hand, resulted in being labeled as a Java:Malware-gen [Trj] after rescan. It's still quarantined in the chest.

Here are some of the symptoms:
- glitching in the audio whenever I listen to music on youtube or soundcloud.
- internet also invariably freezes whenever I go web surfing. There was also - popup that appears on my desktop which said about setting up/changing language settings.
- Another pop up tells me that adobe flash update has encountered an error, and that I should send an error report.

I've installed the most up-to-date version but the adobe flash error pop up still comes up from time to time. The symptoms aren't terribly serious, but they've made me awfully worried. Especially after running the AVAST scan and finding those infections that I previously mentioned in my first post.

I had a bit of trouble getting this post to you because, well, the computer keeps freezing. Do you know what may be causing the problem?

JohnShooter
2012-07-03, 22:13
Having trouble getting the rest of the scans to you. The site is only allowing me to post once every 20 minutes. Also there's a character limit and the reports are REALLY long. Please bare with me.

JohnShooter
2012-07-03, 22:14
============================================================
14:37:42.0390 1460 Current date / time: 2012/07/03 14:37:42.0390
14:37:42.0390 1460 SystemInfo:
14:37:42.0390 1460
14:37:42.0390 1460 OS Version: 5.1.2600 ServicePack: 3.0
14:37:42.0390 1460 Product type: Workstation
14:37:42.0390 1460 ComputerName: OWNER-33EF7E690
14:37:42.0390 1460 UserName: JR
14:37:42.0390 1460 Windows directory: C:\WINDOWS
14:37:42.0390 1460 System windows directory: C:\WINDOWS
14:37:42.0390 1460 Processor architecture: Intel x86
14:37:42.0390 1460 Number of processors: 2
14:37:42.0390 1460 Page size: 0x1000
14:37:42.0390 1460 Boot type: Normal boot
14:37:42.0390 1460 ============================================================
14:37:43.0906 1460 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:37:43.0984 1460 ============================================================
14:37:43.0984 1460 \Device\Harddisk0\DR0:
14:37:43.0984 1460 MBR partitions:
14:37:43.0984 1460 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1CAF3004
14:37:43.0984 1460 ============================================================
14:37:44.0015 1460 C: <-> \Device\Harddisk0\DR0\Partition0
14:37:44.0015 1460 ============================================================
14:37:44.0015 1460 Initialize success
14:37:44.0015 1460 ============================================================
14:38:02.0984 2432 ============================================================
14:38:02.0984 2432 Scan started
14:38:02.0984 2432 Mode: Manual;
14:38:02.0984 2432 ============================================================
14:38:03.0187 2432 Aavmker4 (5803b5f166ee9865a3c763127dce02fd) C:\WINDOWS\system32\drivers\Aavmker4.sys
14:38:03.0187 2432 Aavmker4 - ok
14:38:03.0187 2432 Abiosdsk - ok
14:38:03.0203 2432 abp480n5 - ok
14:38:03.0234 2432 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:38:03.0234 2432 ACPI - ok
14:38:03.0265 2432 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:38:03.0265 2432 ACPIEC - ok
14:38:03.0328 2432 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:38:03.0343 2432 AdobeFlashPlayerUpdateSvc - ok
14:38:03.0343 2432 adpu160m - ok
14:38:03.0375 2432 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:38:03.0375 2432 aec - ok
14:38:03.0406 2432 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:38:03.0421 2432 AFD - ok
14:38:03.0421 2432 Aha154x - ok
14:38:03.0421 2432 aic78u2 - ok
14:38:03.0437 2432 aic78xx - ok
14:38:03.0453 2432 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
14:38:03.0468 2432 Alerter - ok
14:38:03.0468 2432 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
14:38:03.0468 2432 ALG - ok
14:38:03.0484 2432 AliIde - ok
14:38:03.0484 2432 amsint - ok
14:38:03.0625 2432 Application Updater (b4a30f0a7494cdbec73f6bd30fb619d9) C:\Program Files\Application Updater\ApplicationUpdater.exe
14:38:03.0687 2432 Application Updater - ok
14:38:03.0750 2432 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
14:38:03.0750 2432 AppMgmt - ok
14:38:03.0750 2432 asc - ok
14:38:03.0765 2432 asc3350p - ok
14:38:03.0765 2432 asc3550 - ok
14:38:03.0843 2432 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:38:03.0859 2432 aspnet_state - ok
14:38:03.0890 2432 aswFsBlk (5679eaf49f7e2a93ceadcf0aaf6fa3a3) C:\WINDOWS\system32\drivers\aswFsBlk.sys
14:38:03.0890 2432 aswFsBlk - ok
14:38:03.0906 2432 aswMon2 (61c194bc48521cb55be2763a33f77d44) C:\WINDOWS\system32\drivers\aswMon2.sys
14:38:03.0921 2432 aswMon2 - ok
14:38:03.0937 2432 aswRdr (b221d97841c02ae79ec5c56172724f5c) C:\WINDOWS\system32\drivers\aswRdr.sys
14:38:03.0937 2432 aswRdr - ok
14:38:03.0984 2432 aswSnx (1aee85af4b664ea9e22ebe41e8f96571) C:\WINDOWS\system32\drivers\aswSnx.sys
14:38:04.0000 2432 aswSnx - ok
14:38:04.0031 2432 aswSP (3c9d1aeb0fafa8493335503ebee9a301) C:\WINDOWS\system32\drivers\aswSP.sys
14:38:04.0046 2432 aswSP - ok
14:38:04.0046 2432 aswTdi (74f58f4adafaf50b9a09cb6e17b4ee49) C:\WINDOWS\system32\drivers\aswTdi.sys
14:38:04.0062 2432 aswTdi - ok
14:38:04.0093 2432 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:38:04.0093 2432 AsyncMac - ok
14:38:04.0125 2432 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:38:04.0125 2432 atapi - ok
14:38:04.0125 2432 Atdisk - ok
14:38:04.0171 2432 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:38:04.0171 2432 Atmarpc - ok
14:38:04.0203 2432 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
14:38:04.0203 2432 AudioSrv - ok
14:38:04.0234 2432 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:38:04.0234 2432 audstub - ok
14:38:04.0281 2432 avast! Antivirus (b31f785751157aa8e2a33ea1cb4dc5be) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:38:04.0281 2432 avast! Antivirus - ok
14:38:04.0296 2432 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:38:04.0296 2432 Beep - ok
14:38:04.0328 2432 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
14:38:04.0375 2432 BITS - ok
14:38:04.0406 2432 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
14:38:04.0406 2432 Browser - ok
14:38:04.0437 2432 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:38:04.0437 2432 cbidf2k - ok
14:38:04.0468 2432 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:38:04.0468 2432 CCDECODE - ok
14:38:04.0468 2432 cd20xrnt - ok
14:38:04.0515 2432 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:38:04.0515 2432 Cdaudio - ok
14:38:04.0531 2432 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:38:04.0531 2432 Cdfs - ok
14:38:04.0562 2432 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:38:04.0562 2432 Cdrom - ok
14:38:04.0562 2432 Changer - ok
14:38:04.0593 2432 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
14:38:04.0609 2432 CiSvc - ok
14:38:04.0609 2432 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
14:38:04.0609 2432 ClipSrv - ok
14:38:04.0687 2432 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:04.0703 2432 clr_optimization_v2.0.50727_32 - ok
14:38:04.0703 2432 CmdIde - ok
14:38:04.0703 2432 COMSysApp - ok
14:38:04.0718 2432 Cpqarray - ok
14:38:04.0734 2432 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
14:38:04.0734 2432 CryptSvc - ok
14:38:04.0750 2432 dac2w2k - ok
14:38:04.0750 2432 dac960nt - ok
14:38:04.0796 2432 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:38:04.0812 2432 DcomLaunch - ok
14:38:04.0828 2432 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
14:38:04.0843 2432 Dhcp - ok
14:38:04.0859 2432 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:38:04.0859 2432 Disk - ok
14:38:04.0859 2432 dmadmin - ok
14:38:04.0921 2432 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:38:04.0937 2432 dmboot - ok
14:38:04.0968 2432 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:38:04.0968 2432 dmio - ok
14:38:05.0000 2432 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:38:05.0000 2432 dmload - ok
14:38:05.0031 2432 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
14:38:05.0031 2432 dmserver - ok
14:38:05.0046 2432 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:38:05.0046 2432 DMusic - ok
14:38:05.0078 2432 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
14:38:05.0078 2432 Dnscache - ok
14:38:05.0156 2432 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
14:38:05.0171 2432 Dot3svc - ok
14:38:05.0171 2432 dpti2o - ok
14:38:05.0218 2432 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:38:05.0218 2432 drmkaud - ok
14:38:05.0265 2432 e1express (12774e08ae0b9b418e55e7338ad8b0dc) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
14:38:05.0265 2432 e1express - ok
14:38:05.0265 2432 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
14:38:05.0281 2432 EapHost - ok
14:38:05.0296 2432 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
14:38:05.0296 2432 ERSvc - ok
14:38:05.0328 2432 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:38:05.0343 2432 Eventlog - ok
14:38:05.0359 2432 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
14:38:05.0375 2432 EventSystem - ok
14:38:05.0406 2432 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:38:05.0421 2432 Fastfat - ok
14:38:05.0437 2432 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:38:05.0453 2432 FastUserSwitchingCompatibility - ok
14:38:05.0468 2432 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:38:05.0468 2432 Fdc - ok
14:38:05.0484 2432 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:38:05.0484 2432 Fips - ok
14:38:05.0500 2432 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:38:05.0500 2432 Flpydisk - ok
14:38:05.0515 2432 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:38:05.0531 2432 FltMgr - ok
14:38:05.0640 2432 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:38:05.0640 2432 FontCache3.0.0.0 - ok
14:38:05.0687 2432 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:38:05.0687 2432 Fs_Rec - ok
14:38:05.0703 2432 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:38:05.0703 2432 Ftdisk - ok
14:38:05.0734 2432 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:38:05.0734 2432 Gpc - ok
14:38:05.0796 2432 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
14:38:05.0796 2432 gupdate - ok
14:38:05.0796 2432 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
14:38:05.0812 2432 gupdatem - ok
14:38:05.0828 2432 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:38:05.0828 2432 HDAudBus - ok
14:38:05.0890 2432 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:38:05.0890 2432 helpsvc - ok
14:38:05.0906 2432 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
14:38:05.0906 2432 HidServ - ok
14:38:05.0937 2432 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:38:05.0937 2432 hidusb - ok
14:38:05.0968 2432 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
14:38:05.0984 2432 hkmsvc - ok
14:38:06.0000 2432 hpn - ok
14:38:06.0015 2432 HSFHWBS2 - ok
14:38:06.0015 2432 HSF_DPV - ok
14:38:06.0078 2432 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:38:06.0093 2432 HTTP - ok
14:38:06.0093 2432 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
14:38:06.0125 2432 HTTPFilter - ok
14:38:06.0125 2432 i2omgmt - ok
14:38:06.0125 2432 i2omp - ok
14:38:06.0140 2432 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
14:38:06.0140 2432 i8042prt - ok
14:38:06.0343 2432 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:38:06.0468 2432 ialm - ok
14:38:06.0687 2432 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:38:06.0734 2432 idsvc - ok
14:38:06.0828 2432 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:38:06.0828 2432 Imapi - ok
14:38:06.0859 2432 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
14:38:06.0875 2432 ImapiService - ok
14:38:06.0875 2432 ini910u - ok
14:38:07.0062 2432 IntcAzAudAddService (b2957d6c1226f029230dac2c46d34286) C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:38:07.0171 2432 IntcAzAudAddService - ok
14:38:07.0218 2432 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:38:07.0234 2432 IntelIde - ok
14:38:07.0265 2432 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:38:07.0265 2432 intelppm - ok
14:38:07.0296 2432 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:38:07.0296 2432 Ip6Fw - ok
14:38:07.0343 2432 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:38:07.0343 2432 IpFilterDriver - ok
14:38:07.0343 2432 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:38:07.0343 2432 IpInIp - ok
14:38:07.0390 2432 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:38:07.0390 2432 IpNat - ok
14:38:07.0406 2432 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:38:07.0406 2432 IPSec - ok
14:38:07.0406 2432 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:38:07.0406 2432 IRENUM - ok
14:38:07.0437 2432 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:38:07.0437 2432 isapnp - ok
14:38:07.0500 2432 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
14:38:07.0515 2432 JavaQuickStarterService - ok
14:38:07.0531 2432 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:38:07.0546 2432 Kbdclass - ok
14:38:07.0546 2432 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:38:07.0546 2432 kbdhid - ok
14:38:07.0578 2432 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:38:07.0578 2432 kmixer - ok
14:38:07.0625 2432 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:38:07.0625 2432 KSecDD - ok
14:38:07.0656 2432 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
14:38:07.0671 2432 lanmanserver - ok
14:38:07.0687 2432 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
14:38:07.0703 2432 lanmanworkstation - ok
14:38:07.0718 2432 lbrtfdc - ok
14:38:07.0750 2432 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
14:38:07.0750 2432 LmHosts - ok
14:38:07.0812 2432 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
14:38:07.0828 2432 MDM - ok
14:38:07.0828 2432 mdmxsdk - ok
14:38:07.0843 2432 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
14:38:07.0843 2432 Messenger - ok
14:38:07.0890 2432 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:38:07.0890 2432 Microsoft Office Groove Audit Service - ok
14:38:07.0921 2432 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:38:07.0921 2432 mnmdd - ok
14:38:07.0953 2432 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
14:38:07.0953 2432 mnmsrvc - ok
14:38:08.0000 2432 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:38:08.0000 2432 Modem - ok
14:38:08.0031 2432 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:38:08.0031 2432 Mouclass - ok
14:38:08.0046 2432 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:38:08.0046 2432 mouhid - ok
14:38:08.0078 2432 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:38:08.0078 2432 MountMgr - ok
14:38:08.0109 2432 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:38:08.0125 2432 MozillaMaintenance - ok
14:38:08.0125 2432 mraid35x - ok
14:38:08.0156 2432 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:38:08.0171 2432 MRxDAV - ok
14:38:08.0203 2432 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:38:08.0234 2432 MRxSmb - ok
14:38:08.0296 2432 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
14:38:08.0296 2432 MSDTC - ok
14:38:08.0328 2432 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:38:08.0328 2432 Msfs - ok
14:38:08.0328 2432 MSIServer - ok
14:38:08.0375 2432 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:38:08.0375 2432 MSKSSRV - ok
14:38:08.0375 2432 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:38:08.0390 2432 MSPCLOCK - ok
14:38:08.0406 2432 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:38:08.0406 2432 MSPQM - ok
14:38:08.0437 2432 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:38:08.0437 2432 mssmbios - ok
14:38:08.0484 2432 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:38:08.0484 2432 MSTEE - ok
14:38:08.0515 2432 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:38:08.0531 2432 Mup - ok
14:38:08.0531 2432 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:38:08.0531 2432 NABTSFEC - ok
14:38:08.0578 2432 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
14:38:08.0640 2432 napagent - ok
14:38:08.0687 2432 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:38:08.0687 2432 NDIS - ok
14:38:08.0718 2432 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:38:08.0718 2432 NdisIP - ok
14:38:08.0750 2432 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:38:08.0750 2432 NdisTapi - ok
14:38:08.0765 2432 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:38:08.0765 2432 Ndisuio - ok
14:38:08.0781 2432 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:38:08.0781 2432 NdisWan - ok
14:38:08.0812 2432 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:38:08.0812 2432 NDProxy - ok
14:38:08.0828 2432 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:38:08.0828 2432 NetBIOS - ok
14:38:08.0843 2432 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:38:08.0859 2432 NetBT - ok
14:38:08.0890 2432 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:38:08.0906 2432 NetDDE - ok
14:38:08.0906 2432 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:38:08.0921 2432 NetDDEdsdm - ok
14:38:08.0937 2432 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:08.0937 2432 Netlogon - ok
14:38:08.0968 2432 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
14:38:08.0984 2432 Netman - ok
14:38:09.0109 2432 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:38:09.0109 2432 NetTcpPortSharing - ok
14:38:09.0156 2432 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
14:38:09.0171 2432 Nla - ok
14:38:09.0234 2432 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:38:09.0234 2432 Npfs - ok
14:38:09.0265 2432 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:38:09.0281 2432 Ntfs - ok
14:38:09.0296 2432 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:09.0296 2432 NtLmSsp - ok
14:38:09.0343 2432 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
14:38:09.0375 2432 NtmsSvc - ok
14:38:09.0406 2432 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:38:09.0406 2432 Null - ok
14:38:09.0453 2432 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:38:09.0453 2432 NwlnkFlt - ok
14:38:09.0468 2432 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:38:09.0468 2432 NwlnkFwd - ok
14:38:09.0562 2432 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:38:09.0578 2432 odserv - ok
14:38:09.0609 2432 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:09.0625 2432 ose - ok
14:38:09.0656 2432 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
14:38:09.0656 2432 Parport - ok
14:38:09.0656 2432 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:38:09.0656 2432 PartMgr - ok
14:38:09.0703 2432 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:38:09.0703 2432 ParVdm - ok
14:38:09.0734 2432 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:38:09.0734 2432 PCI - ok
14:38:09.0750 2432 PCIDump - ok
14:38:09.0765 2432 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:38:09.0765 2432 PCIIde - ok
14:38:09.0796 2432 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:38:09.0812 2432 Pcmcia - ok
14:38:09.0828 2432 PDCOMP - ok
14:38:09.0843 2432 PDFRAME - ok
14:38:09.0843 2432 PDRELI - ok
14:38:09.0843 2432 PDRFRAME - ok
14:38:09.0859 2432 perc2 - ok
14:38:09.0859 2432 perc2hib - ok
14:38:09.0906 2432 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:38:09.0906 2432 PlugPlay - ok
14:38:09.0937 2432 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:09.0937 2432 PolicyAgent - ok
14:38:09.0968 2432 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:38:09.0968 2432 PptpMiniport - ok
14:38:09.0968 2432 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:09.0968 2432 ProtectedStorage - ok
14:38:09.0984 2432 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:38:09.0984 2432 PSched - ok
14:38:10.0000 2432 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:38:10.0015 2432 Ptilink - ok
14:38:10.0015 2432 ql1080 - ok
14:38:10.0015 2432 Ql10wnt - ok
14:38:10.0015 2432 ql12160 - ok
14:38:10.0031 2432 ql1240 - ok
14:38:10.0031 2432 ql1280 - ok
14:38:10.0046 2432 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:38:10.0046 2432 RasAcd - ok
14:38:10.0078 2432 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
14:38:10.0093 2432 RasAuto - ok
14:38:10.0109 2432 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:38:10.0109 2432 Rasl2tp - ok
14:38:10.0140 2432 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
14:38:10.0156 2432 RasMan - ok
14:38:10.0171 2432 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:38:10.0171 2432 RasPppoe - ok
14:38:10.0171 2432 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:38:10.0187 2432 Raspti - ok
14:38:10.0203 2432 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:38:10.0203 2432 Rdbss - ok
14:38:10.0218 2432 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:38:10.0218 2432 RDPCDD - ok
14:38:10.0250 2432 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:38:10.0265 2432 rdpdr - ok
14:38:10.0296 2432 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
14:38:10.0296 2432 RDPWD - ok
14:38:10.0328 2432 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
14:38:10.0343 2432 RDSessMgr - ok
14:38:10.0359 2432 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:38:10.0359 2432 redbook - ok
14:38:10.0390 2432 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
14:38:10.0390 2432 RemoteAccess - ok
14:38:10.0421 2432 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
14:38:10.0421 2432 RemoteRegistry - ok
14:38:10.0453 2432 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
14:38:10.0453 2432 RpcLocator - ok
14:38:10.0500 2432 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:38:10.0515 2432 RpcSs - ok
14:38:10.0546 2432 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
14:38:10.0546 2432 RSVP - ok
14:38:10.0593 2432 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:10.0593 2432 SamSs - ok
14:38:10.0625 2432 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
14:38:10.0640 2432 SCardSvr - ok
14:38:10.0671 2432 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
14:38:10.0703 2432 Schedule - ok
14:38:10.0734 2432 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:38:10.0734 2432 Secdrv - ok
14:38:10.0765 2432 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
14:38:10.0781 2432 seclogon - ok
14:38:10.0812 2432 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
14:38:10.0828 2432 SENS - ok
14:38:10.0843 2432 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
14:38:10.0843 2432 Serial - ok
14:38:10.0859 2432 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:38:10.0859 2432 Sfloppy - ok
14:38:10.0890 2432 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
14:38:10.0906 2432 SharedAccess - ok
14:38:10.0937 2432 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:38:10.0937 2432 ShellHWDetection - ok
14:38:10.0937 2432 Simbad - ok
14:38:10.0984 2432 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:38:10.0984 2432 SLIP - ok
14:38:10.0984 2432 Sparrow - ok
14:38:11.0015 2432 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:38:11.0031 2432 splitter - ok
14:38:11.0046 2432 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:38:11.0062 2432 Spooler - ok
14:38:11.0109 2432 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:38:11.0109 2432 sr - ok
14:38:11.0140 2432 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
14:38:11.0156 2432 srservice - ok
14:38:11.0203 2432 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:38:11.0203 2432 Srv - ok
14:38:11.0234 2432 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
14:38:11.0250 2432 SSDPSRV - ok
14:38:11.0296 2432 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
14:38:11.0312 2432 stisvc - ok
14:38:11.0343 2432 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:38:11.0343 2432 streamip - ok
14:38:11.0375 2432 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:38:11.0375 2432 swenum - ok
14:38:11.0406 2432 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:38:11.0406 2432 swmidi - ok
14:38:11.0421 2432 SwPrv - ok
14:38:11.0421 2432 symc810 - ok
14:38:11.0437 2432 symc8xx - ok
14:38:11.0437 2432 sym_hi - ok
14:38:11.0437 2432 sym_u3 - ok
14:38:11.0453 2432 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:38:11.0468 2432 sysaudio - ok
14:38:11.0500 2432 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
14:38:11.0515 2432 SysmonLog - ok
14:38:11.0531 2432 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
14:38:11.0562 2432 TapiSrv - ok
14:38:11.0593 2432 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:38:11.0625 2432 Tcpip - ok
14:38:11.0640 2432 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:38:11.0640 2432 TDPIPE - ok
14:38:11.0656 2432 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:38:11.0656 2432 TDTCP - ok
14:38:11.0671 2432 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:38:11.0671 2432 TermDD - ok
14:38:11.0703 2432 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
14:38:11.0718 2432 TermService - ok
14:38:11.0750 2432 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:38:11.0750 2432 Themes - ok
14:38:11.0796 2432 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
14:38:11.0812 2432 TlntSvr - ok
14:38:11.0812 2432 TosIde - ok
14:38:11.0859 2432 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
14:38:11.0875 2432 TrkWks - ok
14:38:11.0890 2432 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:38:11.0890 2432 Udfs - ok
14:38:11.0906 2432 ultra - ok
14:38:11.0937 2432 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:38:11.0937 2432 Update - ok
14:38:11.0968 2432 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
14:38:11.0968 2432 upnphost - ok
14:38:12.0000 2432 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
14:38:12.0015 2432 UPS - ok
14:38:12.0046 2432 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:38:12.0046 2432 usbccgp - ok
14:38:12.0078 2432 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:38:12.0078 2432 usbehci - ok
14:38:12.0109 2432 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:38:12.0125 2432 usbhub - ok
14:38:12.0140 2432 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:38:12.0140 2432 usbprint - ok
14:38:12.0156 2432 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:38:12.0156 2432 usbscan - ok
14:38:12.0187 2432 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:38:12.0187 2432 usbstor - ok
14:38:12.0203 2432 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:38:12.0203 2432 usbuhci - ok
14:38:12.0234 2432 V0330VID (3069ad16f9d328bff0e7c87606940fd9) C:\WINDOWS\system32\DRIVERS\V0330Vid.sys
14:38:12.0250 2432 V0330VID - ok
14:38:12.0250 2432 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:38:12.0265 2432 VgaSave - ok
14:38:12.0265 2432 ViaIde - ok
14:38:12.0281 2432 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:38:12.0296 2432 VolSnap - ok
14:38:12.0328 2432 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
14:38:12.0359 2432 VSS - ok
14:38:12.0390 2432 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
14:38:12.0421 2432 W32Time - ok
14:38:12.0437 2432 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:38:12.0437 2432 Wanarp - ok
14:38:12.0484 2432 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
14:38:12.0500 2432 Wdf01000 - ok
14:38:12.0500 2432 WDICA - ok
14:38:12.0531 2432 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:38:12.0546 2432 wdmaud - ok
14:38:12.0562 2432 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
14:38:12.0578 2432 WebClient - ok
14:38:12.0578 2432 winachsf - ok
14:38:12.0640 2432 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:38:12.0656 2432 winmgmt - ok
14:38:12.0671 2432 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
14:38:12.0687 2432 WinUSB - ok
14:38:12.0718 2432 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:38:12.0718 2432 WmdmPmSN - ok
14:38:12.0781 2432 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
14:38:12.0781 2432 Wmi - ok
14:38:12.0828 2432 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:38:12.0828 2432 WmiApSrv - ok
14:38:12.0953 2432 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
14:38:12.0968 2432 WMPNetworkSvc - ok
14:38:13.0062 2432 WMZuneComm (017695393afffed8de58abd1b085be6d) c:\Program Files\Zune\WMZuneComm.exe
14:38:13.0078 2432 WMZuneComm - ok
14:38:13.0109 2432 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:38:13.0109 2432 WpdUsb - ok
14:38:13.0156 2432 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
14:38:13.0187 2432 wscsvc - ok
14:38:13.0187 2432 WSearch - ok
14:38:13.0218 2432 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:38:13.0234 2432 WSTCODEC - ok
14:38:13.0234 2432 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
14:38:13.0250 2432 wuauserv - ok
14:38:13.0281 2432 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:38:13.0296 2432 WudfPf - ok
14:38:13.0312 2432 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:38:13.0312 2432 WudfRd - ok
14:38:13.0328 2432 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
14:38:13.0343 2432 WudfSvc - ok
14:38:13.0390 2432 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
14:38:13.0421 2432 WZCSVC - ok
14:38:13.0437 2432 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
14:38:13.0453 2432 xmlprov - ok
14:38:13.0484 2432 zumbus (ae279cd76b38fc079eec3ca6d65a5926) C:\WINDOWS\system32\DRIVERS\zumbus.sys
14:38:13.0484 2432 zumbus - ok
14:38:13.0546 2432 ZuneBusEnum (37f339b64f19e2775284ed7161b96683) c:\Program Files\Zune\ZuneBusEnum.exe
14:38:13.0546 2432 ZuneBusEnum - ok
14:38:13.0781 2432 ZuneNetworkSvc (1076df9ade4e13ea3bf39d2165aeb903) c:\Program Files\Zune\ZuneNss.exe
14:38:14.0578 2432 ZuneNetworkSvc - ok
14:38:14.0906 2432 ZuneWlanCfgSvc (de1cdb333a402b279f04d627122fa08e) c:\Program Files\Zune\ZuneWlanCfgSvc.exe
14:38:14.0953 2432 ZuneWlanCfgSvc - ok
14:38:14.0968 2432 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:38:15.0859 2432 \Device\Harddisk0\DR0 - ok
14:38:15.0875 2432 Boot (0x1200) (9a88407c0cc31a97908c033b2ec500f6) \Device\Harddisk0\DR0\Partition0
14:38:15.0875 2432 \Device\Harddisk0\DR0\Partition0 - ok
14:38:15.0875 2432 ============================================================
14:38:15.0875 2432 Scan finished
14:38:15.0875 2432 ============================================================
14:38:15.0890 2376 Detected object count: 0
14:38:15.0890 2376 Actual detected object count: 0
14:38:34.0015 2528 ============================================================
14:38:34.0015 2528 Scan started
14:38:34.0015 2528 Mode: Manual;
14:38:34.0015 2528

JohnShooter
2012-07-03, 22:15
============================================================
14:38:34.0156 2528 Aavmker4 (5803b5f166ee9865a3c763127dce02fd) C:\WINDOWS\system32\drivers\Aavmker4.sys
14:38:34.0156 2528 Aavmker4 - ok
14:38:34.0156 2528 Abiosdsk - ok
14:38:34.0171 2528 abp480n5 - ok
14:38:34.0203 2528 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:38:34.0203 2528 ACPI - ok
14:38:34.0234 2528 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:38:34.0234 2528 ACPIEC - ok
14:38:34.0296 2528 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:38:34.0296 2528 AdobeFlashPlayerUpdateSvc - ok
14:38:34.0296 2528 adpu160m - ok
14:38:34.0328 2528 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:38:34.0328 2528 aec - ok
14:38:34.0359 2528 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:38:34.0359 2528 AFD - ok
14:38:34.0359 2528 Aha154x - ok
14:38:34.0359 2528 aic78u2 - ok
14:38:34.0375 2528 aic78xx - ok
14:38:34.0390 2528 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
14:38:34.0390 2528 Alerter - ok
14:38:34.0406 2528 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
14:38:34.0406 2528 ALG - ok
14:38:34.0406 2528 AliIde - ok
14:38:34.0421 2528 amsint - ok
14:38:34.0531 2528 Application Updater (b4a30f0a7494cdbec73f6bd30fb619d9) C:\Program Files\Application Updater\ApplicationUpdater.exe
14:38:34.0546 2528 Application Updater - ok
14:38:34.0578 2528 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
14:38:34.0578 2528 AppMgmt - ok
14:38:34.0593 2528 asc - ok
14:38:34.0593 2528 asc3350p - ok
14:38:34.0593 2528 asc3550 - ok
14:38:34.0671 2528 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:38:34.0671 2528 aspnet_state - ok
14:38:34.0703 2528 aswFsBlk (5679eaf49f7e2a93ceadcf0aaf6fa3a3) C:\WINDOWS\system32\drivers\aswFsBlk.sys
14:38:34.0703 2528 aswFsBlk - ok
14:38:34.0718 2528 aswMon2 (61c194bc48521cb55be2763a33f77d44) C:\WINDOWS\system32\drivers\aswMon2.sys
14:38:34.0718 2528 aswMon2 - ok
14:38:34.0734 2528 aswRdr (b221d97841c02ae79ec5c56172724f5c) C:\WINDOWS\system32\drivers\aswRdr.sys
14:38:34.0734 2528 aswRdr - ok
14:38:34.0781 2528 aswSnx (1aee85af4b664ea9e22ebe41e8f96571) C:\WINDOWS\system32\drivers\aswSnx.sys
14:38:34.0796 2528 aswSnx - ok
14:38:34.0828 2528 aswSP (3c9d1aeb0fafa8493335503ebee9a301) C:\WINDOWS\system32\drivers\aswSP.sys
14:38:34.0828 2528 aswSP - ok
14:38:34.0843 2528 aswTdi (74f58f4adafaf50b9a09cb6e17b4ee49) C:\WINDOWS\system32\drivers\aswTdi.sys
14:38:34.0843 2528 aswTdi - ok
14:38:34.0890 2528 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:38:34.0890 2528 AsyncMac - ok
14:38:34.0921 2528 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:38:34.0921 2528 atapi - ok
14:38:34.0921 2528 Atdisk - ok
14:38:34.0953 2528 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:38:34.0953 2528 Atmarpc - ok
14:38:34.0984 2528 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
14:38:34.0984 2528 AudioSrv - ok
14:38:35.0000 2528 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:38:35.0000 2528 audstub - ok
14:38:35.0062 2528 avast! Antivirus (b31f785751157aa8e2a33ea1cb4dc5be) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:38:35.0062 2528 avast! Antivirus - ok
14:38:35.0078 2528 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:38:35.0093 2528 Beep - ok
14:38:35.0125 2528 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
14:38:35.0125 2528 BITS - ok
14:38:35.0156 2528 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
14:38:35.0156 2528 Browser - ok
14:38:35.0187 2528 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:38:35.0187 2528 cbidf2k - ok
14:38:35.0218 2528 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:38:35.0218 2528 CCDECODE - ok
14:38:35.0218 2528 cd20xrnt - ok
14:38:35.0265 2528 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:38:35.0265 2528 Cdaudio - ok
14:38:35.0265 2528 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:38:35.0281 2528 Cdfs - ok
14:38:35.0296 2528 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:38:35.0296 2528 Cdrom - ok
14:38:35.0312 2528 Changer - ok
14:38:35.0343 2528 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
14:38:35.0343 2528 CiSvc - ok
14:38:35.0343 2528 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
14:38:35.0359 2528 ClipSrv - ok
14:38:35.0421 2528 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:35.0421 2528 clr_optimization_v2.0.50727_32 - ok
14:38:35.0437 2528 CmdIde - ok
14:38:35.0437 2528 COMSysApp - ok
14:38:35.0453 2528 Cpqarray - ok
14:38:35.0468 2528 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
14:38:35.0468 2528 CryptSvc - ok
14:38:35.0468 2528 dac2w2k - ok
14:38:35.0468 2528 dac960nt - ok
14:38:35.0515 2528 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:38:35.0531 2528 DcomLaunch - ok
14:38:35.0562 2528 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
14:38:35.0562 2528 Dhcp - ok
14:38:35.0578 2528 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:38:35.0578 2528 Disk - ok
14:38:35.0578 2528 dmadmin - ok
14:38:35.0640 2528 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:38:35.0640 2528 dmboot - ok
14:38:35.0671 2528 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:38:35.0671 2528 dmio - ok
14:38:35.0703 2528 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:38:35.0703 2528 dmload - ok
14:38:35.0718 2528 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
14:38:35.0718 2528 dmserver - ok
14:38:35.0750 2528 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:38:35.0750 2528 DMusic - ok
14:38:35.0781 2528 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
14:38:35.0781 2528 Dnscache - ok
14:38:35.0812 2528 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
14:38:35.0812 2528 Dot3svc - ok
14:38:35.0828 2528 dpti2o - ok
14:38:35.0843 2528 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:38:35.0843 2528 drmkaud - ok
14:38:35.0890 2528 e1express (12774e08ae0b9b418e55e7338ad8b0dc) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
14:38:35.0890 2528 e1express - ok
14:38:35.0890 2528 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
14:38:35.0890 2528 EapHost - ok
14:38:35.0953 2528 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
14:38:35.0953 2528 ERSvc - ok
14:38:35.0984 2528 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:38:35.0984 2528 Eventlog - ok
14:38:36.0015 2528 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
14:38:36.0031 2528 EventSystem - ok
14:38:36.0046 2528 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:38:36.0062 2528 Fastfat - ok
14:38:36.0093 2528 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:38:36.0109 2528 FastUserSwitchingCompatibility - ok
14:38:36.0109 2528 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:38:36.0125 2528 Fdc - ok
14:38:36.0140 2528 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:38:36.0140 2528 Fips - ok
14:38:36.0156 2528 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:38:36.0156 2528 Flpydisk - ok
14:38:36.0171 2528 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:38:36.0171 2528 FltMgr - ok
14:38:36.0281 2528 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:38:36.0281 2528 FontCache3.0.0.0 - ok
14:38:36.0312 2528 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:38:36.0312 2528 Fs_Rec - ok
14:38:36.0328 2528 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:38:36.0328 2528 Ftdisk - ok
14:38:36.0359 2528 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:38:36.0359 2528 Gpc - ok
14:38:36.0421 2528 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
14:38:36.0421 2528 gupdate - ok
14:38:36.0421 2528 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
14:38:36.0421 2528 gupdatem - ok
14:38:36.0437 2528 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:38:36.0437 2528 HDAudBus - ok
14:38:36.0500 2528 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:38:36.0500 2528 helpsvc - ok
14:38:36.0531 2528 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
14:38:36.0531 2528 HidServ - ok
14:38:36.0546 2528 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:38:36.0562 2528 hidusb - ok
14:38:36.0593 2528 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
14:38:36.0593 2528 hkmsvc - ok
14:38:36.0609 2528 hpn - ok
14:38:36.0609 2528 HSFHWBS2 - ok
14:38:36.0609 2528 HSF_DPV - ok
14:38:36.0656 2528 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:38:36.0656 2528 HTTP - ok
14:38:36.0671 2528 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
14:38:36.0687 2528 HTTPFilter - ok
14:38:36.0687 2528 i2omgmt - ok
14:38:36.0687 2528 i2omp - ok
14:38:36.0703 2528 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
14:38:36.0703 2528 i8042prt - ok
14:38:36.0921 2528 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:38:36.0968 2528 ialm - ok
14:38:37.0203 2528 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:38:37.0203 2528 idsvc - ok
14:38:37.0281 2528 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:38:37.0281 2528 Imapi - ok
14:38:37.0312 2528 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
14:38:37.0312 2528 ImapiService - ok
14:38:37.0312 2528 ini910u - ok
14:38:37.0500 2528 IntcAzAudAddService (b2957d6c1226f029230dac2c46d34286) C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:38:37.0531 2528 IntcAzAudAddService - ok
14:38:37.0593 2528 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:38:37.0593 2528 IntelIde - ok
14:38:37.0625 2528 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:38:37.0625 2528 intelppm - ok
14:38:37.0656 2528 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:38:37.0656 2528 Ip6Fw - ok
14:38:37.0703 2528 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:38:37.0703 2528 IpFilterDriver - ok
14:38:37.0703 2528 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:38:37.0703 2528 IpInIp - ok
14:38:37.0750 2528 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:38:37.0750 2528 IpNat - ok
14:38:37.0765 2528 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:38:37.0765 2528 IPSec - ok
14:38:37.0765 2528 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:38:37.0781 2528 IRENUM - ok
14:38:37.0812 2528 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:38:37.0812 2528 isapnp - ok
14:38:37.0875 2528 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
14:38:37.0875 2528 JavaQuickStarterService - ok
14:38:37.0906 2528 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:38:37.0906 2528 Kbdclass - ok
14:38:37.0906 2528 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:38:37.0921 2528 kbdhid - ok
14:38:37.0937 2528 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:38:37.0937 2528 kmixer - ok
14:38:37.0968 2528 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:38:37.0984 2528 KSecDD - ok
14:38:38.0000 2528 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
14:38:38.0015 2528 lanmanserver - ok
14:38:38.0046 2528 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
14:38:38.0046 2528 lanmanworkstation - ok
14:38:38.0046 2528 lbrtfdc - ok
14:38:38.0078 2528 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
14:38:38.0093 2528 LmHosts - ok
14:38:38.0140 2528 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
14:38:38.0140 2528 MDM - ok
14:38:38.0156 2528 mdmxsdk - ok
14:38:38.0156 2528 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
14:38:38.0171 2528 Messenger - ok
14:38:38.0203 2528 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:38:38.0203 2528 Microsoft Office Groove Audit Service - ok
14:38:38.0234 2528 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:38:38.0234 2528 mnmdd - ok
14:38:38.0265 2528 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
14:38:38.0281 2528 mnmsrvc - ok
14:38:38.0296 2528 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:38:38.0296 2528 Modem - ok
14:38:38.0328 2528 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:38:38.0328 2528 Mouclass - ok
14:38:38.0359 2528 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:38:38.0359 2528 mouhid - ok
14:38:38.0375 2528 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:38:38.0375 2528 MountMgr - ok
14:38:38.0406 2528 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:38:38.0406 2528 MozillaMaintenance - ok
14:38:38.0406 2528 mraid35x - ok
14:38:38.0437 2528 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:38:38.0453 2528 MRxDAV - ok
14:38:38.0500 2528 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:38:38.0500 2528 MRxSmb - ok
14:38:38.0531 2528 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
14:38:38.0531 2528 MSDTC - ok
14:38:38.0562 2528 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:38:38.0562 2528 Msfs - ok
14:38:38.0562 2528 MSIServer - ok
14:38:38.0609 2528 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:38:38.0609 2528 MSKSSRV - ok
14:38:38.0609 2528 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:38:38.0609 2528 MSPCLOCK - ok
14:38:38.0640 2528 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:38:38.0640 2528 MSPQM - ok
14:38:38.0656 2528 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:38:38.0656 2528 mssmbios - ok
14:38:38.0703 2528 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:38:38.0703 2528 MSTEE - ok
14:38:38.0734 2528 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:38:38.0734 2528 Mup - ok
14:38:38.0750 2528 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:38:38.0750 2528 NABTSFEC - ok
14:38:38.0796 2528 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
14:38:38.0812 2528 napagent - ok
14:38:38.0843 2528 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:38:38.0859 2528 NDIS - ok
14:38:38.0859 2528 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:38:38.0859 2528 NdisIP - ok
14:38:38.0906 2528 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:38:38.0906 2528 NdisTapi - ok
14:38:38.0921 2528 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:38:38.0921 2528 Ndisuio - ok
14:38:38.0921 2528 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:38:38.0937 2528 NdisWan - ok
14:38:38.0953 2528 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:38:38.0953 2528 NDProxy - ok
14:38:38.0968 2528 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:38:38.0968 2528 NetBIOS - ok
14:38:38.0984 2528 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:38:38.0984 2528 NetBT - ok
14:38:39.0031 2528 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:38:39.0031 2528 NetDDE - ok
14:38:39.0031 2528 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:38:39.0046 2528 NetDDEdsdm - ok
14:38:39.0062 2528 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:39.0078 2528 Netlogon - ok
14:38:39.0093 2528 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
14:38:39.0109 2528 Netman - ok
14:38:39.0234 2528 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:38:39.0250 2528 NetTcpPortSharing - ok
14:38:39.0281 2528 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
14:38:39.0281 2528 Nla - ok
14:38:39.0312 2528 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:38:39.0312 2528 Npfs - ok
14:38:39.0343 2528 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:38:39.0359 2528 Ntfs - ok
14:38:39.0359 2528 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:39.0359 2528 NtLmSsp - ok
14:38:39.0406 2528 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
14:38:39.0421 2528 NtmsSvc - ok
14:38:39.0437 2528 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:38:39.0437 2528 Null - ok
14:38:39.0468 2528 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:38:39.0468 2528 NwlnkFlt - ok
14:38:39.0484 2528 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:38:39.0500 2528 NwlnkFwd - ok
14:38:39.0578 2528 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:38:39.0578 2528 odserv - ok
14:38:39.0609 2528 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:39.0609 2528 ose - ok
14:38:39.0640 2528 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
14:38:39.0640 2528 Parport - ok
14:38:39.0640 2528 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:38:39.0656 2528 PartMgr - ok
14:38:39.0687 2528 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:38:39.0687 2528 ParVdm - ok
14:38:39.0718 2528 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:38:39.0734 2528 PCI - ok
14:38:39.0734 2528 PCIDump - ok
14:38:39.0750 2528 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:38:39.0750 2528 PCIIde - ok
14:38:39.0781 2528 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:38:39.0781 2528 Pcmcia - ok
14:38:39.0781 2528 PDCOMP - ok
14:38:39.0796 2528 PDFRAME - ok
14:38:39.0796 2528 PDRELI - ok
14:38:39.0796 2528 PDRFRAME - ok
14:38:39.0812 2528 perc2 - ok
14:38:39.0812 2528 perc2hib - ok
14:38:39.0859 2528 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:38:39.0875 2528 PlugPlay - ok
14:38:39.0890 2528 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:39.0890 2528 PolicyAgent - ok
14:38:39.0921 2528 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:38:39.0921 2528 PptpMiniport - ok
14:38:39.0921 2528 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:39.0937 2528 ProtectedStorage - ok
14:38:39.0937 2528 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:38:39.0937 2528 PSched - ok
14:38:39.0968 2528 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:38:39.0968 2528 Ptilink - ok
14:38:39.0968 2528 ql1080 - ok
14:38:39.0984 2528 Ql10wnt - ok
14:38:39.0984 2528 ql12160 - ok
14:38:39.0984 2528 ql1240 - ok
14:38:40.0000 2528 ql1280 - ok
14:38:40.0000 2528 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:38:40.0000 2528 RasAcd - ok
14:38:40.0031 2528 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
14:38:40.0031 2528 RasAuto - ok
14:38:40.0046 2528 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:38:40.0046 2528 Rasl2tp - ok
14:38:40.0078 2528 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
14:38:40.0093 2528 RasMan - ok
14:38:40.0093 2528 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:38:40.0109 2528 RasPppoe - ok
14:38:40.0109 2528 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:38:40.0125 2528 Raspti - ok
14:38:40.0140 2528 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:38:40.0140 2528 Rdbss - ok
14:38:40.0140 2528 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:38:40.0140 2528 RDPCDD - ok
14:38:40.0171 2528 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:38:40.0171 2528 rdpdr - ok
14:38:40.0187 2528 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
14:38:40.0203 2528 RDPWD - ok
14:38:40.0218 2528 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
14:38:40.0234 2528 RDSessMgr - ok
14:38:40.0234 2528 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:38:40.0250 2528 redbook - ok
14:38:40.0281 2528 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
14:38:40.0281 2528 RemoteAccess - ok
14:38:40.0296 2528 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
14:38:40.0296 2528 RemoteRegistry - ok
14:38:40.0328 2528 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
14:38:40.0343 2528 RpcLocator - ok
14:38:40.0390 2528 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:38:40.0390 2528 RpcSs - ok
14:38:40.0421 2528 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
14:38:40.0437 2528 RSVP - ok
14:38:40.0453 2528 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:38:40.0468 2528 SamSs - ok
14:38:40.0500 2528 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
14:38:40.0500 2528 SCardSvr - ok
14:38:40.0531 2528 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
14:38:40.0531 2528 Schedule - ok
14:38:40.0562 2528 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:38:40.0562 2528 Secdrv - ok
14:38:40.0593 2528 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
14:38:40.0593 2528 seclogon - ok
14:38:40.0609 2528 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
14:38:40.0625 2528 SENS - ok
14:38:40.0656 2528 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
14:38:40.0656 2528 Serial - ok
14:38:40.0671 2528 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:38:40.0671 2528 Sfloppy - ok
14:38:40.0703 2528 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
14:38:40.0703 2528 SharedAccess - ok
14:38:40.0734 2528 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:38:40.0734 2528 ShellHWDetection - ok
14:38:40.0734 2528 Simbad - ok
14:38:40.0781 2528 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:38:40.0781 2528 SLIP - ok
14:38:40.0781 2528 Sparrow - ok
14:38:40.0812 2528 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:38:40.0812 2528 splitter - ok
14:38:40.0843 2528 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:38:40.0859 2528 Spooler - ok
14:38:40.0875 2528 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:38:40.0875 2528 sr - ok
14:38:40.0921 2528 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
14:38:40.0921 2528 srservice - ok
14:38:40.0953 2528 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:38:40.0968 2528 Srv - ok
14:38:40.0984 2528 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
14:38:41.0000 2528 SSDPSRV - ok
14:38:41.0031 2528 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
14:38:41.0046 2528 stisvc - ok
14:38:41.0078 2528 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:38:41.0078 2528 streamip - ok
14:38:41.0109 2528 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:38:41.0109 2528 swenum - ok
14:38:41.0140 2528 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:38:41.0140 2528 swmidi - ok
14:38:41.0140 2528 SwPrv - ok
14:38:41.0156 2528 symc810 - ok
14:38:41.0156 2528 symc8xx - ok
14:38:41.0171 2528 sym_hi - ok
14:38:41.0171 2528 sym_u3 - ok
14:38:41.0187 2528 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:38:41.0187 2528 sysaudio - ok
14:38:41.0218 2528 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
14:38:41.0234 2528 SysmonLog - ok
14:38:41.0250 2528 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
14:38:41.0265 2528 TapiSrv - ok
14:38:41.0312 2528 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:38:41.0312 2528 Tcpip - ok
14:38:41.0312 2528 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:38:41.0328 2528 TDPIPE - ok
14:38:41.0343 2528 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:38:41.0343 2528 TDTCP - ok
14:38:41.0359 2528 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:38:41.0359 2528 TermDD - ok
14:38:41.0390 2528 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
14:38:41.0390 2528 TermService - ok
14:38:41.0421 2528 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:38:41.0421 2528 Themes - ok
14:38:41.0468 2528 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
14:38:41.0468 2528 TlntSvr - ok
14:38:41.0484 2528 TosIde - ok
14:38:41.0515 2528 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
14:38:41.0515 2528 TrkWks - ok
14:38:41.0531 2528 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:38:41.0531 2528 Udfs - ok
14:38:41.0546 2528 ultra - ok
14:38:41.0562 2528 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:38:41.0578 2528 Update - ok
14:38:41.0593 2528 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
14:38:41.0593 2528 upnphost - ok
14:38:41.0625 2528 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
14:38:41.0640 2528 UPS - ok
14:38:41.0656 2528 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:38:41.0671 2528 usbccgp - ok
14:38:41.0687 2528 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:38:41.0687 2528 usbehci - ok
14:38:41.0703 2528 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:38:41.0703 2528 usbhub - ok
14:38:41.0718 2528 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:38:41.0734 2528 usbprint - ok
14:38:41.0750 2528 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:38:41.0750 2528 usbscan - ok
14:38:41.0765 2528 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:38:41.0765 2528 usbstor - ok
14:38:41.0781 2528 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:38:41.0781 2528 usbuhci - ok
14:38:41.0812 2528 V0330VID (3069ad16f9d328bff0e7c87606940fd9) C:\WINDOWS\system32\DRIVERS\V0330Vid.sys
14:38:41.0812 2528 V0330VID - ok
14:38:41.0843 2528 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:38:41.0859 2528 VgaSave - ok
14:38:41.0859 2528 ViaIde - ok
14:38:41.0875 2528 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:38:41.0890 2528 VolSnap - ok
14:38:41.0921 2528 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
14:38:41.0937 2528 VSS - ok
14:38:41.0968 2528 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
14:38:41.0984 2528 W32Time - ok
14:38:42.0000 2528 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:38:42.0000 2528 Wanarp - ok
14:38:42.0046 2528 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
14:38:42.0046 2528 Wdf01000 - ok
14:38:42.0046 2528 WDICA - ok
14:38:42.0078 2528 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:38:42.0078 2528 wdmaud - ok
14:38:42.0109 2528 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
14:38:42.0109 2528 WebClient - ok
14:38:42.0125 2528 winachsf - ok
14:38:42.0187 2528 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:38:42.0187 2528 winmgmt - ok
14:38:42.0218 2528 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
14:38:42.0218 2528 WinUSB - ok
14:38:42.0250 2528 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:38:42.0250 2528 WmdmPmSN - ok
14:38:42.0312 2528 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
14:38:42.0328 2528 Wmi - ok
14:38:42.0359 2528 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:38:42.0359 2528 WmiApSrv - ok
14:38:42.0484 2528 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
14:38:42.0484 2528 WMPNetworkSvc - ok
14:38:42.0546 2528 WMZuneComm (017695393afffed8de58abd1b085be6d) c:\Program Files\Zune\WMZuneComm.exe
14:38:42.0546 2528 WMZuneComm - ok
14:38:42.0593 2528 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:38:42.0609 2528 WpdUsb - ok
14:38:42.0625 2528 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
14:38:42.0640 2528 wscsvc - ok
14:38:42.0640 2528 WSearch - ok
14:38:42.0671 2528 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:38:42.0687 2528 WSTCODEC - ok
14:38:42.0687 2528 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
14:38:42.0703 2528 wuauserv - ok
14:38:42.0734 2528 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:38:42.0734 2528 WudfPf - ok
14:38:42.0750 2528 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:38:42.0750 2528 WudfRd - ok
14:38:42.0781 2528 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
14:38:42.0781 2528 WudfSvc - ok
14:38:42.0828 2528 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
14:38:42.0843 2528 WZCSVC - ok
14:38:42.0875 2528 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
14:38:42.0875 2528 xmlprov - ok
14:38:42.0906 2528 zumbus (ae279cd76b38fc079eec3ca6d65a5926) C:\WINDOWS\system32\DRIVERS\zumbus.sys
14:38:42.0906 2528 zumbus - ok
14:38:42.0968 2528 ZuneBusEnum (37f339b64f19e2775284ed7161b96683) c:\Program Files\Zune\ZuneBusEnum.exe
14:38:42.0968 2528 ZuneBusEnum - ok
14:38:43.0171 2528 ZuneNetworkSvc (1076df9ade4e13ea3bf39d2165aeb903) c:\Program Files\Zune\ZuneNss.exe
14:38:43.0234 2528 ZuneNetworkSvc - ok
14:38:43.0281 2528 ZuneWlanCfgSvc (de1cdb333a402b279f04d627122fa08e) c:\Program Files\Zune\ZuneWlanCfgSvc.exe
14:38:43.0281 2528 ZuneWlanCfgSvc - ok
14:38:43.0296 2528 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:38:43.0671 2528 \Device\Harddisk0\DR0 - ok
14:38:43.0671 2528 Boot (0x1200) (9a88407c0cc31a97908c033b2ec500f6) \Device\Harddisk0\DR0\Partition0
14:38:43.0671 2528 \Device\Harddisk0\DR0\Partition0 - ok
14:38:43.0671 2528 =====================================================================================================================
14:38:43.0687 2356 Detected object count: 0
14:38:43.0687 2356 Actual detected object count: 0

JohnShooter
2012-07-03, 22:19
OTL logfile created on: 7/3/2012 2:40:14 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\JR\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.10 Mb Total Physical Memory | 349.00 Mb Available Physical Memory | 34.45% Memory free
3.87 Gb Paging File | 3.32 Gb Available in Paging File | 85.69% Paging File free
Paging file location(s): C:\pagefile.sys 3048 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.47 Gb Total Space | 171.29 Gb Free Space | 74.64% Space Free | Partition Type: NTFS

Computer Name: OWNER-33EF7E690 | User Name: JR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/03 14:39:26 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JR\My Documents\Downloads\OTL.exe
PRC - [2012/07/03 14:37:26 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\JR\My Documents\Downloads\tdsskiller.exe
PRC - [2012/06/28 08:51:53 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/06/28 08:51:51 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/06/27 17:11:10 | 001,090,440 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012/06/27 17:01:34 | 000,791,488 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2012/06/16 14:16:35 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/05 12:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2011/08/05 12:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneBusEnum.exe
PRC - [2008/04/14 08:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/26 13:02:00 | 000,032,768 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0330Mon.exe
PRC - [2005/10/27 06:00:22 | 000,299,008 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CamTray.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/03 03:22:15 | 001,780,224 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12070300\algo.dll
MOD - [2012/07/02 06:53:08 | 001,779,712 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12070201\algo.dll
MOD - [2012/06/16 14:16:35 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/03 11:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/14 08:42:04 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/14 08:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 08:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/06/28 08:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/27 17:01:34 | 000,791,488 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/06/27 16:51:51 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/16 14:16:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/08/05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011/08/05 12:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/06/28 08:52:42 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/06/28 08:52:42 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/06/28 08:52:37 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/06/28 08:52:37 | 000,097,352 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/06/28 08:52:37 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/06/28 08:52:36 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/06/28 08:52:36 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/04/17 17:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/02/28 01:04:18 | 000,185,183 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0330Vid.sys -- (V0330VID)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://news.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0132CCF4-32A2-4B5D-AA9D-F96AC462F1D9}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{49479F7E-427C-4614-9C04-340961F36F91}: "URL" = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{9E932428-453E-4DF4-BDD2-E94D9DAC2D1E}: "URL" = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{C05953E6-B8E0-4F63-A886-822A7A24A020}: "URL" = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{C33690C2-DACF-42DC-B860-3099EF651724}: "URL" = http://video.yahoo.com/search/?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKLM\..\SearchScopes\{D55B7D9E-EA40-49FE-BCC6-2134B5D33E43}: "URL" = http://answers.yahoo.com/search/search_result?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{E212343C-219D-43CF-99AD-8B628CE74AED}: "URL" = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\URLSearchHook: CFBFAE00-17A6-11D0-99CB-00C04FD64497} - No CLSID value found
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes,DefaultScope = {04F9B08C-9AF9-46A2-8A7A-2FA058F0689D}
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes\{04F9B08C-9AF9-46A2-8A7A-2FA058F0689D}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes\{09019D96-73B1-4B47-8549-83610858DE76}: "URL" = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes\{0A540368-0F1A-47E3-A15B-B38D704E5214}: "URL" = http://answers.yahoo.com/search/search_result?p={searchTerms}&fr=yie7c
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes\{63DEC5B0-7AFE-472A-BA6F-00A79E9EF9BF}: "URL" = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes\{7E3ABD14-069C-43CF-A3D7-F332C8855463}: "URL" = http://video.yahoo.com/search/?p={searchTerms}&fr=yie7c
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes\{B192ABB4-51BB-4DE6-B1B7-F6779B0296D0}: "URL" = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes\{B1E4540B-E539-4BF5-B6E0-A9E6253A626F}: "URL" = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\S-1-5-21-343818398-1275210071-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: pbupload@photobucket.com:1.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/02 16:45:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 14:16:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2009/09/04 21:27:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JR\Application Data\Mozilla\Extensions
[2012/07/02 16:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JR\Application Data\Mozilla\Firefox\Profiles\1ahcevcn.default\extensions
[2012/05/16 19:56:07 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\JR\Application Data\Mozilla\Firefox\Profiles\1ahcevcn.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/05/19 14:49:07 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\JR\Application Data\Mozilla\Firefox\Profiles\1ahcevcn.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/23 20:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/15 23:44:36 | 000,015,162 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\1AHCEVCN.DEFAULT\EXTENSIONS\{988DA70D-B78D-44A1-A9C7-ED11832A9E2E}.XPI
[2011/12/26 23:15:16 | 000,195,719 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\1AHCEVCN.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
[2011/10/16 03:49:44 | 000,025,950 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\1AHCEVCN.DEFAULT\EXTENSIONS\PBUPLOAD@PHOTOBUCKET.COM.XPI
[2012/07/02 16:45:25 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012/07/02 16:42:56 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012/06/16 14:16:36 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/12 15:21:47 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/12 15:21:47 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=937811_yserp&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: WOT = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.14_0\
CHR - Extension: YouTube = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Dark atmosphere = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gfpikgkkfdoabncoileilaglepbpdhek\1.0_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Google Dictionary (by Google) = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.12_0\
CHR - Extension: DropinSavings = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\JR\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [V0330Mon.exe] C:\WINDOWS\V0330Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-343818398-1275210071-839522115-1003..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd)
O4 - Startup: C:\Documents and Settings\JR\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-1275210071-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab (Creative Software AutoUpdate Support Package 1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82411E56-F798-4380-873D-17893A7C6322}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\JR\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\JR\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/04 14:54:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/03 14:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/07/03 14:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/07/02 16:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Application Data\Search Settings
[2012/07/02 16:42:49 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar
[2012/07/02 16:42:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012/07/02 16:42:49 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/06/26 00:34:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Application Data\KendallHunt
[2012/06/18 22:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JR\Application Data\wtxpcom
[2012/06/18 18:22:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi

========== Files - Modified Within 30 Days ==========

[2012/07/03 14:47:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/03 14:29:30 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\JR\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/07/03 14:29:28 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\JR\Desktop\NTREGOPT.lnk
[2012/07/03 14:29:28 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\JR\Desktop\ERUNT.lnk
[2012/07/03 14:23:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/03 14:23:25 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/03 14:22:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/02 16:45:58 | 010,223,616 | -H-- | M] () -- C:\Documents and Settings\JR\NTUSER.bak
[2012/07/02 16:45:25 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/06/29 02:57:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/28 14:41:44 | 006,767,237 | ---- | M] () -- C:\Documents and Settings\JR\My Documents\Healing Begins by Tenth Avenue North (with lyrics).flv
[2012/06/28 14:40:16 | 056,161,174 | ---- | M] () -- C:\Documents and Settings\JR\My Documents\Fee - Hands of the Healer (HQ, lyrics).mp4
[2012/06/28 12:16:31 | 070,980,581 | ---- | M] () -- C:\Documents and Settings\JR\My Documents\Steve Fee It's all because of Jesus with lyrics.mp4
[2012/06/28 08:52:42 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/06/28 08:52:42 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/06/28 08:52:37 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/06/28 08:52:37 | 000,097,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/06/28 08:52:37 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/06/28 08:52:37 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/06/28 08:52:36 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/06/28 08:52:36 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/06/28 08:52:20 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/06/28 08:51:49 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/06/27 16:51:51 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/27 16:51:51 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/27 01:04:58 | 013,356,852 | ---- | M] () -- C:\Documents and Settings\JR\My Documents\Marvin Gaye & Tammi Terrell - 12 - Oh How I'd Miss You (by EarpJohn).mp4
[2012/06/26 00:21:02 | 000,442,103 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/06/14 23:06:04 | 017,957,567 | ---- | M] () -- C:\Documents and Settings\JR\My Documents\THE BEST GOSPEL DRUM LICK LESSON ON YOUTUBE!!!.mp4
[2012/06/14 19:47:24 | 018,660,046 | ---- | M] () -- C:\Documents and Settings\JR\My Documents\James Moore(Jaymo) Guitar Center Drum Off 2011 round 1.mp4
[2012/06/13 12:19:31 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/13 01:25:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/13 01:25:11 | 000,457,070 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/13 01:25:11 | 000,075,850 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/12 02:00:51 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2012/07/03 14:29:30 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\JR\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/07/03 14:29:28 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\JR\Desktop\NTREGOPT.lnk
[2012/07/03 14:29:28 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\JR\Desktop\ERUNT.lnk
[2012/06/28 14:39:02 | 006,767,237 | ---- | C] () -- C:\Documents and Settings\JR\My Documents\Healing Begins by Tenth Avenue North (with lyrics).flv
[2012/06/28 14:38:20 | 056,161,174 | ---- | C] () -- C:\Documents and Settings\JR\My Documents\Fee - Hands of the Healer (HQ, lyrics).mp4
[2012/06/28 12:15:36 | 070,980,581 | ---- | C] () -- C:\Documents and Settings\JR\My Documents\Steve Fee It's all because of Jesus with lyrics.mp4
[2012/06/27 01:04:50 | 013,356,852 | ---- | C] () -- C:\Documents and Settings\JR\My Documents\Marvin Gaye & Tammi Terrell - 12 - Oh How I'd Miss You (by EarpJohn).mp4
[2012/06/14 23:05:27 | 017,957,567 | ---- | C] () -- C:\Documents and Settings\JR\My Documents\THE BEST GOSPEL DRUM LICK LESSON ON YOUTUBE!!!.mp4
[2012/06/14 19:47:06 | 018,660,046 | ---- | C] () -- C:\Documents and Settings\JR\My Documents\James Moore(Jaymo) Guitar Center Drum Off 2011 round 1.mp4
[2012/02/16 00:03:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/08 20:14:31 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/08/10 02:40:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/05 09:37:06 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\JR\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/04 15:31:57 | 010,223,616 | -H-- | C] () -- C:\Documents and Settings\JR\NTUSER.bak

< End of report >

JohnShooter
2012-07-03, 22:27
O1 HOSTS File: ([2012/06/26 00:21:02 | 000,442,103 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

(I tried posting this before, but the rest is all gibberish written in either Japanese or Chinese. Do you still want me to post it? I've been having trouble doing so because it's excessively long.)

OTL Extras logfile created on: 7/3/2012 2:40:14 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\JR\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.10 Mb Total Physical Memory | 349.00 Mb Available Physical Memory | 34.45% Memory free
3.87 Gb Paging File | 3.32 Gb Available in Paging File | 85.69% Paging File free
Paging file location(s): C:\pagefile.sys 3048 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.47 Gb Total Space | 171.29 Gb Free Space | 74.64% Space Free | Partition Type: NTFS

Computer Name: OWNER-33EF7E690 | User Name: JR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-343818398-1275210071-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{590E3295-A11B-4C9F-9F88-399397EE393D}" = YouTube Downloader Toolbar v6.0
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{471159EB-BECC-453C-B6F2-FE4FAB29B3F3}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"147BD68404A4145D44F17DBDDAEAD96D56021485" = Windows Driver Package - Intel System (09/25/2007 8.3.0.1016)
"19E5E67F3BBBAC2C396F95A754CEBBE0D84F497A" = Windows Driver Package - Intel System (01/10/2005 7.0.0.1011)
"464CE3922A214073AAEE00DEB23EA5C750AF8CE8" = Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011)
"57E08A815D15F38AB98459F1932E719E96D26BC6" = Windows Driver Package - Intel System (07/02/2001 4.00.1001)
"78C67451B87511098A9A0EC86E75B99B12298F5C" = Windows Driver Package - Intel (e1express) Net (02/06/2008 9.12.18.0)
"82EAA40E8AE4D5E152434CE844F1FE17D56A1EE1" = Windows Driver Package - Intel hdc (02/05/2007 8.3.0.1016)
"9AC3F4DC0EBF5E96B39B89EE1838775695511567" = Windows Driver Package - Intel System (01/13/2007 8.3.0.1008)
"9E81A20E4C07623F24EF25EC5E21A9CE9322C43D" = Windows Driver Package - Intel System (12/11/2007 8.4.0.1018)
"A9777AE432D98157D632EFB6788422F1C25D0EC4" = Windows Driver Package - Intel hdc (09/25/2007 8.3.0.1016)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"B180B4BA4C5FC2192A35205312A271D10935A1E6" = Windows Driver Package - Intel System (07/11/2001 3.30.1002)
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0330" = Creative WebCam Vista/Live! Cam Chat Driver (1.02.02.00)
"Creative WebCam Center" = Creative WebCam Center
"Creative WebCam Vista User's Guide English" = Creative WebCam Vista User's Guide (English)
"DC548C3F89CE1AB445090A6F9D054CF2A31194C5" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (04/17/2008 5.10.0.5605)
"ED890752825526FA58235D78560583E7AB099DA1" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (04/17/2008 5.10.0.5605)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"F23386FE8B0DA0C61EA3BF911E7A605DCAE44DF3" = Windows Driver Package - AMD System (02/28/2003 1.0.0.0)
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"SysInfo" = Creative System Information
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"Yahoo! IE Suggest" = Yahoo! Search Suggest Add-on for IE7
"Zune" = Zune

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 12/17/2009 11:18:50 PM | Computer Name = OWNER-33EF7E690 | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 6/16/2012 2:23:13 AM | Computer Name = OWNER-33EF7E690 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Application, SystemIndex
Catalog

Error - 6/27/2012 4:47:26 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerUpdateService.exe, version 11.3.300.262,
faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.

Error - 6/27/2012 4:47:45 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1001
Description = Fault bucket -1264370443.

Error - 6/27/2012 6:47:05 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerUpdateService.exe, version 11.3.300.262,
faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.

Error - 6/27/2012 6:49:52 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1001
Description = Fault bucket -1264370443.

Error - 6/27/2012 7:47:05 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerUpdateService.exe, version 11.3.300.262,
faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.

Error - 6/27/2012 10:47:14 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerUpdateService.exe, version 11.3.300.262,
faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.

Error - 6/27/2012 10:47:25 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1001
Description = Fault bucket -1264370443.

Error - 7/2/2012 4:47:19 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerUpdateService.exe, version 11.3.300.262,
faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.

Error - 7/3/2012 2:23:54 PM | Computer Name = OWNER-33EF7E690 | Source = Application Error | ID = 1004
Description = Faulting application FlashPlayerUpdateService.exe, version 11.3.300.262,
faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.

[ System Events ]
Error - 6/26/2012 5:35:08 PM | Computer Name = OWNER-33EF7E690 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.8 for the Network Card with network
address 001D098E3D81 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 6/29/2012 3:58:44 PM | Computer Name = OWNER-33EF7E690 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 6/29/2012 3:58:47 PM | Computer Name = OWNER-33EF7E690 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 6/29/2012 3:59:33 PM | Computer Name = OWNER-33EF7E690 | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31

Error - 6/29/2012 3:59:33 PM | Computer Name = OWNER-33EF7E690 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 6/29/2012 3:59:33 PM | Computer Name = OWNER-33EF7E690 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 6/29/2012 3:59:33 PM | Computer Name = OWNER-33EF7E690 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 6/29/2012 3:59:33 PM | Computer Name = OWNER-33EF7E690 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 AFD aswRdr aswSnx aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss
Tcpip

Error - 6/29/2012 6:20:40 PM | Computer Name = OWNER-33EF7E690 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 6/29/2012 8:07:17 PM | Computer Name = OWNER-33EF7E690 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 001D098E3D81 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).


< End of report >

maxi
2012-07-04, 19:12
Hi JohnShooter :)

I notice that you have Microsoft Office Enterprise 2007 installed. Could you tell me how this came to be on your machine ?

Step 1
Please download MGA Diagnostic Tool (http://go.microsoft.com/fwlink/?linkid=52012) and save it to your Desktop.

Double click on MGADiag.exe to run it.
Click Continue.
The program will run. It takes a while to finish the diagnosis, please be patient.
Once done, click on Copy.
Open Notepad and paste the contents in the window.
Save this file and copy/paste it in your next reply.

Step 2
Run CKScanner


Please download CKScanner from Here (http://downloads.malwareremoval.com/CKScanner.exe)
Important: - Save it to your desktop.
Double-click CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved. Please Run the program only once.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

In your next reply please include:
The answer to my question.
The CKScanner log.
The MGADiag log.
If you removed the programs I asked you to remove before or after running OTL.

Regards maxi :)

JohnShooter
2012-07-06, 01:41
I installed Microsoft Office way back when I first got my computer--that must've been sometime back in '08 or '09 if I remember correctly. Is there any problem arising from its presence?

Apologies. I accidentally missed that part. Yes, I have now successfully uninstalled those specific programs.

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-T6DFB-Y934T-YD4YT
Windows Product Key Hash: 3g4CZGFEDgbKmn/oB4pa2FZsssU=
Windows Product ID: 76487-OEM-2211906-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {25D01E6B-13C2-412E-9C2B-E5FEBE4E5221}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.40.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 103 Blocked VLK
Microsoft Office Enterprise 2007 - 103 Blocked VLK
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{25D01E6B-13C2-412E-9C2B-E5FEBE4E5221}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-YD4YT</PKey><PID>76487-OEM-2211906-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-343818398-1275210071-839522115</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 530</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>1.0.10</Version><SMBIOSVersion major="2" minor="5"/><Date>20071215000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>0EF03FF70184C06B</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/></GANotification></MachineData><Software><Office><Result>103</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>103</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>ACD7202654E586</Val><Hash>fFic3JgCreGGRxyF8uMWB4R4Jcg=</Hash><Pid>89388-707-1528066-65485</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="103"/><App Id="16" Version="12" Result="103"/><App Id="18" Version="12" Result="103"/><App Id="19" Version="12" Result="103"/><App Id="1A" Version="12" Result="103"/><App Id="1B" Version="12" Result="103"/><App Id="44" Version="12" Result="103"/><App Id="A1" Version="12" Result="103"/><App Id="BA" Version="12" Result="103"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1D88B:Dell Inc|1D88B:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.IUNAXP
----- EOF -----

maxi
2012-07-06, 19:58
Hi Johnshooter,

The Microsoft Office Enterprise 2007 on your computer is a non-genuine copy. It was installed with a now blocked Volume Licensing Key (VLK) that was valid and only available to corporations, education entities and government agencies. VLKs are blocked by Microsoft at the request and consent of the original keyholder for such reasons as the key was lost, stolen, compromised, misused, or expired. Also, Microsoft may have blocked the key if it notices a pattern of misuse, that is more installations of XP using that key than authorized.
A VL Product Key is non-transferable to individuals.

Please read Illegal copies of software (http://forums.spybot.info/showpost.php? ... ostcount=4)
If you still want help, please remove the illegal items from your computer, and if you still need the softwares, get legal ones from legitimate sources.
If you advised that the illegal softwares have been removed and I find it otherwise (the tools we use can and will detect them), then I will have no choice but to have this topic closed.
If there are more such new findings after this, the topic will also be closed.

You may return to the seller to demand for a replacement with a genuine copy or get a full refund. Have a read here (http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=en#ID0EKNAC) to see if you qualify for Genuince Office Offer. As an alternative, you can also try OpenOffice (http://www.openoffice.org/).

If you still want help, remove Microsoft Office Enterprise 2007 and post a fresh MGADiag log.

Regards maxi

Jack&Jill
2012-07-10, 02:35
Due to lack of response, this topic is now closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. How to post a DDS log. (http://forums.spybot.info/showpost.php?p=1150&postcount=2)

If it has been less than three days since your last response and you need the thread re-opened, please send a private message (pm) to me or a MOD. A valid, working link to the closed topic is required. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

Everyone else please begin a New Topic.