Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Slowness and new process


Recommended Posts

Malwarebytes didn't find anything.

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.06.05

Windows XP Service Pack 3 x86 FAT32

Internet Explorer 7.0.5730.11

Ken :: ACER-684C9A655D [administrator]

6/6/2012 4:15:16 PM

mbam-log-2012-06-06 (16-15-16).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 223337

Time elapsed: 4 minute(s), 2 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Here is the DDS log:

.

DDS (Ver_2011-08-26.01) - FAT32x86

Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_31

Run by Ken at 17:16:40 on 2012-06-06

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1447 [GMT -7:00]

.

AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Acer\Empowering Technology\admServ.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe

C:\WINDOWS\system32\ctfmon.exe

D:\Avira\AntiVir Desktop\sched.exe

D:\Avira\AntiVir Desktop\avguard.exe

D:\Avira\AntiVir Desktop\avshadow.exe

D:\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe

C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe

C:\WINDOWS\system32\wscntfy.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mStart Page = hxxp://www.yahoo.com/?.home=ytie

uInternet Connection Wizard,ShellNext = iexplore

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [sUPERAntiSpyware] f:\superantispyware\SUPERAntiSpyware.exe

mRun: [X-keys Programming] c:\program files\piengineering\x-keys\XKWdkApp.exe

mRun: [LXCRCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCRtime.dll,RunDLLEntry

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [avgnt] "d:\avira\antivir desktop\avgnt.exe" /min

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

Trusted Zone: eset.com\go

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {00134F72-5284-44F7-95A8-52A619F70751} - hxxps://tmos.dpns.ais.ucla.edu/officescan/console/html/ClientInstall/WinNTChk.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{B71C78A1-D096-4D44-B5D2-754D11E381EE} : DhcpNameServer = 192.168.1.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Notify: !SASWinLogon - f:\superantispyware\SASWINLO.DLL

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - f:\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\ken\application data\mozilla\firefox\profiles\9n27llty.default\

FF - prefs.js: browser.startup.homepage - yahoo.com

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

.

============= SERVICES / DRIVERS ===============

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-6-6 36000]

R2 AntiVirSchedulerService;Avira Scheduler;d:\avira\antivir desktop\sched.exe [2012-6-6 86224]

R2 AntiVirService;Avira Realtime Protection;d:\avira\antivir desktop\avguard.exe [2012-6-6 110032]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-6-6 83392]

R2 AWService;AdminWorks Agent X6;c:\acer\empowering technology\admServ.exe [2005-10-24 1314816]

S1 SASDIFSV;SASDIFSV;\??\f:\superantispyware\sasdifsv.sys --> f:\superantispyware\SASDIFSV.SYS [?]

S1 SASKUTIL;SASKUTIL;\??\f:\superantispyware\saskutil.sys --> f:\superantispyware\SASKUTIL.SYS [?]

S2 !SASCORE;SAS Core Service;"f:\superantispyware\sascore.exe" --> f:\superantispyware\SASCORE.EXE [?]

S3 GGSAFERDriver;GGSAFER Driver;\??\d:\garena\safedrv.sys --> d:\garena\safedrv.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 POWERKEY;POWERKEY;c:\program files\launch manager\POWERKEY.SYS [2006-7-29 2343]

.

=============== Created Last 30 ================

.

2012-06-06 23:41:09 -------- d-----w- c:\program files\ESET

2012-06-06 23:28:01 -------- d-----w- c:\documents and settings\ken\application data\Avira

2012-06-06 23:22:26 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-06-06 23:22:26 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-06-06 22:57:55 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-06 22:57:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-05-10 21:55:04 -------- d-----w- c:\program files\Speccy

2012-05-10 04:39:59 -------- d-----w- c:\documents and settings\ken\application data\SUPERAntiSpyware.com

2012-05-10 04:38:37 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2012-05-10 04:36:51 -------- d-----w- c:\documents and settings\all users\application data\SUPERSetup

.

==================== Find3M ====================

.

2012-05-31 13:22:10 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-04-29 17:54:18 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-04-13 23:01:20 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-04-13 23:01:18 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-04-11 13:12:06 1862272 ----a-w- c:\windows\system32\win32k.sys

2012-04-11 13:10:58 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-11 12:35:52 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe

.

============= FINISH: 17:17:58.39 ===============

Here is the attach log from the dds application:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 7/29/2006 6:07:42 PM

System Uptime: 6/6/2012 3:52:52 PM (2 hours ago)

.

Motherboard: Acer | | Garda-910

Processor: Intel® Celeron® M processor 1.50GHz | U1 | 1496/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (FAT32) - 17 GiB total, 3.145 GiB free.

D: is FIXED (FAT32) - 17 GiB total, 12.529 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Acer Arcade

Acer eDataSecurity Management

Acer eDataSecurity Management 1.00.21

Acer eLock Management

Acer Empowering Technology framework

Acer GridVista

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.6

Apple Software Update

Avira Free Antivirus

Berlitz Before You Know It Flash Cards

CCleaner

Critical Update for Windows Media Player 11 (KB959772)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

ESET Online Scanner v3

GS Typing Tutor 2.51

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Intel® Graphics Media Accelerator Driver for Mobile

Java Auto Updater

Java DB 10.5.3.0

Java 6 Update 31

Java SE Development Kit 6 Update 20

Launch Manager V1.0.9.3

Lexmark 2400 Series

Lexmark Fax Solutions

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 14

Microsoft User-Mode Driver Framework Feature Pack 1.7

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WinUsb 1.0

Mozilla Firefox 11.0 (x86 en-US)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NTI Backup NOW! 4

NTI CD & DVD-Maker

OneTouch USB Driver

PL-2303 USB-to-Serial

Realtek AC'97 Audio

Revo Uninstaller 1.94

SBC Yahoo! Applications

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB2586448)

Security Update for Windows Internet Explorer 7 (KB2618444)

Security Update for Windows Internet Explorer 7 (KB2647516)

Security Update for Windows Internet Explorer 7 (KB2675157)

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB917734)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Soft Data Fax Modem with SmartCP

SoftV90 Data Fax Modem with SmartCP

SpanishNow! - Advanced Beginner

SpanishNow! - Beginner

SpanishNow! ToolKit CD - Alphabet Reference

SpanishNow! ToolKit CD - Grammar Basics

Speccy

SpongeBob SquarePants Typing

STK017_V2.01

SUPERAntiSpyware

swMSM

Symantec KB-DocID:2003093015493306

Synaptics Pointing Device Driver

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinRAR archiver

X-keys

Yahoo! Detect

.

==== Event Viewer Messages From Past Week ========

.

6/6/2012 1:21:21 PM, error: Service Control Manager [7034] - The Office Software Protection Platform service terminated unexpectedly. It has done this 1 time(s).

5/31/2012 9:29:21 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL

5/31/2012 9:29:14 AM, error: Service Control Manager [7000] - The SAS Core Service service failed to start due to the following error: The system cannot find the path specified.

5/31/2012 12:27:02 PM, error: Print [19] - Sharing printer failed + 1722, Printer LexmarkFax share name LexmarkFax.

5/31/2012 11:18:01 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.

5/31/2012 10:26:45 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

5/30/2012 5:23:38 PM, error: Service Control Manager [7034] - The AdminWorks Agent X6 service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

The computer seems to be slower than usual.

Link to post
Share on other sites

Hello and welcome to MalwareBytes forum.

You do need to provide more info/description on what your main issue is. A slow system is not necessarily an indication of malware infection.

Do the following and post logs for review. Be advised and have plenty of patience, since most helpers, myself included, are volunteers and we have other prior commitments already {here and elsewhere}.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com
and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.
Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button
Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.
The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.
Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.
Step 6
Download aswMBR.exe ( 511KB ) to your desktop.
On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.
On Windows XP, double click the exe to start.
change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply
Step 7
Please read carefully and follow these steps.
  • Delete the prior copies of TDSSKILLER.zip & TDSSKILLER.exe that you may have.
  • Download TDSSKiller and save it to your Desktop.
  • If on Windows 7 or Vista, RIGHT-Click on TDSSKiller.exe and select Run As Administrator to run the application.
    If on Windows XP, double-click to start.
  • Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
  • Then press Start Scan

When the scan is done, it will display a summary screen.

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 8

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & aswMBR log & TDSSKILLER log.

Use separate replies as needed if logs do not fit into one reply box.

Link to post
Share on other sites

Thank you for helping me out. I let a friend borrow a week ago this machine since his needed to be reinstalled. I told him not to do anything dangerous on it, but just in case I want the computer checked out.

Before posting here, I tried to run a F-Secure online scan, but it kept failing to download the files necessary to scan.

Here is the log.txt

Logfile of random's system information tool 1.09 (written by random/random)

Run by Ken at 2012-06-08 11:27:53

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 3 GB (16%) free of 17 GB

Total RAM: 2038 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:27:57 AM, on 6/8/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17109)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

D:\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

D:\Superantispyware\SASCORE.EXE

D:\Avira\AntiVir Desktop\avguard.exe

C:\Acer\Empowering Technology\admServ.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe

D:\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

D:\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Documents and Settings\Ken\My Documents\Downloads\RSIT.exe

C:\Program Files\trend micro\Ken.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)

O4 - HKLM\..\Run: [X-keys Programming] C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe

O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,RunDLLEntry

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [avgnt] "D:\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://go.eset.com

O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} - https://tmos.dpns.ais.ucla.edu/officescan/console/html/ClientInstall/WinNTChk.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify: !SASWinLogon - D:\Superantispyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Superantispyware\SASCORE.EXE

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Avira\AntiVir Desktop\avguard.exe

O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

--

End of file - 5078 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\9n27llty.default

prefs.js - "browser.startup.homepage" - "yahoo.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 10.1 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

browsercomps.dll

binary.manifest

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

bing.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-13 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-13 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-13 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"X-keys Programming"=C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe [2001-11-20 422400]

"LXCRCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,RunDLLEntry []

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

"avgnt"=D:\Avira\AntiVir Desktop\avgnt.exe [2012-06-06 348624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADMTray.exe]

C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtrlVol]

C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-07-26 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]

C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-02 397312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-06 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]

C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

C:\WINDOWS\system32\hkcmd.exe [2005-08-24 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

C:\WINDOWS\system32\igfxpers.exe [2005-08-24 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

C:\WINDOWS\system32\igfxtray.exe [2005-08-24 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]

C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchAp]

C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

C:\Program Files\Launch Manager\HotkeyApp.exe [2005-11-08 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]

C:\Program Files\Launch Manager\OSDCtrl.exe [2005-07-25 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]

C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-01-22 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]

C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

C:\Program Files\Acer\Acer Arcade\PCMService.exe [2005-08-31 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]

C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]

C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerKey]

C:\Program Files\Launch Manager\PowerKey.exe [2002-08-30 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\preload]

C:\Windows\RUNXMLPL.exe [2005-05-19 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

C:\WINDOWS\SOUNDMAN.EXE [2005-04-15 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-02-04 708698]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-04 102490]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton]

C:\Program Files\Launch Manager\Wbutton.exe [2005-11-08 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YOP]

C:\PROGRA~1\YAHOO!\YOP\yop.exe [2005-04-22 397312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]

C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE -systray -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PHM Reminders.lnk]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^STK017 PNP Monitor.lnk]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"LiveUpdate Notice Service"=2

"LiveUpdate"=3

"gusvc"=2

"NACAgent"=2

"WebrootSpySweeperService"=2

"Symantec Core LC"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]

D:\Superantispyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2005-08-24 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=D:\Superantispyware\SASSEH.DLL [2011-07-18 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRkrn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRSVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=323

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Acer\Acer Arcade\PCMService.exe"="C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"F:\Garena\Garena.exe"="F:\Garena\Garena.exe:*:Enabled:Garena"

"D:\Garena\Garena.exe"="D:\Garena\Garena.exe:*:Enabled:Garena"

"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"msacm.mkdmp3enc"=

======List of files/folders created in the last 1 month======

2012-06-08 11:27:53 ----D---- C:\rsit

2012-06-08 11:27:53 ----D---- C:\Program Files\trend micro

2012-06-08 11:24:53 ----D---- C:\Program Files\ERUNT

2012-06-08 09:32:59 ----A---- C:\TDSSKiller.2.7.36.0_08.06.2012_09.32.59_log.txt

2012-06-07 14:58:25 ----D---- C:\Documents and Settings\All Users\Application Data\Sophos

2012-06-07 13:07:52 ----A---- C:\TDSSKiller.2.7.36.0_07.06.2012_13.07.52_log.txt

2012-06-07 12:18:06 ----D---- C:\Documents and Settings\Ken\Application Data\SUPERAntiSpyware.com

2012-06-07 12:16:23 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2012-06-06 16:41:09 ----D---- C:\Program Files\ESET

2012-06-06 16:28:01 ----D---- C:\Documents and Settings\Ken\Application Data\Avira

2012-06-06 16:22:27 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys

2012-06-06 16:22:26 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys

2012-06-06 16:22:26 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys

2012-06-06 16:22:26 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys

2012-06-06 15:57:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2012-06-06 15:57:55 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2012-06-06 13:28:18 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT

2012-06-06 13:07:48 ----D---- C:\Documents and Settings\Ken\Application Data\Mozilla

2012-06-06 13:07:42 ----D---- C:\Program Files\Mozilla Firefox

2012-06-06 12:42:15 ----A---- C:\PureRa.txt

2012-06-05 11:09:03 ----HD---- C:\WINDOWS\$NtUninstallKB2718704$

2012-05-15 17:07:16 ----ASH---- C:\hiberfil.sys

2012-05-10 14:55:04 ----D---- C:\Program Files\Speccy

======List of files/folders modified in the last 1 month======

2012-06-08 09:16:52 ----A---- C:\WINDOWS\ModemLog_AC97 Soft Data Fax Modem with SmartCP.txt

2012-06-08 09:16:34 ----A---- C:\XkeysLog.txt

2012-06-07 19:57:20 ----N---- C:\WINDOWS\SchedLgU.Txt

2012-05-31 06:22:10 ----A---- C:\WINDOWS\system32\crypt32.dll

2012-05-11 07:14:26 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]

R0 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]

R0 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]

R0 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]

R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]

R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-04-29 477240]

R0 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]

R0 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-06-06 137928]

R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]

R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []

R1 SASDIFSV;SASDIFSV; \??\D:\Superantispyware\SASDIFSV.SYS []

R1 SASKUTIL;SASKUTIL; \??\D:\Superantispyware\SASKUTIL.SYS []

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]

R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-06-06 83392]

R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []

R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]

R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []

R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []

R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]

R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-04-03 1333152]

R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-08 997376]

R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-11-08 242048]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-08-24 1052732]

R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-11-24 6144]

R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-02-04 193216]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-08 723712]

S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []

S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]

S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-22 369024]

S3 catchme;catchme; \??\C:\DOCUME~1\Ken\LOCALS~1\Temp\catchme.sys []

S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]

S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]

S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Garena\safedrv.sys []

S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]

S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

S3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]

S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]

S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]

S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]

S3 POWERKEY;POWERKEY; \??\C:\Program Files\Launch Manager\POWERKEY.sys []

S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]

S3 Ser2pl;Prolific2 Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-07-25 48640]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]

S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-03-29 125328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; D:\Superantispyware\SASCORE.EXE [2011-08-11 116608]

R2 AntiVirSchedulerService;Avira Scheduler; D:\Avira\AntiVir Desktop\sched.exe [2012-06-06 86224]

R2 AntiVirService;Avira Realtime Protection; D:\Avira\AntiVir Desktop\avguard.exe [2012-06-06 110032]

R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-04-13 153376]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]

S3 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-02 495616]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2005-08-31 249954]

S4 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2005-08-31 114784]

S4 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2005-08-31 61440]

S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360]

-----------------EOF-----------------

Here is the info.txt:

info.txt logfile of random's system information tool 1.09 2012-06-08 11:28:00

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer English Online Help Creator\Uninst.isu"

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13E613EF-BB55-11D9-9D77-000129760D75}\setup.exe" -uninstall

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Acer Arcade-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall

Acer eDataSecurity Management 1.00.21-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E431C518-2EE2-471E-9234-BE995C36D513}\setup.exe" -l0x9 -removeonly

Acer eLock Management-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}

Acer Empowering Technology framework-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15B70821-7893-4607-805A-BB80F3EA8279}

Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin

Adobe Reader X (10.1.3)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}

Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"

Apple Software Update-->MsiExec.exe /I{55FA89BD-21D3-42F7-9249-C94C0094A83C}

Avira Free Antivirus-->D:\Avira\AntiVir Desktop\setup.exe /REMOVE

Berlitz Before You Know It Flash Cards-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{08D7E908-0BA7-49F8-8649-2FA60CB146AF}\setup.exe" -l0x9

Berlitz Before You Know It Flash Cards-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD007880-F125-4F4A-84C2-BAA429963A78}\setup.exe" -l0x9

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{33D32206-AC43-4808-B6A2-5B5EEFFE1EF6}" "1033" "0"

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

GS Typing Tutor 2.51-->"C:\Program Files\GrassSoft\Typing\unins000.exe"

Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

Intel® Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592

Java DB 10.5.3.0-->MsiExec.exe /X{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}

Java 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}

Java SE Development Kit 6 Update 20-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160200}

Launch Manager V1.0.9.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\Setup.exe" -l0x9

Lexmark 2400 Series-->C:\Program Files\Lexmark 2400 Series\Install\x86\Uninst.exe

Lexmark Fax Solutions-->C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe /R:faxunst

Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0409-0000-0000000FF1CE}" "{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0117-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2010-->MsiExec.exe /X{90140000-00BA-0409-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (English) 2010-->MsiExec.exe /X{90140000-0044-0409-0000-0000000FF1CE}

Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}

Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}

Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

Mozilla Firefox 11.0 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

NTI Backup NOW! 4-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1033 BUN4

NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1033 CDM7

OneTouch USB Driver-->MsiExec.exe /X{E08EC542-BC5F-4F26-BBB9-E426BA007A31}

PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed

Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE

Revo Uninstaller 1.94-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe

SBC Yahoo! Applications-->C:\PROGRA~1\YAHOO!\COMMON\uninstall.exe

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B76D8C6D-1F13-42A7-9931-D7504CB89D6D}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{CCC48FE2-175F-4CDE-82DF-F7BC4672C1A3}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DAB57906-C0A9-486D-BBAB-7F71BD701C96}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{01F2485C-FAEE-47E7-986E-B4F2FFC22D57}" "1033" "0"

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{61461470-8168-4F4B-97B7-617AF354F028}" "1033" "0"

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}" "1033" "0"

Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B75541D4-3970-4CC7-934B-D48F8C26DCA5}" "1033" "0"

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7updates\KB2183461-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2559049)-->"C:\WINDOWS\ie7updates\KB2559049-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2586448)-->"C:\WINDOWS\ie7updates\KB2586448-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2618444)-->"C:\WINDOWS\ie7updates\KB2618444-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2647516)-->"C:\WINDOWS\ie7updates\KB2647516-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2675157)-->"C:\WINDOWS\ie7updates\KB2675157-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2491683)-->"C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"

Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D_CplEFL5k\HXFSETUP.EXE -U -ICplEFL5K.inf

SoftV90 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_006A1025\HXFSETUP.EXE -U -IVEN_8086&DEV_266D&SUBSYS_006A1025

SpanishNow! - Advanced Beginner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D99BF69F-E9AD-45CB-AF9B-50ABBA373064}\Setup.exe" -l0x9

SpanishNow! - Beginner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79CE4C2C-B8BA-47D9-B0FA-AB6E98D8037A}\Setup.exe" -l0x9

SpanishNow! ToolKit CD - Alphabet Reference-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19C025EA-9E7B-4908-96E3-AF1ED769CB6C}\Setup.exe" -l0x9

SpanishNow! ToolKit CD - Grammar Basics-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97E22F88-9F5E-4133-A223-6E0CC018B09B}\Setup.exe" -l0x9

Speccy-->"C:\Program Files\Speccy\uninst.exe"

SpongeBob SquarePants Typing-->C:\WINDOWS\TLCUninstall.exe -f "d:\The Learning Company\SpongeBob SquarePants Typing\Uninstall.xml"

STK017_V2.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAB938C1-1193-465A-8E19-680654405477}\Setup.exe" -l0x9

SUPERAntiSpyware-->"D:\Superantispyware\Uninstall.exe"

swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

Symantec KB-DocID:2003093015493306-->MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1033" "0"

Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}" "1033" "0"

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1033" "0"

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{18B3CF2A-73F7-4716-B1AE-86D68726D408}" "1033" "0"

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{17E7B9AB-2DD2-457D-8D8E-CD14ACA973FE}" "1033" "0"

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{15058154-469F-4794-ACD5-94F8420F9B80}" "1033" "0"

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{995A7832-B512-46D5-87C9-2D71FB541435}" "1033" "0"

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C8694FF0-8203-483B-A07A-2BC40433167D}" "1033" "0"

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{73E67A3A-8D61-44EF-90C2-1697C3DBE668}" "1033" "0"

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{28FAC187-7C0E-413A-B90A-76F19D0FBF30}" "1033" "0"

Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1033" "0"

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}" "1033" "0"

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{4D98EEEA-A31B-42FA-991A-F989594F4DA5}" "1033" "0"

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{9865DC3A-2898-48D9-B96A-46397571C934}" "1033" "0"

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3613AECC-1454-4DDD-AC36-C42DC16D6DEE}" "1033" "0"

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{38990592-F6A1-4A26-96C7-0600E36AE794}" "1033" "0"

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{5EBDE1DE-3B28-4134-AB00-85CFF2B4F94D}" "1033" "0"

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1033" "0"

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}" "1033" "0"

Update for Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"

Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"

Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"

Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"

Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"

Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"

Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"

Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"

Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

X-keys-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B08EFBF9-7E97-44B0-A077-8B6C10C6D98A}\Setup.exe"

======Security center information======

AV: Avira Desktop (disabled)

======System event log======

Computer Name: ACER-684C9A655D

Event Code: 1

Message: The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'MISC.EXE' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

Record Number: 114803

Source Name: sr

Time Written: 20120504150019.000000-420

Event Type: error

User:

Computer Name: ACER-684C9A655D

Event Code: 19

Message: Sharing printer failed + 1722, Printer LexmarkFax share name LexmarkFax.

Record Number: 114783

Source Name: Print

Time Written: 20120504145409.000000-420

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: ACER-684C9A655D

Event Code: 7034

Message: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

Record Number: 114776

Source Name: Service Control Manager

Time Written: 20120503155900.000000-420

Event Type: error

User:

Computer Name: ACER-684C9A655D

Event Code: 7034

Message: The Windows Installer service terminated unexpectedly. It has done this 1 time(s).

Record Number: 114774

Source Name: Service Control Manager

Time Written: 20120503154608.000000-420

Event Type: error

User:

Computer Name: ACER-684C9A655D

Event Code: 20

Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Service Pack 1 for Microsoft Office 2010 (KB2510690) 32-bit Edition.

Record Number: 114773

Source Name: Windows Update Agent

Time Written: 20120503154451.000000-420

Event Type: error

User:

=====Application event log=====

Computer Name: ACER-684C9A655D

Event Code: 1517

Message: Windows saved user ACER-684C9A655D\Ken registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 50

Source Name: Userenv

Time Written: 20120426171410.000000-420

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: ACER-684C9A655D

Event Code: 1524

Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Record Number: 49

Source Name: Userenv

Time Written: 20120426171403.000000-420

Event Type: warning

User: ACER-684C9A655D\Ken

Computer Name: ACER-684C9A655D

Event Code: 1517

Message: Windows saved user ACER-684C9A655D\Ken registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 37

Source Name: Userenv

Time Written: 20120423174943.000000-420

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: ACER-684C9A655D

Event Code: 1524

Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Record Number: 27

Source Name: Userenv

Time Written: 20120422142357.000000-420

Event Type: warning

User: ACER-684C9A655D\Ken

Computer Name: ACER-684C9A655D

Event Code: 1000

Message: Faulting application setup.exe, version 12.0.0.374, faulting module unknown, version 0.0.0.0, fault address 0x01545448.

Record Number: 17

Source Name: Application Error

Time Written: 20120420164510.000000-420

Event Type: error

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"NUMBER_OF_PROCESSORS"=1

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;H:\Work Environment\bin;

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel

"PROCESSOR_LEVEL"=6

"PROCESSOR_REVISION"=0d08

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"windir"=%SystemRoot%

-----------------EOF-----------------

Link to post
Share on other sites

Here is the Security Check log:

Results of screen317's Security Check version 0.99.41

Windows XP Service Pack 3 x86

Internet Explorer 7 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Avira Free Antivirus

ESET Online Scanner v3

`````````Anti-malware/Other Utilities Check:`````````

SUPERAntiSpyware

Malwarebytes Anti-Malware version 1.61.0.1400

CCleaner

Java DB 10.5.3.0

Java 6 Update 31

Java SE Development Kit 6 Update 20

Java version out of date!

Adobe Flash Player 10 Flash Player out of date!

Adobe Flash Player 11.1.102.55

Adobe Reader X (10.1.3)

Mozilla Firefox 11.0 Firefox out of Date!

````````Process Check: objlist.exe by Laurent````````

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 12% Defragment your hard drive soon!

````````````````````End of Log``````````````````````

The bitdefender log:

QuickScan 32-bit v0.9.9.114

---------------------------

Scan date: Fri Jun 08 11:37:52 2012

Machine ID: 156813FD

No infection found.

-------------------

Processes

---------

Acer Empowering framework 1896 C:\Acer\Empowering Technology\admServ.exe

Avira Free Antivirus 984 D:\Avira\AntiVir Desktop\AVGNT.EXE

Avira Free Antivirus 1872 D:\Avira\AntiVir Desktop\avguard.exe

Avira Free Antivirus 2092 D:\Avira\AntiVir Desktop\avshadow.exe

Avira Free Antivirus 1540 D:\Avira\AntiVir Desktop\sched.exe

Core Service 1860 D:\Superantispyware\SASCore.exe

Executable for X-keys Driver 1116 C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe

Java Platform SE 6 U31 164 C:\Program Files\Java\jre6\bin\jqs.exe

Microsoft® Windows® Operating System 3612 C:\WINDOWS\System32\WSCNTFY.EXE

Windows® Internet Explorer 2564 C:\Program Files\Internet Explorer\IEXPLORE.EXE

(verified) Microsoft® Windows® Operating System 1548 C:\WINDOWS\EXPLORER.EXE

(verified) Microsoft® Windows® Operating System 2480 C:\WINDOWS\System32\ALG.EXE

(verified) Microsoft® Windows® Operating System 644 C:\WINDOWS\System32\csrss.exe

(verified) Microsoft® Windows® Operating System 1208 C:\WINDOWS\System32\CTFMON.EXE

(verified) Microsoft® Windows® Operating System 728 C:\WINDOWS\System32\LSASS.EXE

(verified) Microsoft® Windows® Operating System 716 C:\WINDOWS\System32\SERVICES.EXE

(verified) Microsoft® Windows® Operating System 596 C:\WINDOWS\System32\smss.exe

(verified) Microsoft® Windows® Operating System 1440 C:\WINDOWS\System32\spoolsv.exe

(verified) Microsoft® Windows® Operating System 236 C:\WINDOWS\System32\SVCHOST.EXE

(verified) Microsoft® Windows® Operating System 880 C:\WINDOWS\System32\SVCHOST.EXE

(verified) Microsoft® Windows® Operating System 940 C:\WINDOWS\System32\SVCHOST.EXE

(verified) Microsoft® Windows® Operating System 1020 C:\WINDOWS\System32\SVCHOST.EXE

(verified) Microsoft® Windows® Operating System 1092 C:\WINDOWS\System32\SVCHOST.EXE

(verified) Microsoft® Windows® Operating System 1168 C:\WINDOWS\System32\SVCHOST.EXE

(verified) Microsoft® Windows® Operating System 1728 C:\WINDOWS\System32\SVCHOST.EXE

(verified) Microsoft® Windows® Operating System 672 C:\WINDOWS\System32\WINLOGON.EXE

Network activity

----------------

Process IEXPLORE.EXE (2564) connected on port 80 (HTTP) --> 96.6.95.139

Process IEXPLORE.EXE (2564) connected on port 80 (HTTP) --> 66.235.142.14

Process IEXPLORE.EXE (2564) connected on port 80 (HTTP) --> 74.125.227.1

Process IEXPLORE.EXE (2564) connected on port 80 (HTTP) --> 209.170.117.75

Process SVCHOST.EXE (940) listens on ports: 135 (RPC)

Process admServ.exe (1896) listens on ports: 2804

Autoruns and critical files

---------------------------

Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe

Avira Free Antivirus D:\Avira\AntiVir Desktop\AVGNT.EXE

Executable for X-keys Driver C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe

Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll

LXCRtime.dll C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll

Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll

SuperAntiSpyware D:\Superantispyware\SASSEH.DLL

SUPERAntiSpyware WinLogon Processor D:\Superantispyware\SASWINLO.DLL

Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\CTFMON.EXE

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll

(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll

Browser plugins

---------------

AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll

Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll

eTrust PestPatrol version 5.0 COM contr C:\WINDOWS\Downloaded Program Files\ppctl.dll

Java Platform SE 6 U31 c:\program files\java\jre6\bin\jp2ssv.dll

Java Platform SE 6 U31 C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

Java Platform SE 6 U31 C:\Program Files\Java\jre6\bin\ssv.dll

Java Platform SE 6 U31 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL

Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL

Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

Online Scanner C:\WINDOWS\Downloaded Program Files\caScanner.ocx

Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll

(verified) Messenger C:\Program Files\Messenger\msmsgs.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll

Missing files

-------------

File not found: C:\DOCUME~1\Ken\MYDOCU~1\DOWNLO~1\dds.scr

--> HKCU\Control Panel\Desktop\"SCRNSAVE.EXE"

Scan

----

MD5: e1ec228d87915050bdf59f6331ad7247 C:\Acer\Empowering Technology\admServ.exe

MD5: c53e7e28bbf491d3d0346539bfdedf64 C:\Acer\Empowering Technology\OsaFsLoc.dll

MD5: 0bad334e0eb3d3a9bc62a63ef73279e2 C:\Acer\Empowering Technology\osaiodll.dll

MD5: 436d22f6f315038420b6026df75aa66c C:\Acer\Empowering Technology\s_it87.dll

MD5: 19e534bf330831e2057bd9f64368172c C:\Acer\Empowering Technology\s_lm85m.dll

MD5: 7bcb7a1a982fbe839083d06cac9e0cd3 C:\Acer\Empowering Technology\SMBIOSAPI.dll

MD5: 5b417ed5b49d5a65355a81a2a5fbc1e0 C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

MD5: 1a1e79f6e127c91182830a76b704032f C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

MD5: 7ec56424e3e77ebf4bf5e0798175e4e5 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

MD5: 054f770777dd40f1dbc601eec92088d3 C:\Program Files\Apple Software Update\SoftwareUpdate.exe

MD5: 76f6365f5417c5e0fd1edc16542e588c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

MD5: 60e5af8b7b4140c711b050fae5a3ab70 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

MD5: 1582cdeeb5866625e48202cc35662390 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

MD5: e9901a7e569c4156fda69f5c9356b8ed C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

MD5: 50ba6a230d743a4d33bffa2fa1113055 C:\Program Files\Internet Explorer\IEXPLORE.EXE

MD5: 7d894ed61ef0505277d8a476d7df43f1 C:\Program Files\Internet Explorer\plugins\nppdf32.dll

MD5: a9770771b622a871643ea2a4a3983e95 c:\program files\java\jre6\bin\jp2ssv.dll

MD5: 0a5709543986843d37a92290b7838340 C:\Program Files\Java\jre6\bin\jqs.exe

MD5: 34e3709244736b8976820f730e5a8815 C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

MD5: 8e6c86726b67d3faa3144849b9aac06c C:\Program Files\Java\jre6\bin\ssv.dll

MD5: 59b9f6abac6cbbc356e092c556ff8ea5 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

MD5: 547817bb4455fb4fb293369728b500f4 C:\Program Files\Lexmark Fax Solutions\ipcmt.dll

MD5: 55b8c7b701c4d1b0c479f3ffea83850f C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

MD5: 676ccc08d9e9a3f4ca39cb04e97048df C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

MD5: 26fef9aac9f9f265dee995547d84c055 C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

MD5: fb8c6a46eaf7585d2ca8583c4c9a8edf C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

MD5: 47fc5a4a45e883a36aff884b3e6073b1 C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL

MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

MD5: 711a2e6a55ec7bfd59b5f649d58b704b C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

MD5: d07833832a8cd812d9b2d5323806d746 C:\Program Files\PIEngineering\X-keys\XK2kJrnl.dll

MD5: b3c3a115c7ed0df870466b122184382c C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe

MD5: 30a23a61e651c7487407cf74176c6ab1 C:\Program Files\WinRAR\rarext.dll

MD5: f43c810230beaef1d3baf3d645b3e46c C:\WINDOWS\Downloaded Program Files\ppctl.dll

MD5: 2a8c7ca8b40ca320bf88d0ff92da7cf8 C:\WINDOWS\Downloaded Program Files\qsax.dll

MD5: f475daa3cf6d19da49be7bac0a966db3 C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

MD5: a805e5236fa66c06f6cb55e5dbbfcacb C:\WINDOWS\system32\advpack.dll

MD5: 81c536ea6e88d5f861b319dbfa9ea518 C:\WINDOWS\system32\corpol.dll

MD5: 64416c6e07606720c1ece6dd374bdffd C:\WINDOWS\system32\CRYPT32.dll

MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll

MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys

MD5: d5541f0afb767e85fc412fc609d96a74 C:\WINDOWS\system32\DRIVERS\avgntflt.sys

MD5: 7d967a682d4694df7fa57d63a2db01fe C:\WINDOWS\system32\DRIVERS\avipbb.sys

MD5: 271cfd1a989209b1964e24d969552bf7 C:\WINDOWS\system32\DRIVERS\avkmgr.sys

MD5: 2d0c4a7077f6c68449479f5444c580a7 C:\WINDOWS\system32\drivers\epm-shd.sys

MD5: 3a74c423cf6bcca6982715878f450a3b C:\WINDOWS\system32\DRIVERS\gagp30kx.sys

MD5: e0a00b06ea067c84e124b407dffa1af1 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

MD5: dfa8f86c0dbca7db948043aa3be6793b C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

MD5: 5a5a7721d9c62d77fc0faba9b2cf5be9 C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

MD5: afa7c99d211a2aff21a287bc4264cde6 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

MD5: e246a32c445056996074a397da56e815 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys

MD5: 2adc0ca9945c65284b3d19bc18765974 C:\WINDOWS\system32\DRIVERS\nscirda.sys

MD5: 444f122e68db44c0589227781f3c8b3f C:\WINDOWS\system32\drivers\pfc.sys

MD5: 3529828ec571fb2f64f6b142f9109993 C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys

MD5: 2ec41a96d0dc98bd119bf325e0b9f392 C:\WINDOWS\system32\DRIVERS\ser2pl.sys

MD5: 0022cfff1a41e5ce3a764050a7ddf22a C:\WINDOWS\System32\Drivers\sptd.sys

MD5: b226f8a4d780acdf76145b58bb791d5b C:\WINDOWS\system32\drivers\symlcbrd.sys

MD5: 6ff66513d372d479ef1810223c8d20ce C:\WINDOWS\system32\DRIVERS\WudfPf.sys

MD5: 50060edb7e6470b35796a12567a55125 C:\WINDOWS\system32\Dxtmsft.dll

MD5: cd3a44dfc131cfb2c519230d2e9d479e C:\WINDOWS\system32\Dxtrans.dll

MD5: aadeafacaf32d02be5605daa005b2c19 C:\WINDOWS\system32\eDSshellExt.dll

MD5: 4fab66f7e5bafc974e08377c7e21b451 C:\WINDOWS\system32\hccutils.DLL

MD5: f46e723b8c981514f93a04d4ce47bb3e C:\WINDOWS\system32\ieapfltr.dll

MD5: b2cd62e71ed722156f5480444bc484b2 C:\WINDOWS\system32\ieframe.dll

MD5: a7f5baa7adbf1b483b93dc1cf7027a6f C:\WINDOWS\system32\iepeers.dll

MD5: 50f77f74d3bb7a2ffda881285c801cda C:\WINDOWS\system32\iertutil.dll

MD5: 137ecd9844bf95504eb2aba92c3a8dba C:\WINDOWS\system32\igfxdev.dll

MD5: f1a0174c7b45d64b0963b38d508dc969 C:\WINDOWS\system32\igfxpph.dll

MD5: 8d6a53e735b678db97dd9fec1e6bf321 C:\WINDOWS\system32\igfxres.dll

MD5: 5c852404f24c352fa76657f29cc28470 C:\WINDOWS\system32\igfxress.dll

MD5: cf50fbb9581cb71e3d1ba5d2a8d94cd6 C:\WINDOWS\system32\igfxsrvc.dll

MD5: 9f22e3ce1639917eb07dcc730cd0d410 C:\WINDOWS\system32\IM31IMG.DIL

MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll

MD5: 86c5aac31ea7909121327701045f74bd C:\WINDOWS\system32\IMGMAN32.dll

MD5: 1206e36eb45cd0372fa200b3b0bb7841 C:\WINDOWS\system32\javacypt.dll

MD5: 2f0287a66a6f7ef43e997c924bde5633 C:\WINDOWS\system32\lxcrlmpm.DLL

MD5: ff93f3730eef696a7f87b09dcf0e7c27 C:\WINDOWS\system32\LXPRMON.DLL

MD5: de3745a51b7ac7fedc356a83f76c8023 C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

MD5: 2a2c442f00b45e01d4c882eea69a01bc C:\WINDOWS\system32\MFC100ENU.DLL

MD5: f3de10aabd5c7a1a186c9966f037d0c0 C:\WINDOWS\system32\mfc100u.dll

MD5: 855f6333e3a4dfc6f3c8b0520c261fcd C:\WINDOWS\system32\MSFTEDIT.DLL

MD5: dca84e94d0114502a51aad4cf8a89eaa C:\WINDOWS\system32\mshtml.dll

MD5: e75aa32c6b79c846f5314ca4da92f29e C:\WINDOWS\system32\msjava.dll

MD5: bc83108b18756547013ed443b8cdb31b C:\WINDOWS\system32\MSVCP100.dll

MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\WINDOWS\system32\MSVCR100.dll

MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll

MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll

MD5: 1ea6f5cc83b90b3edb9e1df4f64e8bff C:\WINDOWS\system32\pngfilt.dll

MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll

MD5: cdd1afdf0529ec82f6e6cadf9462d701 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll

MD5: 031277806fe2253f5ef1fa4011044e9f C:\WINDOWS\System32\spool\PRTPROCS\W32X86\lxcrpp5c.dll

MD5: 1c43bcc17e750a2e9c84fc44cd859c13 C:\WINDOWS\system32\urlmon.dll

MD5: 9af7d69ba8e58573721c8b6785db4dc3 C:\WINDOWS\system32\VMHELPER.DLL

MD5: 9dd1849e248e1d035c1aa8263d053d9e C:\WINDOWS\system32\webcheck.dll

MD5: 684559a03cbc1d05ba120a18b0d8ba5d c:\windows\system32\WINHTTP.dll

MD5: 64180153eb892153b14fe5f56f68fa3a C:\WINDOWS\system32\WININET.dll

MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll

MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll

MD5: 95f5c420e9bdd4c3569602911420a774 C:\WINDOWS\system32\WINTRUST.dll

MD5: f92e1076c42fcd6db3d72d8cfe9816d5 C:\WINDOWS\System32\WSCNTFY.EXE

MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll

MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\ATL90.DLL

MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll

MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll

MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll

MD5: 77f70a9889040ccd04243790293f824b D:\Avira\AntiVir Desktop\aecore.dll

MD5: ee0477f95aaf614c5cb14f324ca48c3d D:\Avira\AntiVir Desktop\aeemu.dll

MD5: 1f54e0273c7667203e005eed03e1f8ea D:\Avira\AntiVir Desktop\aeexp.dll

MD5: 0e8cdb9101066345f538f588d2f52799 D:\Avira\AntiVir Desktop\aegen.dll

MD5: 77855e7d81cb7b44d0614d293514ce8d D:\Avira\AntiVir Desktop\aehelp.dll

MD5: 1c7834ff0acda8c730d6652d775303a2 D:\Avira\AntiVir Desktop\aeheur.dll

MD5: cc3ab106bad1510f66ed35faf8e4c7e9 D:\Avira\AntiVir Desktop\aeoffice.dll

MD5: 2043c9278af6e8c3ca228bbc33aa26a9 D:\Avira\AntiVir Desktop\aepack.dll

MD5: cf28139a8aecbf3bec26ca1a16fd69cf D:\Avira\AntiVir Desktop\aerdl.dll

MD5: bcdb9c1161eda72817393178f43a7ae2 D:\Avira\AntiVir Desktop\aesbx.dll

MD5: 011c74cf75ea6e0b5ab816e2d94f8257 D:\Avira\AntiVir Desktop\aescn.dll

MD5: 28751e5479f545513f26c4b42f4783b9 D:\Avira\AntiVir Desktop\aescript.dll

MD5: 979b4957f1b4a7ce2f636afe92794f92 D:\Avira\AntiVir Desktop\aevdf.dll

MD5: 01bddcb32f78945604b3a67fed497db3 d:\avira\antivir desktop\avesvc.dll

MD5: c05e10ac65ce218ea116a9af5b250e00 d:\avira\antivir desktop\avesvcr.dll

MD5: 434d3aff60ee877a2d1cade7016af4c3 D:\Avira\AntiVir Desktop\avevtlog.dll

MD5: 1ae773142781013f32ae19d0404879fa D:\Avira\AntiVir Desktop\AVGIO.DLL

MD5: e01f456294ac209f4342d33c553411bc D:\Avira\AntiVir Desktop\AVGNT.EXE

MD5: c9a36ef935aced86aedf93e97e606911 D:\Avira\AntiVir Desktop\avguard.exe

MD5: 4200272ee793c5e139365e0afe9aab5b D:\Avira\AntiVir Desktop\avipc.dll

MD5: a04dd0e3c71fe7ac602b573b1b03758f d:\avira\antivir desktop\avpref.dll

MD5: 3754883925ea66a2ecf47747ba91b7f6 d:\avira\antivir desktop\avreg.dll

MD5: 52233c5d1890811c552068015afe27df D:\Avira\AntiVir Desktop\avshadow.exe

MD5: a9c010e69079a39a42407a7ad74ba691 d:\avira\antivir desktop\ccgen.dll

MD5: 0a0f3612a73619a755c596a4441f25d9 d:\avira\antivir desktop\ccgenrc.dll

MD5: 126b2f509341c36d99bd15188592123a d:\avira\antivir desktop\ccgrdrc.dll

MD5: 7e6ba46e48a45dbad5aade3510598bdd d:\avira\antivir desktop\ccgrdw.dll

MD5: db7f445e3a62f96b8e5b4b61bcffd22e d:\avira\antivir desktop\ccguard.dll

MD5: 795d4835ce714f4a0c601766134f344b d:\avira\antivir desktop\cclic.dll

MD5: 5ac47e3ac56e5e8827c9c593cb86881e d:\avira\antivir desktop\cclicrc.dll

MD5: 82464461acdfba6b876bf9f74a66bcbb d:\avira\antivir desktop\ccmainrc.dll

MD5: ce23ccf6ba06b0c093edb58b7e131809 d:\avira\antivir desktop\ccmsg.dll

MD5: 9d1c5d971235a5e84b1c25e7cefc52e4 d:\avira\antivir desktop\ccmsgrc.dll

MD5: 06f93da727d348689707611448470c9e d:\avira\antivir desktop\ccupdate.dll

MD5: 824a8fecc5e5d62b61a4f499f9d62023 d:\avira\antivir desktop\ccupdrc.dll

MD5: 5336c3171a5b80bb58220fe4ed795e47 D:\Avira\AntiVir Desktop\ccupdw.dll

MD5: 6f090ebfe2548af529f6a393bb8373b7 d:\avira\antivir desktop\ccwgrd.dll

MD5: a06401f94e64e4de108cf02fa26f6fc1 D:\Avira\AntiVir Desktop\ccwkrlib.dll

MD5: 13b7445daad8ea6774d65fd9def5d199 d:\avira\antivir desktop\cfglib.dll

MD5: 670690fd78d7a14ff6b2579502c7fffb d:\avira\antivir desktop\gpavgio.dll

MD5: 0d99e1210ecbc560e53fd759cfa4eab5 d:\avira\antivir desktop\gpgen.dll

MD5: 729f4d9ec5e17a5588dd187d0f5f2738 d:\avira\antivir desktop\gpgenrep.dll

MD5: 991f2c676b636e475cb9c8c30ed8e570 d:\avira\antivir desktop\gpgrd.dll

MD5: c2c2335e62da083e06bd99a70dfa8785 d:\avira\antivir desktop\gpgui.dll

MD5: a4b84315f5441e5514ad2e641c4f6e34 d:\avira\antivir desktop\gpipc.dll

MD5: 2ec0d1737c05adb6156c65bd4a2613f6 d:\avira\antivir desktop\gplegacy.dll

MD5: c48e0d43530060cad4a0b231b10eb5ba d:\avira\antivir desktop\gpschd.dll

MD5: 3ef34ffab47a2ecf4ce395edb6d15334 D:\Avira\AntiVir Desktop\grdcore.dll

MD5: ea196c9873949a3d2050c86b7ae95fdd D:\Avira\AntiVir Desktop\guardmsg.dll

MD5: 31222a7f19ef7013fd43e47168e4400a d:\avira\antivir desktop\onlcfg.dll

MD5: 6e71817dd5bd808adf8214be37b4958f D:\Avira\AntiVir Desktop\rcimage.dll

MD5: 0a1cc583e8147004e4ad4625d7fbf88c D:\Avira\AntiVir Desktop\sched.exe

MD5: 453a81f0537d7619bdc677e9a733c3fa D:\Avira\AntiVir Desktop\schedr.dll

MD5: 1568a7175588c6a8150c6d257ba58c81 D:\Avira\AntiVir Desktop\shlext.dll

MD5: 503fe48bc3b68f40018520aeae3beac1 D:\Avira\AntiVir Desktop\sqlite3.dll

MD5: ff9996564c0810b403f6410b60fbfa42 d:\avira\antivir desktop\webcat.dll

MD5: c00e7da2eb0e5a4942be2e6fc42083e1 D:\Avira\AntiVir Desktop\webcatrc.dll

MD5: c0393eb99a6c72c6bef9bfc4a72b33a6 D:\Superantispyware\SASCore.exe

MD5: 477e08fe0114afea114fc954c983d4db D:\Superantispyware\SASCTXMN.DLL

MD5: 39763504067962108505bff25f024345 D:\Superantispyware\SASDIFSV.SYS

MD5: 77b9fc20084b48408ad3e87570eb4a85 D:\Superantispyware\SASKUTIL.SYS

MD5: 2975c66459c426c20bc22d639df6b611 D:\Superantispyware\SASSEH.DLL

MD5: 2ab3a3c80c935bc6c86f3880f8f34bcc D:\Superantispyware\SASWINLO.DLL

No file uploaded.

Scan finished - communication took 2 sec

Total traffic - 0.01 MB sent, 0.68 KB recvd

Scanned 669 files and modules - 61 seconds

==============================================================================

The aswMBR log (Fix was NOT enabled only FixMBR was enabled) :

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-06-08 11:42:49

-----------------------------

11:42:49.265 OS Version: Windows 5.1.2600 Service Pack 3

11:42:49.265 Number of processors: 1 586 0xD08

11:42:49.265 ComputerName: ACER-684C9A655D UserName: Ken

11:42:49.734 Initialize success

11:44:08.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4

11:44:08.453 Disk 0 Vendor: ST9402112A 3.06 Size: 38154MB BusType: 3

11:44:08.531 Disk 0 MBR read successfully

11:44:08.531 Disk 0 MBR scan

11:44:08.531 Disk 0 unknown MBR code

11:44:08.531 Disk 0 Partition 1 00 12 Compaq diag MSWIN4.1 3200 MB offset 63

11:44:08.562 Disk 0 Partition 2 80 (A) 0B FAT32 MSWIN4.1 17288 MB offset 6554520

11:44:08.578 Disk 0 Partition 3 00 0C FAT32 LBA MSWIN4.1 17657 MB offset 41961780

11:44:08.593 Disk 0 scanning sectors +78124095

11:44:08.656 Disk 0 scanning C:\WINDOWS\system32\drivers

11:44:16.406 Service scanning

11:45:01.281 Modules scanning

11:45:28.718 Scan finished successfully

11:46:29.390 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ken\Desktop\MBR.dat"

11:46:29.390 The log file has been saved successfully to "C:\Documents and Settings\Ken\Desktop\aswMBR.txt"

And the TDSS Killer log:

11:48:12.0593 3524 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16

11:48:13.0125 3524 ============================================================

11:48:13.0125 3524 Current date / time: 2012/06/08 11:48:13.0125

11:48:13.0125 3524 SystemInfo:

11:48:13.0125 3524

11:48:13.0125 3524 OS Version: 5.1.2600 ServicePack: 3.0

11:48:13.0125 3524 Product type: Workstation

11:48:13.0125 3524 ComputerName: ACER-684C9A655D

11:48:13.0125 3524 UserName: Ken

11:48:13.0125 3524 Windows directory: C:\WINDOWS

11:48:13.0125 3524 System windows directory: C:\WINDOWS

11:48:13.0125 3524 Processor architecture: Intel x86

11:48:13.0125 3524 Number of processors: 1

11:48:13.0125 3524 Page size: 0x1000

11:48:13.0125 3524 Boot type: Normal boot

11:48:13.0125 3524 ============================================================

11:48:13.0984 3524 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

11:48:13.0984 3524 ============================================================

11:48:13.0984 3524 \Device\Harddisk0\DR0:

11:48:13.0984 3524 MBR partitions:

11:48:13.0984 3524 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xB, StartLBA 0x640398, BlocksNum 0x21C459C

11:48:13.0984 3524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x2804934, BlocksNum 0x227CB0B

11:48:13.0984 3524 ============================================================

11:48:14.0000 3524 C: <-> \Device\Harddisk0\DR0\Partition0

11:48:14.0015 3524 D: <-> \Device\Harddisk0\DR0\Partition1

11:48:14.0015 3524 ============================================================

11:48:14.0015 3524 Initialize success

11:48:14.0015 3524 ============================================================

11:48:33.0906 1484 ============================================================

11:48:33.0906 1484 Scan started

11:48:33.0906 1484 Mode: Manual; SigCheck; TDLFS;

11:48:33.0906 1484 ============================================================

11:48:34.0281 1484 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) D:\Superantispyware\SASCORE.EXE

11:48:34.0406 1484 !SASCORE - ok

11:48:34.0484 1484 Abiosdsk - ok

11:48:34.0531 1484 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

11:48:34.0687 1484 abp480n5 - ok

11:48:34.0750 1484 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

11:48:35.0062 1484 ACPI - ok

11:48:35.0093 1484 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

11:48:35.0281 1484 ACPIEC - ok

11:48:35.0359 1484 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

11:48:35.0546 1484 adpu160m - ok

11:48:35.0625 1484 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

11:48:35.0796 1484 aec - ok

11:48:35.0843 1484 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

11:48:35.0921 1484 AFD - ok

11:48:36.0000 1484 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

11:48:36.0281 1484 agp440 - ok

11:48:36.0343 1484 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

11:48:36.0515 1484 agpCPQ - ok

11:48:36.0562 1484 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

11:48:36.0625 1484 Aha154x - ok

11:48:36.0656 1484 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

11:48:36.0828 1484 aic78u2 - ok

11:48:36.0859 1484 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

11:48:37.0015 1484 aic78xx - ok

11:48:37.0421 1484 ALCXWDM (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

11:48:37.0625 1484 ALCXWDM - ok

11:48:37.0750 1484 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

11:48:37.0906 1484 Alerter - ok

11:48:37.0953 1484 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

11:48:38.0046 1484 ALG - ok

11:48:38.0109 1484 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

11:48:38.0281 1484 AliIde - ok

11:48:38.0328 1484 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

11:48:38.0484 1484 alim1541 - ok

11:48:38.0546 1484 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

11:48:38.0718 1484 amdagp - ok

11:48:38.0750 1484 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

11:48:38.0828 1484 amsint - ok

11:48:38.0906 1484 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) D:\Avira\AntiVir Desktop\sched.exe

11:48:38.0921 1484 AntiVirSchedulerService - ok

11:48:38.0953 1484 AntiVirService (c9a36ef935aced86aedf93e97e606911) D:\Avira\AntiVir Desktop\avguard.exe

11:48:38.0968 1484 AntiVirService - ok

11:48:39.0109 1484 AppMgmt - ok

11:48:39.0218 1484 AR5211 (67f7d2c3a9265ee0534e36fe952f2ac4) C:\WINDOWS\system32\DRIVERS\ar5211.sys

11:48:39.0265 1484 AR5211 - ok

11:48:39.0484 1484 AR5416 (43cb9e73a60d27ad069046b88cc4efeb) C:\WINDOWS\system32\DRIVERS\athw.sys

11:48:39.0578 1484 AR5416 - ok

11:48:39.0625 1484 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

11:48:39.0796 1484 Arp1394 - ok

11:48:39.0828 1484 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

11:48:40.0015 1484 asc - ok

11:48:40.0046 1484 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

11:48:40.0125 1484 asc3350p - ok

11:48:40.0156 1484 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

11:48:40.0328 1484 asc3550 - ok

11:48:40.0375 1484 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

11:48:40.0531 1484 AsyncMac - ok

11:48:40.0578 1484 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

11:48:40.0734 1484 atapi - ok

11:48:40.0734 1484 Atdisk - ok

11:48:40.0781 1484 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

11:48:40.0968 1484 Atmarpc - ok

11:48:41.0109 1484 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

11:48:41.0296 1484 AudioSrv - ok

11:48:41.0343 1484 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

11:48:41.0515 1484 audstub - ok

11:48:41.0546 1484 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

11:48:41.0593 1484 avgntflt - ok

11:48:41.0609 1484 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys

11:48:41.0640 1484 avipbb - ok

11:48:41.0687 1484 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

11:48:41.0703 1484 avkmgr - ok

11:48:41.0718 1484 AWService - ok

11:48:41.0812 1484 BCM43XX (38ca1443660d0f5f06887c6a2e692aeb) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

11:48:41.0859 1484 BCM43XX ( UnsignedFile.Multi.Generic ) - warning

11:48:41.0859 1484 BCM43XX - detected UnsignedFile.Multi.Generic (1)

11:48:41.0906 1484 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

11:48:42.0078 1484 Beep - ok

11:48:42.0203 1484 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

11:48:42.0421 1484 BITS - ok

11:48:42.0484 1484 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

11:48:42.0671 1484 Browser - ok

11:48:42.0781 1484 catchme - ok

11:48:42.0796 1484 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

11:48:42.0968 1484 cbidf - ok

11:48:42.0984 1484 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

11:48:43.0156 1484 cbidf2k - ok

11:48:43.0187 1484 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

11:48:43.0265 1484 cd20xrnt - ok

11:48:43.0281 1484 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

11:48:43.0468 1484 Cdaudio - ok

11:48:43.0515 1484 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

11:48:43.0687 1484 Cdfs - ok

11:48:43.0718 1484 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

11:48:43.0906 1484 Cdrom - ok

11:48:43.0921 1484 Changer - ok

11:48:43.0984 1484 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

11:48:44.0156 1484 CiSvc - ok

11:48:44.0343 1484 CLCapSvc (1a1e79f6e127c91182830a76b704032f) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

11:48:44.0375 1484 CLCapSvc ( UnsignedFile.Multi.Generic ) - warning

11:48:44.0375 1484 CLCapSvc - detected UnsignedFile.Multi.Generic (1)

11:48:44.0421 1484 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

11:48:44.0609 1484 ClipSrv - ok

11:48:44.0656 1484 CLSched (a124917b852b02ec63459c466d43c0e4) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

11:48:44.0671 1484 CLSched ( UnsignedFile.Multi.Generic ) - warning

11:48:44.0671 1484 CLSched - detected UnsignedFile.Multi.Generic (1)

11:48:44.0703 1484 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

11:48:44.0890 1484 CmBatt - ok

11:48:44.0921 1484 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

11:48:45.0093 1484 CmdIde - ok

11:48:45.0109 1484 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

11:48:45.0281 1484 Compbatt - ok

11:48:45.0328 1484 COMSysApp - ok

11:48:45.0375 1484 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

11:48:45.0562 1484 Cpqarray - ok

11:48:45.0625 1484 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

11:48:45.0796 1484 CryptSvc - ok

11:48:45.0828 1484 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys

11:48:45.0859 1484 CVirtA - ok

11:48:45.0906 1484 CyberLink Media Library Service (5b417ed5b49d5a65355a81a2a5fbc1e0) C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

11:48:45.0921 1484 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning

11:48:45.0921 1484 CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)

11:48:45.0984 1484 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

11:48:46.0156 1484 dac2w2k - ok

11:48:46.0203 1484 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

11:48:46.0375 1484 dac960nt - ok

11:48:46.0484 1484 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

11:48:46.0531 1484 DcomLaunch - ok

11:48:46.0625 1484 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

11:48:46.0796 1484 Dhcp - ok

11:48:46.0828 1484 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

11:48:47.0000 1484 Disk - ok

11:48:47.0031 1484 dmadmin - ok

11:48:47.0171 1484 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

11:48:47.0390 1484 dmboot - ok

11:48:47.0406 1484 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

11:48:47.0578 1484 dmio - ok

11:48:47.0593 1484 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

11:48:47.0781 1484 dmload - ok

11:48:47.0828 1484 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

11:48:48.0015 1484 dmserver - ok

11:48:48.0046 1484 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

11:48:48.0218 1484 DMusic - ok

11:48:48.0281 1484 DNE (86d52c32a308f84bbc626bff7c1fb710) C:\WINDOWS\system32\DRIVERS\dne2000.sys

11:48:48.0281 1484 DNE - ok

11:48:48.0343 1484 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

11:48:48.0390 1484 Dnscache - ok

11:48:48.0468 1484 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

11:48:48.0656 1484 Dot3svc - ok

11:48:48.0687 1484 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

11:48:48.0875 1484 dpti2o - ok

11:48:48.0921 1484 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

11:48:49.0093 1484 drmkaud - ok

11:48:49.0140 1484 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

11:48:49.0328 1484 EapHost - ok

11:48:49.0359 1484 EpmPsd (d68564fcfbdfc04280cdbbb37cf7ef7f) C:\WINDOWS\system32\drivers\epm-psd.sys

11:48:49.0390 1484 EpmPsd ( UnsignedFile.Multi.Generic ) - warning

11:48:49.0390 1484 EpmPsd - detected UnsignedFile.Multi.Generic (1)

11:48:49.0437 1484 EpmShd (2d0c4a7077f6c68449479f5444c580a7) C:\WINDOWS\system32\drivers\epm-shd.sys

11:48:49.0453 1484 EpmShd ( UnsignedFile.Multi.Generic ) - warning

11:48:49.0453 1484 EpmShd - detected UnsignedFile.Multi.Generic (1)

11:48:49.0515 1484 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

11:48:49.0687 1484 ERSvc - ok

11:48:49.0750 1484 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

11:48:49.0781 1484 Eventlog - ok

11:48:49.0890 1484 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

11:48:49.0937 1484 EventSystem - ok

11:48:49.0968 1484 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

11:48:50.0125 1484 Fastfat - ok

11:48:50.0187 1484 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

11:48:50.0218 1484 FastUserSwitchingCompatibility - ok

11:48:50.0296 1484 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe

11:48:50.0500 1484 Fax - ok

11:48:50.0531 1484 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

11:48:50.0703 1484 Fdc - ok

11:48:50.0734 1484 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys

11:48:50.0921 1484 FETNDIS - ok

11:48:50.0968 1484 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

11:48:51.0156 1484 Fips - ok

11:48:51.0187 1484 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

11:48:51.0359 1484 Flpydisk - ok

11:48:51.0406 1484 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

11:48:51.0578 1484 FltMgr - ok

11:48:51.0593 1484 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

11:48:51.0765 1484 Fs_Rec - ok

11:48:51.0828 1484 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

11:48:52.0000 1484 Ftdisk - ok

11:48:52.0031 1484 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys

11:48:52.0187 1484 gagp30kx - ok

11:48:52.0234 1484 GGSAFERDriver - ok

11:48:52.0281 1484 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

11:48:52.0453 1484 Gpc - ok

11:48:52.0515 1484 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

11:48:52.0687 1484 helpsvc - ok

11:48:52.0734 1484 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

11:48:52.0906 1484 HidServ - ok

11:48:52.0937 1484 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

11:48:53.0093 1484 HidUsb - ok

11:48:53.0140 1484 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

11:48:53.0328 1484 hkmsvc - ok

11:48:53.0375 1484 Hotkey (8b566ea71d5b76157a9cdb78f25a5731) C:\WINDOWS\system32\drivers\Hotkey.sys

11:48:53.0390 1484 Hotkey ( UnsignedFile.Multi.Generic ) - warning

11:48:53.0390 1484 Hotkey - detected UnsignedFile.Multi.Generic (1)

11:48:53.0437 1484 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

11:48:53.0593 1484 hpn - ok

11:48:53.0671 1484 HSFHWICH (9e99aad9cfea338cef2eb6bcf2d9b524) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

11:48:53.0687 1484 HSFHWICH - ok

11:48:53.0890 1484 HSF_DP (dfa8f86c0dbca7db948043aa3be6793b) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

11:48:53.0968 1484 HSF_DP - ok

11:48:54.0156 1484 HSF_DPV (5a5a7721d9c62d77fc0faba9b2cf5be9) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

11:48:54.0250 1484 HSF_DPV - ok

11:48:54.0312 1484 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

11:48:54.0343 1484 HTTP - ok

11:48:54.0421 1484 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

11:48:54.0593 1484 HTTPFilter - ok

11:48:54.0625 1484 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

11:48:54.0812 1484 i2omgmt - ok

11:48:54.0859 1484 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

11:48:55.0062 1484 i2omp - ok

11:48:55.0093 1484 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

11:48:55.0281 1484 i8042prt - ok

11:48:55.0468 1484 ialm (afa7c99d211a2aff21a287bc4264cde6) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

11:48:55.0562 1484 ialm - ok

11:48:55.0593 1484 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

11:48:55.0796 1484 Imapi - ok

11:48:55.0843 1484 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

11:48:56.0000 1484 ImapiService - ok

11:48:56.0046 1484 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

11:48:56.0234 1484 ini910u - ok

11:48:56.0265 1484 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

11:48:56.0421 1484 IntelIde - ok

11:48:56.0468 1484 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

11:48:56.0640 1484 intelppm - ok

11:48:56.0671 1484 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

11:48:56.0828 1484 Ip6Fw - ok

11:48:56.0859 1484 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

11:48:57.0031 1484 IpFilterDriver - ok

11:48:57.0062 1484 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

11:48:57.0218 1484 IpInIp - ok

11:48:57.0250 1484 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

11:48:57.0421 1484 IpNat - ok

11:48:57.0437 1484 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

11:48:57.0609 1484 IPSec - ok

11:48:57.0640 1484 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

11:48:57.0718 1484 IRENUM - ok

11:48:57.0734 1484 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

11:48:57.0906 1484 isapnp - ok

11:48:58.0078 1484 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe

11:48:58.0093 1484 JavaQuickStarterService - ok

11:48:58.0125 1484 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

11:48:58.0296 1484 Kbdclass - ok

11:48:58.0328 1484 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

11:48:58.0500 1484 kbdhid - ok

11:48:58.0562 1484 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

11:48:58.0703 1484 kmixer - ok

11:48:58.0765 1484 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

11:48:58.0812 1484 KSecDD - ok

11:48:58.0906 1484 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

11:48:58.0937 1484 lanmanserver - ok

11:48:59.0000 1484 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

11:48:59.0031 1484 lanmanworkstation - ok

11:48:59.0046 1484 lbrtfdc - ok

11:48:59.0187 1484 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

11:48:59.0375 1484 LmHosts - ok

11:48:59.0437 1484 lxcr_device - ok

11:48:59.0468 1484 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

11:48:59.0484 1484 mdmxsdk - ok

11:48:59.0546 1484 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

11:48:59.0718 1484 Messenger - ok

11:48:59.0781 1484 Microsoft SharePoint Workspace Audit Service - ok

11:48:59.0812 1484 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

11:48:59.0984 1484 mnmdd - ok

11:49:00.0031 1484 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

11:49:00.0203 1484 mnmsrvc - ok

11:49:00.0218 1484 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

11:49:00.0390 1484 Modem - ok

11:49:00.0421 1484 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

11:49:00.0578 1484 Mouclass - ok

11:49:00.0609 1484 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

11:49:00.0765 1484 mouhid - ok

11:49:00.0812 1484 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

11:49:00.0984 1484 MountMgr - ok

11:49:01.0031 1484 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

11:49:01.0187 1484 mraid35x - ok

11:49:01.0250 1484 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

11:49:01.0421 1484 MRxDAV - ok

11:49:01.0515 1484 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

11:49:01.0578 1484 MRxSmb - ok

11:49:01.0609 1484 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

11:49:01.0781 1484 MSDTC - ok

11:49:01.0828 1484 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

11:49:02.0015 1484 Msfs - ok

11:49:02.0062 1484 MSIServer - ok

11:49:02.0093 1484 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

11:49:02.0265 1484 MSKSSRV - ok

11:49:02.0265 1484 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

11:49:02.0453 1484 MSPCLOCK - ok

11:49:02.0468 1484 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

11:49:02.0640 1484 MSPQM - ok

11:49:02.0671 1484 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

11:49:02.0843 1484 mssmbios - ok

11:49:02.0906 1484 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

11:49:02.0921 1484 Mup - ok

11:49:03.0031 1484 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

11:49:03.0203 1484 napagent - ok

11:49:03.0234 1484 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

11:49:03.0406 1484 NDIS - ok

11:49:03.0453 1484 NdisFilt (1f76996253071cbae0a5ab5d8551ef88) C:\WINDOWS\system32\Drivers\NdisFilt.sys

11:49:03.0453 1484 NdisFilt ( UnsignedFile.Multi.Generic ) - warning

11:49:03.0453 1484 NdisFilt - detected UnsignedFile.Multi.Generic (1)

11:49:03.0484 1484 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

11:49:03.0500 1484 NdisTapi - ok

11:49:03.0546 1484 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

11:49:03.0703 1484 Ndisuio - ok

11:49:03.0734 1484 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

11:49:03.0906 1484 NdisWan - ok

11:49:03.0953 1484 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

11:49:03.0984 1484 NDProxy - ok

11:49:04.0015 1484 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

11:49:04.0203 1484 NetBIOS - ok

11:49:04.0250 1484 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

11:49:04.0406 1484 NetBT - ok

11:49:04.0468 1484 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

11:49:04.0656 1484 NetDDE - ok

11:49:04.0656 1484 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

11:49:04.0812 1484 NetDDEdsdm - ok

11:49:04.0859 1484 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

11:49:05.0046 1484 Netlogon - ok

11:49:05.0125 1484 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

11:49:05.0281 1484 Netman - ok

11:49:05.0328 1484 NETMNT (6a25f27202f3122a44a6b74ee46e7a76) C:\WINDOWS\system32\DRIVERS\NETMNT.sys

11:49:05.0343 1484 NETMNT ( UnsignedFile.Multi.Generic ) - warning

11:49:05.0343 1484 NETMNT - detected UnsignedFile.Multi.Generic (1)

11:49:05.0375 1484 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

11:49:05.0562 1484 NIC1394 - ok

11:49:05.0625 1484 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

11:49:05.0656 1484 Nla - ok

11:49:05.0703 1484 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

11:49:05.0875 1484 Npfs - ok

11:49:05.0906 1484 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys

11:49:05.0968 1484 NSCIRDA - ok

11:49:06.0062 1484 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

11:49:06.0281 1484 Ntfs - ok

11:49:06.0312 1484 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys

11:49:06.0328 1484 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning

11:49:06.0328 1484 NTIDrvr - detected UnsignedFile.Multi.Generic (1)

11:49:06.0343 1484 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

11:49:06.0515 1484 NtLmSsp - ok

11:49:06.0609 1484 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

11:49:06.0812 1484 NtmsSvc - ok

11:49:06.0843 1484 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

11:49:07.0015 1484 Null - ok

11:49:07.0046 1484 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

11:49:07.0203 1484 NwlnkFlt - ok

11:49:07.0218 1484 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

11:49:07.0390 1484 NwlnkFwd - ok

11:49:07.0421 1484 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

11:49:07.0578 1484 ohci1394 - ok

11:49:07.0609 1484 OsaFsLoc (26c4a4b64d1dd8e6fdfb2f4897be029c) C:\WINDOWS\system32\drivers\OsaFsLoc.sys

11:49:07.0640 1484 OsaFsLoc ( UnsignedFile.Multi.Generic ) - warning

11:49:07.0640 1484 OsaFsLoc - detected UnsignedFile.Multi.Generic (1)

11:49:07.0656 1484 osaio (9d1177c2a8de936b33d85ff75e8cbf1a) C:\WINDOWS\system32\drivers\osaio.sys

11:49:07.0671 1484 osaio ( UnsignedFile.Multi.Generic ) - warning

11:49:07.0671 1484 osaio - detected UnsignedFile.Multi.Generic (1)

11:49:07.0718 1484 osanbm (3245bee5176697faf0744a2e1288dc77) C:\WINDOWS\system32\drivers\osanbm.sys

11:49:07.0734 1484 osanbm ( UnsignedFile.Multi.Generic ) - warning

11:49:07.0734 1484 osanbm - detected UnsignedFile.Multi.Generic (1)

11:49:07.0843 1484 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:49:07.0859 1484 ose - ok

11:49:08.0687 1484 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

11:49:08.0984 1484 osppsvc - ok

11:49:09.0109 1484 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

11:49:09.0281 1484 Parport - ok

11:49:09.0312 1484 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

11:49:09.0500 1484 PartMgr - ok

11:49:09.0531 1484 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

11:49:09.0687 1484 ParVdm - ok

11:49:09.0718 1484 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

11:49:09.0890 1484 PCI - ok

11:49:09.0890 1484 PCIDump - ok

11:49:09.0937 1484 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

11:49:10.0093 1484 PCIIde - ok

11:49:10.0156 1484 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

11:49:10.0328 1484 Pcmcia - ok

11:49:10.0328 1484 PDCOMP - ok

11:49:10.0343 1484 PDFRAME - ok

11:49:10.0359 1484 PDRELI - ok

11:49:10.0375 1484 PDRFRAME - ok

11:49:10.0390 1484 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

11:49:10.0562 1484 perc2 - ok

11:49:10.0609 1484 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

11:49:10.0765 1484 perc2hib - ok

11:49:10.0828 1484 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys

11:49:10.0843 1484 pfc ( UnsignedFile.Multi.Generic ) - warning

11:49:10.0843 1484 pfc - detected UnsignedFile.Multi.Generic (1)

11:49:10.0906 1484 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

11:49:10.0921 1484 PlugPlay - ok

11:49:11.0000 1484 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

11:49:11.0156 1484 PolicyAgent - ok

11:49:11.0218 1484 POWERKEY (582099b89753bdc29db151e73c3fd4d9) C:\Program Files\Launch Manager\POWERKEY.sys

11:49:11.0234 1484 POWERKEY ( UnsignedFile.Multi.Generic ) - warning

11:49:11.0234 1484 POWERKEY - detected UnsignedFile.Multi.Generic (1)

11:49:11.0265 1484 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

11:49:11.0453 1484 PptpMiniport - ok

11:49:11.0484 1484 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

11:49:11.0640 1484 Processor - ok

11:49:11.0656 1484 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

11:49:11.0812 1484 ProtectedStorage - ok

11:49:11.0828 1484 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

11:49:12.0000 1484 PSched - ok

11:49:12.0046 1484 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

11:49:12.0218 1484 Ptilink - ok

11:49:12.0250 1484 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

11:49:12.0421 1484 ql1080 - ok

11:49:12.0453 1484 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

11:49:12.0625 1484 Ql10wnt - ok

11:49:12.0656 1484 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

11:49:12.0812 1484 ql12160 - ok

11:49:12.0843 1484 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

11:49:13.0015 1484 ql1240 - ok

11:49:13.0046 1484 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

11:49:13.0187 1484 ql1280 - ok

11:49:13.0203 1484 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

11:49:13.0343 1484 RasAcd - ok

11:49:13.0500 1484 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

11:49:13.0656 1484 RasAuto - ok

11:49:13.0703 1484 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

11:49:13.0765 1484 Rasirda - ok

11:49:13.0796 1484 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

11:49:13.0953 1484 Rasl2tp - ok

11:49:14.0031 1484 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

11:49:14.0187 1484 RasMan - ok

11:49:14.0203 1484 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

11:49:14.0375 1484 RasPppoe - ok

11:49:14.0421 1484 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

11:49:14.0578 1484 Raspti - ok

11:49:14.0640 1484 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

11:49:14.0796 1484 Rdbss - ok

11:49:14.0828 1484 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

11:49:14.0984 1484 RDPCDD - ok

11:49:15.0046 1484 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

11:49:15.0203 1484 rdpdr - ok

11:49:15.0265 1484 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

11:49:15.0296 1484 RDPWD - ok

11:49:15.0359 1484 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

11:49:15.0500 1484 RDSessMgr - ok

11:49:15.0531 1484 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

11:49:15.0687 1484 redbook - ok

11:49:15.0734 1484 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

11:49:15.0906 1484 RemoteAccess - ok

11:49:16.0015 1484 RichVideo (a76cddb6d1f25797843e2557a2118e2e) C:\Program Files\CyberLink\Shared Files\RichVideo.exe

11:49:16.0031 1484 RichVideo ( UnsignedFile.Multi.Generic ) - warning

11:49:16.0031 1484 RichVideo - detected UnsignedFile.Multi.Generic (1)

11:49:16.0093 1484 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

11:49:16.0265 1484 RpcLocator - ok

11:49:16.0359 1484 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll

11:49:16.0390 1484 RpcSs - ok

11:49:16.0453 1484 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

11:49:16.0593 1484 RSVP - ok

11:49:16.0640 1484 RTL8023xp (3529828ec571fb2f64f6b142f9109993) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys

11:49:16.0703 1484 RTL8023xp - ok

11:49:16.0750 1484 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

11:49:16.0921 1484 SamSs - ok

11:49:16.0953 1484 SASDIFSV (39763504067962108505bff25f024345) D:\Superantispyware\SASDIFSV.SYS

11:49:16.0953 1484 SASDIFSV - ok

11:49:16.0968 1484 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) D:\Superantispyware\SASKUTIL.SYS

11:49:16.0984 1484 SASKUTIL - ok

11:49:17.0062 1484 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

11:49:17.0218 1484 SCardSvr - ok

11:49:17.0265 1484 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

11:49:17.0437 1484 Schedule - ok

11:49:17.0468 1484 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

11:49:17.0546 1484 Secdrv - ok

11:49:17.0578 1484 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

11:49:17.0734 1484 seclogon - ok

11:49:17.0781 1484 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

11:49:17.0968 1484 SENS - ok

11:49:17.0984 1484 Ser2pl (2ec41a96d0dc98bd119bf325e0b9f392) C:\WINDOWS\system32\DRIVERS\ser2pl.sys

11:49:18.0015 1484 Ser2pl - ok

11:49:18.0046 1484 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

11:49:18.0203 1484 Serenum - ok

11:49:18.0250 1484 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

11:49:18.0421 1484 Serial - ok

11:49:18.0453 1484 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

11:49:18.0609 1484 Sfloppy - ok

11:49:18.0718 1484 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

11:49:18.0906 1484 SharedAccess - ok

11:49:18.0968 1484 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

11:49:18.0984 1484 ShellHWDetection - ok

11:49:18.0984 1484 Simbad - ok

11:49:19.0031 1484 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

11:49:19.0218 1484 sisagp - ok

11:49:19.0234 1484 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

11:49:19.0312 1484 Sparrow - ok

11:49:19.0343 1484 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

11:49:19.0515 1484 splitter - ok

11:49:19.0562 1484 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

11:49:19.0578 1484 Spooler - ok

11:49:19.0640 1484 sptd (0022cfff1a41e5ce3a764050a7ddf22a) C:\WINDOWS\System32\Drivers\sptd.sys

11:49:19.0671 1484 sptd - ok

11:49:19.0718 1484 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

11:49:19.0781 1484 sr - ok

11:49:19.0843 1484 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

11:49:19.0921 1484 srservice - ok

11:49:20.0000 1484 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

11:49:20.0062 1484 Srv - ok

11:49:20.0093 1484 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

11:49:20.0171 1484 SSDPSRV - ok

11:49:20.0234 1484 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

11:49:20.0234 1484 ssmdrv - ok

11:49:20.0421 1484 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

11:49:20.0593 1484 stisvc - ok

11:49:20.0640 1484 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

11:49:20.0796 1484 swenum - ok

11:49:20.0843 1484 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

11:49:21.0015 1484 swmidi - ok

11:49:21.0062 1484 SwPrv - ok

11:49:21.0093 1484 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

11:49:21.0234 1484 symc810 - ok

11:49:21.0281 1484 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

11:49:21.0453 1484 symc8xx - ok

11:49:21.0500 1484 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys

11:49:21.0500 1484 symlcbrd - ok

11:49:21.0531 1484 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

11:49:21.0687 1484 sym_hi - ok

11:49:21.0718 1484 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

11:49:21.0875 1484 sym_u3 - ok

11:49:21.0937 1484 SynTP (062e75f20d9bdca40344d85262f74748) C:\WINDOWS\system32\DRIVERS\SynTP.sys

11:49:21.0968 1484 SynTP - ok

11:49:21.0984 1484 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

11:49:22.0140 1484 sysaudio - ok

11:49:22.0187 1484 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

11:49:22.0343 1484 SysmonLog - ok

11:49:22.0406 1484 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

11:49:22.0562 1484 TapiSrv - ok

11:49:22.0656 1484 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

11:49:22.0687 1484 Tcpip - ok

11:49:22.0734 1484 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

11:49:22.0890 1484 TDPIPE - ok

11:49:22.0937 1484 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

11:49:23.0093 1484 TDTCP - ok

11:49:23.0140 1484 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

11:49:23.0312 1484 TermDD - ok

11:49:23.0421 1484 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

11:49:23.0578 1484 TermService - ok

11:49:23.0640 1484 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

11:49:23.0656 1484 Themes - ok

11:49:23.0687 1484 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

11:49:23.0843 1484 TosIde - ok

11:49:23.0921 1484 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

11:49:24.0093 1484 TrkWks - ok

11:49:24.0125 1484 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys

11:49:24.0140 1484 UBHelper ( UnsignedFile.Multi.Generic ) - warning

11:49:24.0140 1484 UBHelper - detected UnsignedFile.Multi.Generic (1)

11:49:24.0187 1484 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

11:49:24.0359 1484 Udfs - ok

11:49:24.0390 1484 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

11:49:24.0468 1484 ultra - ok

11:49:24.0562 1484 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

11:49:24.0781 1484 Update - ok

11:49:24.0875 1484 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

11:49:24.0968 1484 upnphost - ok

11:49:25.0031 1484 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

11:49:25.0187 1484 UPS - ok

11:49:25.0234 1484 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

11:49:25.0390 1484 usbccgp - ok

11:49:25.0421 1484 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

11:49:25.0593 1484 usbehci - ok

11:49:25.0640 1484 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

11:49:25.0796 1484 usbhub - ok

11:49:25.0812 1484 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

11:49:25.0984 1484 usbprint - ok

11:49:26.0000 1484 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

11:49:26.0156 1484 usbscan - ok

11:49:26.0203 1484 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

11:49:26.0359 1484 usbstor - ok

11:49:26.0390 1484 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

11:49:26.0546 1484 usbuhci - ok

11:49:26.0578 1484 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

11:49:26.0734 1484 VgaSave - ok

11:49:26.0781 1484 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

11:49:26.0937 1484 viaagp - ok

11:49:26.0984 1484 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

11:49:27.0125 1484 ViaIde - ok

11:49:27.0156 1484 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

11:49:27.0312 1484 VolSnap - ok

11:49:27.0406 1484 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

11:49:27.0484 1484 VSS - ok

11:49:27.0578 1484 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

11:49:27.0734 1484 W32Time - ok

11:49:27.0765 1484 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

11:49:27.0937 1484 Wanarp - ok

11:49:27.0953 1484 Wbutton - ok

11:49:28.0062 1484 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys

11:49:28.0109 1484 Wdf01000 - ok

11:49:28.0125 1484 WDICA - ok

11:49:28.0156 1484 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

11:49:28.0312 1484 wdmaud - ok

11:49:28.0375 1484 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

11:49:28.0546 1484 WebClient - ok

11:49:28.0687 1484 winachsf (e0a00b06ea067c84e124b407dffa1af1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

11:49:28.0765 1484 winachsf - ok

11:49:28.0843 1484 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

11:49:28.0984 1484 winmgmt - ok

11:49:29.0078 1484 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

11:49:29.0109 1484 WmdmPmSN - ok

11:49:29.0140 1484 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

11:49:29.0296 1484 WmiAcpi - ok

11:49:29.0328 1484 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

11:49:29.0500 1484 WmiApSrv - ok

11:49:29.0718 1484 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe

11:49:29.0796 1484 WMPNetworkSvc - ok

11:49:29.0843 1484 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

11:49:30.0015 1484 WS2IFSL - ok

11:49:30.0062 1484 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

11:49:30.0218 1484 wscsvc - ok

11:49:30.0359 1484 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

11:49:30.0531 1484 wuauserv - ok

11:49:30.0578 1484 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

11:49:30.0593 1484 WudfPf - ok

11:49:30.0625 1484 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

11:49:30.0656 1484 WudfRd - ok

11:49:30.0703 1484 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll

11:49:30.0734 1484 WudfSvc - ok

11:49:30.0859 1484 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

11:49:31.0046 1484 WZCSVC - ok

11:49:31.0125 1484 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

11:49:31.0265 1484 xmlprov - ok

11:49:31.0296 1484 MBR (0x1B8) (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0

11:49:35.0671 1484 \Device\Harddisk0\DR0 - ok

11:49:35.0703 1484 Boot (0x1200) (8ce2ee87b9aa8818d97d466bb7ebca0b) \Device\Harddisk0\DR0\Partition0

11:49:35.0703 1484 \Device\Harddisk0\DR0\Partition0 - ok

11:49:35.0734 1484 Boot (0x1200) (9d588889250cd669d72b48730a8c60d9) \Device\Harddisk0\DR0\Partition1

11:49:35.0734 1484 \Device\Harddisk0\DR0\Partition1 - ok

11:49:35.0734 1484 ============================================================

11:49:35.0734 1484 Scan finished

11:49:35.0734 1484 ============================================================

11:49:35.0859 0416 Detected object count: 17

11:49:35.0859 0416 Actual detected object count: 17

11:49:45.0921 0416 BCM43XX ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0921 0416 BCM43XX ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0921 0416 CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0921 0416 CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0921 0416 CLSched ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0921 0416 CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0921 0416 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0921 0416 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0921 0416 EpmPsd ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0921 0416 EpmPsd ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0921 0416 EpmShd ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0921 0416 EpmShd ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0937 0416 Hotkey ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0937 0416 Hotkey ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0937 0416 NdisFilt ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0937 0416 NdisFilt ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0937 0416 NETMNT ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0937 0416 NETMNT ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0937 0416 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0937 0416 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0937 0416 OsaFsLoc ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0937 0416 OsaFsLoc ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0937 0416 osaio ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0937 0416 osaio ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0937 0416 osanbm ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0937 0416 osanbm ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0937 0416 pfc ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0937 0416 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0953 0416 POWERKEY ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0953 0416 POWERKEY ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0953 0416 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0953 0416 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:49:45.0953 0416 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user

11:49:45.0953 0416 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

After we are all done and close this case, you will need to do a defragmentation run (Defrag) for the HDD.

That may explain the slowness of the system.

This is to delete temporary files:

Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • IF prompted to Reboot, reply "Yes".

Step 2

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

If you have a prior copy of Combofix, delete it now !

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)

Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1

Link 2

CF_download_FF.gif

CF_download_rename.gif

* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop

If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on Combo-Fix.exe cf-icon.jpg & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

whatnext.png

Click on Yes, to continue scanning for malware.

Please watch Combofix as it runs, as you may see messages which require your response, or the pressing of OK button.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

-------------------------------------------------------

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

RE-Enable your AntiVirus and AntiSpyware applications.

Link to post
Share on other sites

I had some time today, but I don't expect any more till Monday. Here is the combofix log:

ComboFix 12-06-09.02 - Ken 06/09/2012 19:07:34.13.1 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1529 [GMT -7:00]

Running from: c:\documents and settings\Ken\Desktop\Combo-Fix.exe

AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\LocalService\Application Data\156813fd1406C.manifest

c:\documents and settings\LocalService\Application Data\156813fd1406O.manifest

c:\documents and settings\LocalService\Application Data\156813fd1406S.manifest

.

.

((((((((((((((((((((((((( Files Created from 2012-05-10 to 2012-06-10 )))))))))))))))))))))))))))))))

.

.

2012-06-08 23:53 . 2012-06-08 23:53 -------- d-----w- c:\documents and settings\Ken\Application Data\Avira

2012-06-08 23:47 . 2012-04-27 17:20 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-06-08 23:47 . 2012-04-25 07:32 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-06-08 23:47 . 2012-04-17 04:18 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-06-08 23:47 . 2012-06-08 23:47 -------- d-----w- c:\program files\Avira

2012-06-08 18:37 . 2012-06-08 18:37 -------- d-----w- c:\documents and settings\Ken\Application Data\QuickScan

2012-06-08 18:27 . 2012-06-08 18:27 -------- d-----w- C:\rsit

2012-06-08 18:27 . 2012-06-08 18:27 -------- d-----w- c:\program files\trend micro

2012-06-08 18:24 . 2012-06-08 18:24 -------- d-----w- c:\program files\ERUNT

2012-06-07 21:58 . 2012-06-07 21:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Sophos

2012-06-07 19:18 . 2012-06-07 19:18 -------- d-----w- c:\documents and settings\Ken\Application Data\SUPERAntiSpyware.com

2012-06-07 19:16 . 2012-06-07 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2012-06-06 23:41 . 2012-06-06 23:41 -------- d-----w- c:\program files\ESET

2012-06-06 22:57 . 2012-06-06 22:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-06-06 22:57 . 2012-04-04 22:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-31 13:22 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-04-29 17:54 . 2012-04-29 17:54 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-04-13 23:01 . 2010-07-01 19:26 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-04-13 23:01 . 2010-04-28 18:35 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-04-11 13:12 . 2004-08-04 12:00 1862272 ----a-w- c:\windows\system32\win32k.sys

2012-04-11 13:10 . 2004-08-04 12:00 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-11 12:35 . 2004-08-04 12:00 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-03-13 04:39 . 2012-06-08 23:48 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"X-keys Programming"="c:\program files\PIEngineering\X-keys\XKWdkApp.exe" [2001-11-20 422400]

"LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2005-12-01 65536]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-02 348624]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\superantispyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- d:\superantispyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]

path=

backup=c:\windows\pss\Google Updater.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]

path=

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PHM Reminders.lnk]

path=

backup=c:\windows\pss\PHM Reminders.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^STK017 PNP Monitor.lnk]

path=

backup=c:\windows\pss\STK017 PNP Monitor.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADMTray.exe]

2005-10-24 23:45 2462208 ----a-w- c:\acer\Empowering Technology\admtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-03 06:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtrlVol]

2003-09-16 21:28 20480 ----a-w- c:\program files\Launch Manager\CtrlVol.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]

2005-07-26 18:36 69632 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]

2006-01-02 17:31 397312 ----a-w- c:\acer\Empowering Technology\eRecovery\Monitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

2006-02-07 05:10 98304 ----a-w- c:\program files\Lexmark 2400 Series\ezprint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]

2006-02-02 08:11 290816 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

2005-08-24 19:47 77824 ----a-w- c:\windows\system32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

2005-08-24 19:51 114688 ----a-w- c:\windows\system32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

2005-08-24 19:50 94208 ----a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]

2004-08-04 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchAp]

2005-07-25 20:36 32768 ----a-w- c:\program files\Launch Manager\LaunchAp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

2005-11-08 17:45 69632 ----a-w- c:\program files\Launch Manager\HotkeyApp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]

2005-07-25 17:45 241664 ----a-w- c:\program files\Launch Manager\OSDCtrl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]

2006-01-22 17:45 286720 ----a-w- c:\program files\Lexmark 2400 Series\lxcrmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]

2004-08-04 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

2005-09-01 02:59 147456 ------w- c:\program files\Acer\Acer Arcade\PCMService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]

2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]

2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerKey]

2002-08-30 22:02 94208 ----a-w- c:\program files\Launch Manager\Powerkey.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\preload]

2005-05-20 00:09 32768 ----a-w- c:\windows\RUNXMLPL.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

2005-04-15 18:01 77824 ----a-w- c:\windows\SOUNDMAN.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-01-18 21:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2005-02-04 18:11 708698 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]

2005-02-04 18:12 102490 ----a-w- c:\program files\Synaptics\SynTP\SynTPLpr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton]

2005-11-08 17:19 81920 ----a-w- c:\program files\Launch Manager\WButton.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YOP]

2005-04-23 02:49 397312 ----a-w- c:\progra~1\Yahoo!\YOP\yop.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"LiveUpdate Notice Service"=2 (0x2)

"LiveUpdate"=3 (0x3)

"gusvc"=2 (0x2)

"NACAgent"=2 (0x2)

"WebrootSpySweeperService"=2 (0x2)

"Symantec Core LC"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"d:\\Garena\\Garena.exe"=

"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"67:UDP"= 67:UDP:DHCP Discovery Service

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

.

R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [6/8/2012 4:47 PM 36000]

R1 SASDIFSV;SASDIFSV;d:\superantispyware\sasdifsv.sys [7/22/2011 9:27 AM 12880]

R1 SASKUTIL;SASKUTIL;d:\superantispyware\SASKUTIL.SYS [7/12/2011 2:55 PM 67664]

R2 !SASCORE;SAS Core Service;d:\superantispyware\SASCore.exe [8/11/2011 4:38 PM 116608]

R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6/8/2012 4:47 PM 86224]

S3 GGSAFERDriver;GGSAFER Driver;\??\d:\garena\safedrv.sys --> d:\garena\safedrv.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 11:15 AM 31125880]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000]

S3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.SYS [7/29/2006 6:12 PM 2343]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - SSMDRV

.

Contents of the 'Scheduled Tasks' folder

.

2011-10-01 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 21:21]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mStart Page = hxxp://www.yahoo.com/?.home=ytie

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

Trusted Zone: eset.com\go

TCP: DhcpNameServer = 192.168.1.254

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\documents and settings\Ken\Application Data\Mozilla\Firefox\Profiles\hkk2yk61.default\

FF - prefs.js: browser.startup.homepage - yahoo.com

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-06-09 19:13

Windows 5.1.2600 Service Pack 3 FAT NTAPI

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,RunDLLEntry???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(672)

d:\superantispyware\SASWINLO.DLL

c:\windows\system32\WININET.dll

.

Completion time: 2012-06-09 19:14:41

ComboFix-quarantined-files.txt 2012-06-10 02:14

.

Pre-Run: 2,967,502,848 bytes free

Post-Run: 2,953,674,752 bytes free

.

- - End Of File - - 3F6BB73BDEFAACCBF2F40F8E69EFCF0A

Link to post
Share on other sites

Some updates are need for your system, then an antivirus check.

For Firefox browser

Start Firefox. Main menu >> Help >> About >> Check for Updates. Allow update to the latest release.

Java runtime

javaicon.gif

Your Java runtime is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

  • Download the latest version of >> Windows 7/XP/Vista/2000/2003/2008 Offline << from here and save it to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, select Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u32-windows-i586-s.exe to install the newest version.
    ( jre-6u32-windows-x64.exe if this is a 64-bit Windows o.s.)

  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup) javaicon.gif
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked

      • Applications and Applets
        Trace and Log Files

      [*]Click OK on Delete Temporary Files Window

      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

      [*]Click OK to leave the Temporary Files Window

Small tweaks for Java runtime, since most all users do not need to load Java at each Windows startup:

Click Advanced Tab. Expand the Miscellaneous item.

UN-check the line Java quick starter

Press Apply then OK. Close the applet when done.

To test your Java Run-time, you may go to this page http://www.java.com/...help/testvm.xml

When all is well, you should see Java Version: Java 6 Update 32 from Sun Microsystems Inc.

Flash Player

Use Add-or-Remove Programs (Windows XP) to de-install older versions of Flash Player.

Go to http://www.adobe.com/go/getflash

and get the latest Flash Player

Un-Check any checkbox for McAfee Security Scan Plus, or Google or any other widget or toolbar !!!

Virus check

Download Dr.Web CureIt to the desktop.

  • Turn OFF your antivirus program.
    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Doubleclick the drweb-cureit.exe file, then on Start and allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, chose the Complete Scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow drweb.jpg at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look and see if you can click the following icon next to the files found:
    check.gif
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    move.gif
  • This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.

NOTE: During the scan, a pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Re-Enable your antivirus program when all done.

Copy & Paste contents of DrWeb Cure-it log into next reply.

Link to post
Share on other sites

I uninstalled java using Revo uninstaller and installed java 7 update 4. When I click on the icon in control panel, it says it could not find the registry key specified:

---------------------------

Java Control Panel

---------------------------

The system cannot find the registry key specified:

HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_31

---------------------------

OK

---------------------------

On the test website, it says that Java is working and gives me a green check.

I successfully uninstalled and installed flash player.

I will now run the dr. web scan. I have not restared my computer after installing java, so maybe that is where the error message came from?

Link to post
Share on other sites

Just do a online scan at ESET.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Using Internet Explorer browser only, go to ESET Online Scanner website:

{Windows 7 & Vista users should start IE by Start >> Internet Explorer >> Right-Click and select Run As Administrator.}

  • Press the ESET Online scanner" button
  • Check the I accept the terms box. Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Un-check the Remove found threats option.
  • Checkmark Scan Archives option.
  • Click on Advanced Settings and checkmark the following
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology
    click Scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
    • A logfile is created and located at C:\Program Files\Eset\EsetOnlineScanner\log.txt.

    Look at contents of this file using Notepad or Wordpad.

    The Frequently Asked Questions for ESET Online Scanner can be viewed here

    http://www.eset.com/onlinescan/cac4.php?page=faq

    [*]Use of Internet Explorer for the online scan is preferred. If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.

After the scan is done, re-enable your antivirus program.

Reply with copy of the Eset scan log.

Link to post
Share on other sites

Eset found nothing. I already had it installed but I used internet explorer. Here is the log(there was only one and the scan time was a little over an hour)

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# iexplore.exe=7.00.6000.17109 (vista_gdr.120227-1644)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=c7a45150e98aae41b761f4a5e8c1bbb0

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2012-06-13 11:33:54

# local_time=2012-06-13 04:33:54 (-0800, Pacific Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 360213 360213 0 0

# compatibility_mode=1792 16777191 100 0 341023 341023 0 0

# compatibility_mode=8192 67108863 100 0 514217 514217 0 0

# scanned=59045

# found=0

# cleaned=0

# scan_time=3751

Link to post
Share on other sites

I just want be 100% sure that the computer has nothing on it since I do google search some things on biology and biochemistry.

I heard of scanners like windows safety scanner which is based on Windows essentials. I want to know some other scanners and scan with them so I can reassure myself that the computer is free of malware and spyware.

Link to post
Share on other sites

Slowness of pc may just be due to non-malware issues. Here are some recommended articles:

What to do if your Computer is running slowly

http://www.malwareremoval.com/tutorials/runningslowly.php

See Quietman7's Slow Computer/browser? Check Here First

http://www.bleepingcomputer.com/forums/topic87058.html

See Miekiemoes' Help! My computer is slow!

http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html

See Jim Eshelman's Computer Health

http://aumha.org/a/health.htm

Slow Computer/Browser: Check here first!

http://www.bleepingcomputer.com/forums/topic44694.html

The Microsoft Windows Defender Offline is an "offline" tool that you boot the pc with and scan your system for malware.

To get started, find a blank CD, DVD, or USB flash drive with at least 250 MB of free space and then download and run the tool—the tool will help you create the removable media.

WDO is NOT a substitute for a resident-installed antivirus app. It also should be considered as having a short shelf life, as it is updated by MS on a periodic basis; so you cannot consider your original download as being "forever up-to-date".

The basic sequence of steps are

a) Download and SAVE the tool to a unique folder/location on your pc

b) Create the CD/DVD/USB-flash drive with tool

c) Set pc to boot from the offline media

d) Place media in & restart system

e) Run the tool. Have infinite patience & have it scan the entire system. Remove any malware that is found.

Download & info link http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline

The frequently asked questions for this tool

http://windows.microsoft.com/en-US/windows/windows-defender-offline-faq

Links to other (but Online scanners) are listed further down this reply.

I see that you are clear of your original issues.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used.

We have to remove Combofix and all its associated folders. By whichever name you named it, ( you had named it Combo-Fix icon_exclaim.gif), put that name in the RUN box stated just below.

The "/uninstall" in the Run line below is to start Combofix for it's cleanup & removal function.

Note the space after exe and before the slash mark.

The utility must be removed to prevent any un-intentional or accidental usage, PLUS, to free up much space on your hard disk.

  • Click Start, then click Run.
    In the text box that opens, type or copy/paste Combo-Fix /uninstall and then click OK.

IF in the case Combofix un-install has an issue, skip that step.

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Delete the following if still present:

aswMBR.exe

TDSSKILLER.exe

DrWeb Cure-It

ERUNT you should keep and use on some periodic basis to save the Windows registry.

We are finished here. Best regards.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.