Jump to content

Documents moved, updates/downloads duplicated, email problems..


raken

Recommended Posts

It started when Firefox was updating. Then I had my documents folder and all it's contents moved, My e-mail account started acting up and wouldn't send or receive. I contacted what I thought was the Firefox help center and after about an hour the individual wanted to charge an arm and a leg to fix the errors he had discovered. I'm just totally confused now. I ran a full Mbam scan as opposed to the quick scan but have done nothing further. I could not find the error log for Mbam even after using the search option. While looking for it I did find a wga error log in notepad that had the same time stamp. Sorry. I have also noticed now it appears I have multiple downloads of Firefox and Internet Explorer has opened seemingly by itself as Firefox is my default. I will have nothing open but Internet Explorer will show as running in Task Manager. If someone can help me I would be forever grateful. Thanks so much for the opportunity. Also as I couldn't find the Mbam Log, I did look at it and it did not find any malware.

attach.txt

dds.txt

Link to post
Share on other sites

Hello raken,

Can you Copy and Paste directly into a new reply box

DDS.txt

Attach.txt

and going forward, NOT attach logs?

Also, in Task Manager, seeing Internet Explorer listed is -not- necessarily abnormal.

It just indicates that you had started Internet Explorer as some earlier point in the current Windows session.

What "specific" "documents" moved ?

Link to post
Share on other sites

Everything in "My Documents " folder pictures, downloads, etc. was moved. In the instance with Internet Explorer I had been browsing using Firefox and had c;osed everything and the computer was running like a gerbil in a cage. Here are the copy and paste texts. Thank you.

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 11/22/2004 12:24:28 PM

System Uptime: 1/28/2013 10:16:01 AM (2 hours ago)

.

Motherboard: ASUSTek Computer INC. | | Kelut

Processor: AMD Athlon XP 3100+ | Socket A | 2199/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 143 GiB total, 79.735 GiB free.

D: is FIXED (FAT32) - 6 GiB total, 0.767 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is Removable

H: is Removable

I: is Removable

J: is Removable

K: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP516: 10/30/2012 12:36:43 PM - Software Distribution Service 3.0

RP517: 10/31/2012 12:36:37 PM - Software Distribution Service 3.0

RP518: 11/1/2012 12:36:27 PM - Software Distribution Service 3.0

RP519: 11/2/2012 12:37:11 PM - Software Distribution Service 3.0

RP520: 11/3/2012 1:02:12 PM - System Checkpoint

RP521: 11/4/2012 7:12:18 AM - Software Distribution Service 3.0

RP522: 11/5/2012 7:13:18 AM - Software Distribution Service 3.0

RP523: 11/6/2012 7:12:40 AM - Software Distribution Service 3.0

RP524: 11/6/2012 7:45:22 PM - Removed Windows Defender

RP525: 11/6/2012 11:50:38 PM - Software Distribution Service 3.0

RP526: 11/8/2012 12:02:15 AM - System Checkpoint

RP527: 11/8/2012 8:02:23 AM - Software Distribution Service 3.0

RP528: 11/9/2012 8:12:54 AM - System Checkpoint

RP529: 11/9/2012 9:24:01 AM - Software Distribution Service 3.0

RP530: 11/10/2012 9:31:36 AM - Software Distribution Service 3.0

RP531: 11/11/2012 9:23:23 AM - Software Distribution Service 3.0

RP532: 11/12/2012 9:23:22 AM - Software Distribution Service 3.0

RP533: 11/13/2012 12:34:20 AM - Software Distribution Service 3.0

RP534: 11/13/2012 9:33:34 AM - Software Distribution Service 3.0

RP535: 11/13/2012 11:36:38 PM - Software Distribution Service 3.0

RP536: 11/14/2012 11:18:38 AM - Software Distribution Service 3.0

RP537: 11/15/2012 11:43:50 AM - System Checkpoint

RP538: 11/15/2012 2:45:47 PM - Software Distribution Service 3.0

RP539: 11/16/2012 2:46:21 PM - Software Distribution Service 3.0

RP540: 11/18/2012 1:03:33 PM - Software Distribution Service 3.0

RP541: 11/18/2012 1:39:21 PM - Software Distribution Service 3.0

RP542: 11/18/2012 1:58:37 PM - Removed QuickTime

RP543: 11/19/2012 2:11:43 PM - System Checkpoint

RP544: 11/19/2012 3:27:38 PM - Software Distribution Service 3.0

RP545: 11/20/2012 3:24:17 PM - Software Distribution Service 3.0

RP546: 11/20/2012 11:52:27 PM - Software Distribution Service 3.0

RP547: 11/21/2012 3:22:07 PM - Software Distribution Service 3.0

RP548: 11/22/2012 3:24:20 PM - Software Distribution Service 3.0

RP549: 11/23/2012 3:19:49 PM - Software Distribution Service 3.0

RP550: 11/24/2012 3:28:45 PM - Software Distribution Service 3.0

RP551: 11/25/2012 3:26:29 PM - Software Distribution Service 3.0

RP552: 11/26/2012 3:23:22 PM - Software Distribution Service 3.0

RP553: 11/27/2012 3:27:30 PM - Software Distribution Service 3.0

RP554: 11/27/2012 11:52:04 PM - Software Distribution Service 3.0

RP555: 11/28/2012 12:20:22 PM - Removed Shutterfly Express Uploader

RP556: 11/29/2012 12:45:15 PM - System Checkpoint

RP557: 11/29/2012 1:28:30 PM - Software Distribution Service 3.0

RP558: 11/30/2012 1:50:46 PM - System Checkpoint

RP559: 11/30/2012 6:33:50 PM - Software Distribution Service 3.0

RP560: 12/1/2012 6:32:42 PM - Software Distribution Service 3.0

RP561: 12/2/2012 6:34:45 PM - System Checkpoint

RP562: 12/3/2012 11:46:41 AM - Software Distribution Service 3.0

RP563: 12/4/2012 12:31:15 AM - Software Distribution Service 3.0

RP564: 12/4/2012 11:47:25 AM - Software Distribution Service 3.0

RP565: 12/5/2012 11:46:04 AM - Software Distribution Service 3.0

RP566: 12/6/2012 11:47:08 AM - Software Distribution Service 3.0

RP567: 12/7/2012 11:54:09 AM - Software Distribution Service 3.0

RP568: 12/8/2012 11:49:04 AM - Software Distribution Service 3.0

RP569: 12/9/2012 11:47:00 AM - Software Distribution Service 3.0

RP570: 12/10/2012 11:45:35 AM - Software Distribution Service 3.0

RP571: 12/10/2012 6:12:41 PM - Software Distribution Service 3.0

RP572: 12/11/2012 12:05:37 AM - Software Distribution Service 3.0

RP573: 12/11/2012 8:23:00 PM - Software Distribution Service 3.0

RP574: 12/12/2012 8:18:36 PM - Software Distribution Service 3.0

RP575: 12/13/2012 5:40:46 PM - Software Distribution Service 3.0

RP576: 12/13/2012 8:22:51 PM - Software Distribution Service 3.0

RP577: 12/14/2012 8:42:06 PM - System Checkpoint

RP578: 12/15/2012 9:58:59 AM - Software Distribution Service 3.0

RP579: 12/16/2012 10:29:54 AM - Software Distribution Service 3.0

RP580: 12/17/2012 10:33:51 AM - Software Distribution Service 3.0

RP581: 12/18/2012 12:12:08 AM - Software Distribution Service 3.0

RP582: 12/18/2012 10:24:03 AM - Software Distribution Service 3.0

RP583: 12/19/2012 10:38:44 AM - Software Distribution Service 3.0

RP584: 12/20/2012 10:25:39 AM - Software Distribution Service 3.0

RP585: 12/21/2012 11:21:29 AM - System Checkpoint

RP586: 12/22/2012 8:40:10 AM - Software Distribution Service 3.0

RP587: 12/23/2012 8:29:49 AM - Software Distribution Service 3.0

RP588: 12/24/2012 11:47:28 AM - System Checkpoint

RP589: 12/24/2012 3:16:59 PM - Software Distribution Service 3.0

RP590: 12/25/2012 12:12:57 AM - Software Distribution Service 3.0

RP591: 12/25/2012 3:11:49 PM - Software Distribution Service 3.0

RP592: 12/26/2012 3:10:54 PM - Software Distribution Service 3.0

RP593: 12/27/2012 6:14:06 AM - Software Distribution Service 3.0

RP594: 12/28/2012 6:40:08 AM - Software Distribution Service 3.0

RP595: 12/29/2012 7:07:15 AM - Software Distribution Service 3.0

RP596: 12/30/2012 7:23:26 AM - System Checkpoint

RP597: 1/1/2013 1:50:03 AM - Software Distribution Service 3.0

RP598: 1/2/2013 12:27:04 AM - Software Distribution Service 3.0

RP599: 1/2/2013 1:56:02 AM - Software Distribution Service 3.0

RP600: 1/3/2013 2:22:27 AM - System Checkpoint

RP601: 1/3/2013 2:32:48 PM - Software Distribution Service 3.0

RP602: 1/3/2013 6:31:03 PM - Software Distribution Service 3.0

RP603: 1/4/2013 6:56:21 PM - Software Distribution Service 3.0

RP604: 1/5/2013 6:56:31 PM - System Checkpoint

RP605: 1/6/2013 2:15:44 PM - Software Distribution Service 3.0

RP606: 1/7/2013 2:17:12 PM - Software Distribution Service 3.0

RP607: 1/8/2013 12:35:34 AM - Software Distribution Service 3.0

RP608: 1/8/2013 2:36:17 PM - Software Distribution Service 3.0

RP609: 1/9/2013 2:36:12 PM - Software Distribution Service 3.0

RP610: 1/10/2013 2:35:36 PM - Software Distribution Service 3.0

RP611: 1/11/2013 3:33:04 PM - System Checkpoint

RP612: 1/11/2013 5:40:38 PM - Software Distribution Service 3.0

RP613: 1/12/2013 6:44:39 AM - Software Distribution Service 3.0

RP614: 1/15/2013 1:29:11 PM - System Checkpoint

RP615: 1/16/2013 1:32:02 PM - Software Distribution Service 3.0

RP616: 1/17/2013 1:28:02 PM - Software Distribution Service 3.0

RP617: 1/18/2013 1:30:10 PM - Software Distribution Service 3.0

RP618: 1/19/2013 1:30:08 PM - Software Distribution Service 3.0

RP619: 1/20/2013 1:31:53 PM - System Checkpoint

RP620: 1/20/2013 4:06:16 PM - Restore Operation

RP621: 1/20/2013 5:14:33 PM - Restore Operation

RP622: 1/21/2013 6:09:29 PM - Software Distribution Service 3.0

RP623: 1/22/2013 6:19:50 PM - System Checkpoint

RP624: 1/22/2013 11:43:25 PM - Software Distribution Service 3.0

RP625: 1/23/2013 11:45:52 AM - Software Distribution Service 3.0

RP626: 1/24/2013 12:09:06 PM - Software Distribution Service 3.0

RP627: 1/25/2013 12:21:24 PM - System Checkpoint

RP628: 1/25/2013 12:52:45 PM - Software Distribution Service 3.0

RP629: 1/26/2013 12:06:41 PM - Software Distribution Service 3.0

RP630: 1/27/2013 11:43:17 AM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Ad-Aware SE Personal

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

AiO_Scan

AiOSoftware

Apple Application Support

Apple Software Update

ArcSoft Panorama Maker 5

BufferChm

CameraDrivers

Canon PhotoRecord

Canon PIXMA iP6000D

Canon PIXMA iP6000D Memory Card Utility

Canon Utilities Easy-PhotoPrint

Compatibility Pack for the 2007 Office system

Copy

CreativeProjects

CreativeProjectsTemplates

CueTour

Destinations

Director

DocProc

DocumentViewer

Easy-WebPrint

Easy Internet Sign-up

Fax

GIMP 2.6.11

Google Earth

Google Update Helper

Hallmark Card Studio 2006 Deluxe

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

HP Deskjet Preloaded Printer Drivers

HP Diagnostic Assistant

HP Image Zone 4.2

HP Image Zone Plus 4.2

HP Organize

HP Photo & Imaging 3.5 - HP Devices

HP Unload DLL Patch

HP Update

hpg2436

hpg3970

hpg4600

hpg5530

hpg8200

HPHDiscovery

HPIZ402

HPODiscovery

HpSdpAppCoreApp

HPSystemDiagnostics

InstantShare

InstantShareAlert

IntelliMover Data Transfer Demo

InterVideo WinDVD Creator 2

Java Auto Updater

Java 6 Update 37

KBD

Learn2 Player (Uninstall Only)

Malwarebytes Anti-Malware version 1.70.0.1100

MathPlayer

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In

Microsoft Office Standard Edition 2003

Microsoft Plus! Dancer LE

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works 7.0

Move Networks Player for Internet Explorer

Mozilla Firefox 18.0 (x86 en-US)

Mozilla Firefox 18.0.1 (x86 en-US)

Mozilla Maintenance Service

MSN

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nikon Message Center 2

Norton Internet Security

PhotoGallery

Photosmart 320,370,7400,8100,8400 Series

Picture Control Utility

PrintScreen

PS2

PSPrinters06

Python 2.2 combined Win32 extensions

Python 2.2.1

QFolder

QuickProjects

Readme

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2779030)

Shutterfly Express Uploader

SkinsHP1

SkinsHP2

TrayApp

Unload

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows Internet Explorer 8 (KB2632503)

Update for Windows Internet Explorer 8 (KB971930)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2492386)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB971029)

Updates from HP

VIA Rhine-Family Fast Ethernet Adapter

Viewpoint Media Player

WebFldrs XP

WebReg

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

.

==== Event Viewer Messages From Past Week ========

.

1/22/2013 7:02:13 AM, error: Dhcp [1002] - The IP address lease 192.168.2.2 for the Network Card with network address 00112FAD7D3C has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

1/22/2013 11:31:30 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service RDSessMgr with arguments "-Service" in order to run the server: {A6A6F92B-26B5-463B-AE0D-5F361B09C171}

1/21/2013 9:25:48 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37

Run by HP_Owner at 12:24:39 on 2013-01-28

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.188 [GMT -6:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ================

.

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\LSI SoftModem\agrsmsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

mStart Page = hxxp://www.msn.com

uProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>

TB: HP view: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll

TB: <No Name>: - LocalServer32 - <no file>

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

uPolicies-Explorer: NoDriveTypeAutoRun = dword:221

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{610CC52D-334C-4546-BF76-DC5F0734E124} : DHCPNameServer = 192.168.2.1

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 193552]

R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2010-11-19 101720]

R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2004-8-7 14336]

S1 ksdgyezd;ksdgyezd; [x]

S1 niqopnmx;niqopnmx; [x]

.

=============== File Associations ===============

.

FileExt: .txt: Applications\WksWP.exe="c:\program files\microsoft works\WksWP.exe" /SHELL "%1" [userChoice]

FileExt: .ini: Applications\shortcut.exe=c:\hp\dticons\shortcut.exe %1 [userChoice]

.

=============== Created Last 30 ================

.

2013-01-28 18:19:18 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{181a02a5-746b-454f-9d11-46552baf2913}\mpengine.dll

2013-01-28 16:30:15 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-28 16:30:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-01-26 18:07:02 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-01-21 17:55:03 -------- d-----w- c:\documents and settings\hp_owner\My Documents.bak

2013-01-21 15:44:58 -------- d-----w- c:\documents and settings\hp_owner\local settings\application data\LogMeIn Rescue Applet

2013-01-21 00:07:08 -------- d-----w- c:\windows\system32\wbem\repository\FS

2013-01-21 00:07:08 -------- d-----w- c:\windows\system32\wbem\Repository

2013-01-20 23:46:40 -------- d-----w- C:\65d00a201a5aef7d160b0ee2dea5

2013-01-20 23:24:23 -------- d-----w- c:\program files\Secunia

2013-01-20 22:55:18 4928 ----a-w- c:\windows\system32\PerfStringBackup.TMP

.

==================== Find3M ====================

.

2013-01-09 12:07:10 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-09 12:07:10 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-06 02:01:39 1371648 ------w- c:\windows\system32\msxml6.dll

2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec

.

============= FINISH: 12:25:33.95 ============

Link to post
Share on other sites

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.


Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Link to post
Share on other sites

Here is the log, I will be unable to respond further until after my shift this evening. Thanks again.

Rkill 2.4.6 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/29/2013 01:37:53 PM in x86 mode.

Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

* HKLM\Software\Classes\.exe\shell found and deleted!

* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!

* HKCU\SOFTWARE\Classes\.exe has been deleted!

* HKCU\SOFTWARE\Classes\exefile has been deleted!

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* DNS Client (Dnscache) is not Running.

Startup Type set to: Manual

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/29/2013 01:39:18 PM

Execution time: 0 hours(s), 1 minute(s), and 25 seconds(s)

Link to post
Share on other sites

ok. When you get back, do the following:

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next un-check Hide protected operating system files.

Step 3

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Click on Scan.
  • Click on Report and copy/paste the content of the notepad into your next reply.

Step 4

Save and close any work documents, close any apps that you started.

Temporarily turn off (disable) your antivirus program

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Quick Scan. i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.

RE-Enable your antivirus program.

Link to post
Share on other sites

I downloaded ERUNT and hopefully it is correct. There was a prompt that said "setup will create shortcuts in the following" it listed Start Menu folder and had a Browse option. I continued with the Start Menu option. Later during install it stated Erunt creates a backup of your registry each time windows is started..backup will be placed into a folder seperated into different creation dates..with the option of yes or no. I selected yes. I then downloaded Rogue Killer from the first link option. Upon running it a notice came up stating "Rogue Killer has encountered a problem and needs to close. Sorry for the inconvenience any information may be lost." Options of Debug and Close. I attempted running it a second time and had the same experience. Both times just before getting the "need to close" option it listed 3 found items. All 3 were were the same.... Key Type - HJ Desk Software\Microsoft\Windows\Curr.. Value {Z0D04F.. Data 1 The only difference was under Global 2 were HKCU the other HKLM. It appeared the scan was still running. I let it go for an hour and there appeared to be no progression. I did not run MBAM and will wait for your direction. Thanks! Hope I haven't gone backwards. The computer remained unused other than printing out your directions. Thanks again. I will wait for your guidance.

Link to post
Share on other sites

Given there is/was a hitch running Roguekiller, put that aside. Close Roguekiller IF it is still open.

Then go ahead and run the MBAM quick scan & copy/paste that log when done.

Step 2

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Link to post
Share on other sites

I posted this A.M. had a few moments before work.. I don't see it here but see a note on the bottom of the reply box "view auto saved" When I clicked on it there was a prompt to restore content. Do you have that or do I need to restore and repaste? I will continue with the abobe instructions.

Link to post
Share on other sites

Saved Content

here is the Mbam report. I will work on the TDS Killer download now.

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.28.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

HP_Owner :: KAREN [administrator]

1/30/2013 9:22:23 AM

mbam-log-2013-01-30 (09-22-23).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 265661

Time elapsed: 7 minute(s), 38 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

It seems my "reply's" are in an "auto save" They do not show in the reply box when I post even after updating my browser. At the bottom of the reply box (on my view) in gray highlights it says "view auto saved content (today, 9:31 AM) Last auto saved 9:40:10 AM

Link to post
Share on other sites

The MBAM scan result is Good.

I found on the desktop a RogueKiller text file with information for "debug". That was the one I tried to post at 6:00 AM. Would you like me to copy and paste it for your review?

Yes. IF the file is too big, then attach this one in a new reply.

Link to post
Share on other sites

I ran TDS Skiller. It scanned 320 objects and found nothing. I clicked on report and it highlighted but it would not copy and paste. I hope I haven't frustrated you... I posted a new topic with your name and the Debug report. Will wait for your response. Thanks again.

Link to post
Share on other sites

umhh Sad to say, but yes, due to your loosing your way to the original main topic AND creating a separate new one....Yes, you are beginning to frustrate me. Why is it so difficult to stay within 1 thread?

1) I need a copy of the TDSSKILLER log:

the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please attach that file here.

2) YOUR only topic thread is this current one http://forums.malwarebytes.org/index.php?showtopic=121812

Please stick with that only.

I had to merge the two into one.

3) Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

  • Close all open windows on the Task Bar. Double Click the otlDesktopIcon.png icon to Start it if on Windows XP (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  • Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
  • It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
  • Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
  • Exit OTL by clicking the X at top right.

Download Security Check by screen317 and save it to your Desktop: here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Then copy/paste the following into your post (in order):
  • the contents of OTL.txt;
  • the contents of Extras.txt ; and
  • the contents of checkup.txt

Be sure to do a Preview prior to pressing Add Reply because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply, unless I ask different.

Edited by Maurice Naggar
Link to post
Share on other sites

I'm hoping this is it. While searching for the report I have more than one TDSS download but this is the only report.

09:57:16.0109 2756 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

09:57:16.0562 2756 ============================================================

09:57:16.0562 2756 Current date / time: 2013/01/30 09:57:16.0562

09:57:16.0562 2756 SystemInfo:

09:57:16.0562 2756

09:57:16.0562 2756 OS Version: 5.1.2600 ServicePack: 3.0

09:57:16.0562 2756 Product type: Workstation

09:57:16.0562 2756 ComputerName: KAREN

09:57:16.0562 2756 UserName: HP_Owner

09:57:16.0562 2756 Windows directory: C:\WINDOWS

09:57:16.0562 2756 System windows directory: C:\WINDOWS

09:57:16.0562 2756 Processor architecture: Intel x86

09:57:16.0562 2756 Number of processors: 1

09:57:16.0562 2756 Page size: 0x1000

09:57:16.0562 2756 Boot type: Normal boot

09:57:16.0562 2756 ============================================================

09:57:18.0578 2756 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054

09:57:18.0906 2756 ============================================================

09:57:18.0906 2756 \Device\Harddisk0\DR0:

09:57:18.0921 2756 MBR partitions:

09:57:18.0921 2756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xB9B911

09:57:18.0921 2756 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB9B950, BlocksNum 0x11E792B0

09:57:18.0921 2756 ============================================================

09:57:18.0953 2756 C: <-> \Device\Harddisk0\DR0\Partition2

09:57:18.0953 2756 D: <-> \Device\Harddisk0\DR0\Partition1

09:57:18.0953 2756 ============================================================

09:57:18.0953 2756 Initialize success

09:57:18.0953 2756 ============================================================

09:57:30.0671 2716 ============================================================

09:57:30.0671 2716 Scan started

09:57:30.0671 2716 Mode: Manual;

09:57:30.0671 2716 ============================================================

09:57:30.0984 2716 ================ Scan system memory ========================

09:57:30.0984 2716 System memory - ok

09:57:30.0984 2716 ================ Scan services =============================

09:57:31.0156 2716 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll

09:57:31.0156 2716 6to4 - ok

09:57:31.0218 2716 Abiosdsk - ok

09:57:31.0234 2716 abp480n5 - ok

09:57:31.0343 2716 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

09:57:31.0343 2716 ACDaemon - ok

09:57:31.0406 2716 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

09:57:31.0406 2716 ACPI - ok

09:57:31.0453 2716 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

09:57:31.0453 2716 ACPIEC - ok

09:57:31.0531 2716 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

09:57:31.0531 2716 AdobeFlashPlayerUpdateSvc - ok

09:57:31.0562 2716 adpu160m - ok

09:57:31.0609 2716 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

09:57:31.0609 2716 aec - ok

09:57:31.0687 2716 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

09:57:31.0687 2716 AFD - ok

09:57:31.0734 2716 [ 9C9D3B7A05445B1AB2DF4D0C4D6B77E8 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe

09:57:31.0734 2716 AgereModemAudio - ok

09:57:31.0812 2716 [ 35C391E40471A0B479328FC7B1B5F40F ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys

09:57:31.0843 2716 AgereSoftModem - ok

09:57:31.0875 2716 Aha154x - ok

09:57:31.0890 2716 aic78u2 - ok

09:57:31.0906 2716 aic78xx - ok

09:57:31.0984 2716 [ FBBCB95F677CBAA924140B6EA2D9A97B ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS

09:57:31.0984 2716 ALCXSENS - ok

09:57:32.0125 2716 [ 8D6C30E515717248E0E52B85FD7AC466 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS

09:57:32.0203 2716 ALCXWDM - ok

09:57:32.0250 2716 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

09:57:32.0250 2716 Alerter - ok

09:57:32.0296 2716 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

09:57:32.0296 2716 ALG - ok

09:57:32.0312 2716 AliIde - ok

09:57:32.0375 2716 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys

09:57:32.0375 2716 AmdK7 - ok

09:57:32.0390 2716 amsint - ok

09:57:32.0406 2716 AppMgmt - ok

09:57:32.0468 2716 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

09:57:32.0468 2716 Arp1394 - ok

09:57:32.0500 2716 asc - ok

09:57:32.0515 2716 asc3350p - ok

09:57:32.0531 2716 asc3550 - ok

09:57:32.0687 2716 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

09:57:32.0703 2716 aspnet_state - ok

09:57:32.0734 2716 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

09:57:32.0734 2716 AsyncMac - ok

09:57:32.0796 2716 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

09:57:32.0796 2716 atapi - ok

09:57:32.0812 2716 Atdisk - ok

09:57:32.0843 2716 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

09:57:32.0843 2716 Atmarpc - ok

09:57:32.0906 2716 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

09:57:32.0906 2716 AudioSrv - ok

09:57:32.0968 2716 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

09:57:32.0968 2716 audstub - ok

09:57:33.0031 2716 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

09:57:33.0031 2716 Beep - ok

09:57:33.0109 2716 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

09:57:33.0109 2716 BITS - ok

09:57:33.0171 2716 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

09:57:33.0234 2716 Browser - ok

09:57:33.0281 2716 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

09:57:33.0281 2716 cbidf2k - ok

09:57:33.0296 2716 cd20xrnt - ok

09:57:33.0343 2716 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

09:57:33.0343 2716 Cdaudio - ok

09:57:33.0390 2716 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

09:57:33.0390 2716 Cdfs - ok

09:57:33.0421 2716 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

09:57:33.0421 2716 Cdrom - ok

09:57:33.0437 2716 Changer - ok

09:57:33.0500 2716 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

09:57:33.0500 2716 CiSvc - ok

09:57:33.0515 2716 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

09:57:33.0515 2716 ClipSrv - ok

09:57:33.0562 2716 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:57:33.0593 2716 clr_optimization_v2.0.50727_32 - ok

09:57:33.0609 2716 CmdIde - ok

09:57:33.0640 2716 COMSysApp - ok

09:57:33.0671 2716 Cpqarray - ok

09:57:33.0718 2716 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

09:57:33.0718 2716 CryptSvc - ok

09:57:33.0734 2716 dac2w2k - ok

09:57:33.0750 2716 dac960nt - ok

09:57:33.0828 2716 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

09:57:33.0843 2716 DcomLaunch - ok

09:57:33.0890 2716 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

09:57:33.0890 2716 Dhcp - ok

09:57:33.0937 2716 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

09:57:33.0937 2716 Disk - ok

09:57:33.0968 2716 dmadmin - ok

09:57:34.0031 2716 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

09:57:34.0062 2716 dmboot - ok

09:57:34.0093 2716 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

09:57:34.0109 2716 dmio - ok

09:57:34.0156 2716 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

09:57:34.0156 2716 dmload - ok

09:57:34.0187 2716 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

09:57:34.0203 2716 dmserver - ok

09:57:34.0234 2716 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

09:57:34.0234 2716 DMusic - ok

09:57:34.0296 2716 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

09:57:34.0296 2716 Dnscache - ok

09:57:34.0343 2716 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

09:57:34.0343 2716 Dot3svc - ok

09:57:34.0375 2716 dpti2o - ok

09:57:34.0406 2716 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

09:57:34.0406 2716 drmkaud - ok

09:57:34.0437 2716 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

09:57:34.0437 2716 EapHost - ok

09:57:34.0500 2716 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

09:57:34.0500 2716 ERSvc - ok

09:57:34.0546 2716 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

09:57:34.0546 2716 Eventlog - ok

09:57:34.0609 2716 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

09:57:34.0625 2716 EventSystem - ok

09:57:34.0656 2716 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

09:57:34.0671 2716 Fastfat - ok

09:57:34.0703 2716 [ 1E580770BDECE924494B368AC980749E ] fasttx2k C:\WINDOWS\system32\DRIVERS\fasttx2k.sys

09:57:34.0703 2716 fasttx2k - ok

09:57:34.0750 2716 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

09:57:34.0765 2716 FastUserSwitchingCompatibility - ok

09:57:34.0812 2716 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe

09:57:34.0828 2716 Fax - ok

09:57:34.0875 2716 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

09:57:34.0875 2716 Fdc - ok

09:57:34.0937 2716 [ CFC4CC73C903152A23E1DB28EABA1F03 ] FETND5BV C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys

09:57:34.0937 2716 FETND5BV - ok

09:57:34.0984 2716 [ B7186B33B6CF3A23841015531E6E7D68 ] FETNDISB C:\WINDOWS\system32\DRIVERS\fetnd5b.sys

09:57:34.0984 2716 FETNDISB - ok

09:57:35.0015 2716 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

09:57:35.0015 2716 Fips - ok

09:57:35.0031 2716 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

09:57:35.0031 2716 Flpydisk - ok

09:57:35.0093 2716 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

09:57:35.0093 2716 FltMgr - ok

09:57:35.0187 2716 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

09:57:35.0187 2716 FontCache3.0.0.0 - ok

09:57:35.0234 2716 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

09:57:35.0234 2716 Fs_Rec - ok

09:57:35.0281 2716 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

09:57:35.0281 2716 Ftdisk - ok

09:57:35.0328 2716 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

09:57:35.0328 2716 Gpc - ok

09:57:35.0406 2716 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

09:57:35.0406 2716 gupdate - ok

09:57:35.0437 2716 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

09:57:35.0437 2716 gupdatem - ok

09:57:35.0515 2716 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

09:57:35.0515 2716 helpsvc - ok

09:57:35.0546 2716 HidServ - ok

09:57:35.0593 2716 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

09:57:35.0593 2716 HidUsb - ok

09:57:35.0625 2716 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

09:57:35.0625 2716 hkmsvc - ok

09:57:35.0656 2716 hpn - ok

09:57:35.0703 2716 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

09:57:35.0718 2716 HTTP - ok

09:57:35.0750 2716 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

09:57:35.0750 2716 HTTPFilter - ok

09:57:35.0765 2716 i2omgmt - ok

09:57:35.0781 2716 i2omp - ok

09:57:35.0828 2716 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

09:57:35.0828 2716 i8042prt - ok

09:57:35.0921 2716 [ 53FDF10A5BAF4F0A345BC5E941392186 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

09:57:35.0937 2716 ialm - ok

09:57:36.0046 2716 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

09:57:36.0046 2716 IDriverT - ok

09:57:36.0140 2716 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

09:57:36.0171 2716 idsvc - ok

09:57:36.0218 2716 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

09:57:36.0218 2716 Imapi - ok

09:57:36.0281 2716 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

09:57:36.0281 2716 ImapiService - ok

09:57:36.0312 2716 ini910u - ok

09:57:36.0359 2716 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

09:57:36.0375 2716 IntelIde - ok

09:57:36.0406 2716 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

09:57:36.0406 2716 intelppm - ok

09:57:36.0437 2716 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

09:57:36.0437 2716 Ip6Fw - ok

09:57:36.0484 2716 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

09:57:36.0484 2716 IpFilterDriver - ok

09:57:36.0500 2716 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

09:57:36.0515 2716 IpInIp - ok

09:57:36.0546 2716 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

09:57:36.0562 2716 IpNat - ok

09:57:36.0609 2716 [ F08D74EC300B8BA60CA953C58A24D19E ] Iprip C:\WINDOWS\System32\iprip.dll

09:57:36.0609 2716 Iprip - ok

09:57:36.0640 2716 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

09:57:36.0640 2716 IPSec - ok

09:57:36.0687 2716 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

09:57:36.0687 2716 IRENUM - ok

09:57:36.0734 2716 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

09:57:36.0734 2716 isapnp - ok

09:57:36.0781 2716 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys

09:57:36.0781 2716 Iviaspi - ok

09:57:36.0875 2716 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

09:57:36.0875 2716 JavaQuickStarterService - ok

09:57:36.0906 2716 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

09:57:36.0906 2716 Kbdclass - ok

09:57:36.0937 2716 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

09:57:36.0953 2716 kmixer - ok

09:57:36.0968 2716 ksdgyezd - ok

09:57:37.0031 2716 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

09:57:37.0031 2716 KSecDD - ok

09:57:37.0093 2716 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

09:57:37.0093 2716 lanmanserver - ok

09:57:37.0156 2716 [ A8888A5327621856C0CEC4E385F69309 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

09:57:37.0156 2716 LanmanWorkstation - ok

09:57:37.0187 2716 lbrtfdc - ok

09:57:37.0250 2716 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

09:57:37.0250 2716 LmHosts - ok

09:57:37.0343 2716 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

09:57:37.0343 2716 MDM - ok

09:57:37.0390 2716 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

09:57:37.0390 2716 Messenger - ok

09:57:37.0437 2716 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

09:57:37.0437 2716 mnmdd - ok

09:57:37.0500 2716 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

09:57:37.0500 2716 mnmsrvc - ok

09:57:37.0562 2716 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

09:57:37.0562 2716 Modem - ok

09:57:37.0593 2716 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

09:57:37.0593 2716 Mouclass - ok

09:57:37.0640 2716 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

09:57:37.0640 2716 mouhid - ok

09:57:37.0671 2716 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

09:57:37.0671 2716 MountMgr - ok

09:57:37.0750 2716 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

09:57:37.0750 2716 MozillaMaintenance - ok

09:57:37.0796 2716 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

09:57:37.0812 2716 MpFilter - ok

09:57:37.0921 2716 [ A69630D039C38018689190234F866D77 ] MpKslc15fe620 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E75ECA9-1285-4C40-8D3A-71C4535CE816}\MpKslc15fe620.sys

09:57:37.0921 2716 MpKslc15fe620 - ok

09:57:37.0937 2716 mraid35x - ok

09:57:37.0984 2716 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

09:57:37.0984 2716 MRxDAV - ok

09:57:38.0078 2716 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

09:57:38.0093 2716 MRxSmb - ok

09:57:38.0156 2716 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

09:57:38.0156 2716 MSDTC - ok

09:57:38.0203 2716 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

09:57:38.0203 2716 Msfs - ok

09:57:38.0234 2716 MSIServer - ok

09:57:38.0281 2716 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

09:57:38.0296 2716 MSKSSRV - ok

09:57:38.0359 2716 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

09:57:38.0375 2716 MsMpSvc - ok

09:57:38.0390 2716 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

09:57:38.0390 2716 MSPCLOCK - ok

09:57:38.0406 2716 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

09:57:38.0406 2716 MSPQM - ok

09:57:38.0468 2716 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

09:57:38.0468 2716 mssmbios - ok

09:57:38.0515 2716 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

09:57:38.0515 2716 Mup - ok

09:57:38.0562 2716 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

09:57:38.0578 2716 napagent - ok

09:57:38.0640 2716 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

09:57:38.0640 2716 NDIS - ok

09:57:38.0687 2716 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

09:57:38.0687 2716 NdisTapi - ok

09:57:38.0718 2716 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

09:57:38.0734 2716 Ndisuio - ok

09:57:38.0750 2716 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

09:57:38.0750 2716 NdisWan - ok

09:57:38.0812 2716 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

09:57:38.0812 2716 NDProxy - ok

09:57:38.0828 2716 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

09:57:38.0843 2716 NetBIOS - ok

09:57:38.0875 2716 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

09:57:38.0875 2716 NetBT - ok

09:57:38.0937 2716 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

09:57:38.0937 2716 NetDDE - ok

09:57:38.0953 2716 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

09:57:38.0953 2716 NetDDEdsdm - ok

09:57:39.0000 2716 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

09:57:39.0000 2716 Netlogon - ok

09:57:39.0078 2716 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

09:57:39.0078 2716 Netman - ok

09:57:39.0171 2716 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:57:39.0171 2716 NetTcpPortSharing - ok

09:57:39.0218 2716 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

09:57:39.0218 2716 NIC1394 - ok

09:57:39.0234 2716 niqopnmx - ok

09:57:39.0281 2716 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

09:57:39.0296 2716 Nla - ok

09:57:39.0328 2716 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys

09:57:39.0328 2716 nm - ok

09:57:39.0359 2716 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

09:57:39.0359 2716 Npfs - ok

09:57:39.0390 2716 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

09:57:39.0421 2716 Ntfs - ok

09:57:39.0453 2716 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

09:57:39.0453 2716 NtLmSsp - ok

09:57:39.0515 2716 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

09:57:39.0531 2716 NtmsSvc - ok

09:57:39.0578 2716 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

09:57:39.0578 2716 Null - ok

09:57:39.0718 2716 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

09:57:39.0781 2716 nv - ok

09:57:39.0812 2716 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

09:57:39.0812 2716 NwlnkFlt - ok

09:57:39.0828 2716 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

09:57:39.0828 2716 NwlnkFwd - ok

09:57:39.0875 2716 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys

09:57:39.0875 2716 NwlnkIpx - ok

09:57:39.0890 2716 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys

09:57:39.0906 2716 NwlnkNb - ok

09:57:39.0937 2716 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys

09:57:39.0937 2716 NwlnkSpx - ok

09:57:39.0984 2716 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

09:57:40.0000 2716 ohci1394 - ok

09:57:40.0046 2716 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:57:40.0046 2716 ose - ok

09:57:40.0109 2716 [ 937A02981F11B2CE96B1D493C95AED2B ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll

09:57:40.0109 2716 p2pgasvc - ok

09:57:40.0187 2716 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll

09:57:40.0218 2716 p2pimsvc - ok

09:57:40.0281 2716 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2psvc C:\WINDOWS\system32\p2psvc.dll

09:57:40.0281 2716 p2psvc - ok

09:57:40.0312 2716 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

09:57:40.0312 2716 Parport - ok

09:57:40.0359 2716 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

09:57:40.0375 2716 PartMgr - ok

09:57:40.0406 2716 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

09:57:40.0406 2716 ParVdm - ok

09:57:40.0437 2716 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

09:57:40.0437 2716 PCI - ok

09:57:40.0453 2716 PCIDump - ok

09:57:40.0500 2716 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

09:57:40.0500 2716 PCIIde - ok

09:57:40.0515 2716 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

09:57:40.0531 2716 Pcmcia - ok

09:57:40.0546 2716 PDCOMP - ok

09:57:40.0562 2716 PDFRAME - ok

09:57:40.0578 2716 PDRELI - ok

09:57:40.0593 2716 PDRFRAME - ok

09:57:40.0671 2716 [ 11ED10B4C3270D07D0B595C6D9845DFD ] PDUiP6000DMemCrdMgr C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe

09:57:41.0265 2716 PDUiP6000DMemCrdMgr - ok

09:57:41.0296 2716 perc2 - ok

09:57:41.0312 2716 perc2hib - ok

09:57:41.0375 2716 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys

09:57:41.0390 2716 Pfc - ok

09:57:41.0406 2716 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

09:57:41.0421 2716 PlugPlay - ok

09:57:41.0468 2716 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll

09:57:41.0484 2716 PNRPSvc - ok

09:57:41.0515 2716 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

09:57:41.0515 2716 PolicyAgent - ok

09:57:41.0562 2716 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

09:57:41.0562 2716 PptpMiniport - ok

09:57:41.0578 2716 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

09:57:41.0593 2716 Processor - ok

09:57:41.0609 2716 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

09:57:41.0609 2716 ProtectedStorage - ok

09:57:41.0656 2716 [ BFFDB363485501A38F0BCA83AEC810DB ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys

09:57:41.0656 2716 Ps2 - ok

09:57:41.0671 2716 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

09:57:41.0687 2716 PSched - ok

09:57:41.0718 2716 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

09:57:41.0718 2716 Ptilink - ok

09:57:41.0765 2716 [ D6AB98DCF05EFE76431414EFB49ED66A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

09:57:41.0781 2716 PxHelp20 - ok

09:57:41.0812 2716 ql1080 - ok

09:57:41.0828 2716 Ql10wnt - ok

09:57:41.0843 2716 ql12160 - ok

09:57:41.0875 2716 ql1240 - ok

09:57:41.0890 2716 ql1280 - ok

09:57:41.0921 2716 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

09:57:41.0921 2716 RasAcd - ok

09:57:41.0968 2716 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

09:57:41.0968 2716 RasAuto - ok

09:57:42.0000 2716 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

09:57:42.0000 2716 Rasl2tp - ok

09:57:42.0062 2716 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

09:57:42.0078 2716 RasMan - ok

09:57:42.0093 2716 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

09:57:42.0109 2716 RasPppoe - ok

09:57:42.0140 2716 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

09:57:42.0140 2716 Raspti - ok

09:57:42.0187 2716 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

09:57:42.0203 2716 Rdbss - ok

09:57:42.0234 2716 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

09:57:42.0234 2716 RDPCDD - ok

09:57:42.0312 2716 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

09:57:42.0312 2716 RDPWD - ok

09:57:42.0375 2716 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

09:57:42.0703 2716 RDSessMgr - ok

09:57:42.0750 2716 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

09:57:42.0750 2716 redbook - ok

09:57:42.0796 2716 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

09:57:42.0812 2716 RemoteAccess - ok

09:57:42.0859 2716 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys

09:57:42.0859 2716 ROOTMODEM - ok

09:57:42.0906 2716 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

09:57:42.0906 2716 RpcLocator - ok

09:57:42.0953 2716 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll

09:57:42.0968 2716 RpcSs - ok

09:57:43.0015 2716 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

09:57:43.0015 2716 RSVP - ok

09:57:43.0062 2716 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS

09:57:43.0062 2716 rtl8139 - ok

09:57:43.0093 2716 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

09:57:43.0093 2716 SamSs - ok

09:57:43.0156 2716 [ B244960E5A1DB8E9D5D17086DE37C1E4 ] sbp2port C:\WINDOWS\system32\DRIVERS\sbp2port.sys

09:57:43.0156 2716 sbp2port - ok

09:57:43.0203 2716 [ 0505DA5D357F18A5D42FC5DEDE6BC9A0 ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys

09:57:43.0203 2716 SBRE - ok

09:57:43.0234 2716 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

09:57:43.0234 2716 SCardSvr - ok

09:57:43.0296 2716 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

09:57:43.0312 2716 Schedule - ok

09:57:43.0359 2716 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

09:57:43.0359 2716 Secdrv - ok

09:57:43.0406 2716 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

09:57:43.0406 2716 seclogon - ok

09:57:43.0437 2716 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

09:57:43.0437 2716 SENS - ok

09:57:43.0468 2716 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

09:57:43.0468 2716 serenum - ok

09:57:43.0531 2716 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

09:57:43.0531 2716 Serial - ok

09:57:43.0578 2716 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

09:57:43.0578 2716 Sfloppy - ok

09:57:43.0656 2716 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

09:57:43.0671 2716 SharedAccess - ok

09:57:43.0703 2716 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

09:57:43.0703 2716 ShellHWDetection - ok

09:57:43.0718 2716 Simbad - ok

09:57:43.0781 2716 [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp C:\WINDOWS\system32\tcpsvcs.exe

09:57:43.0781 2716 SimpTcp - ok

09:57:43.0843 2716 [ 7467E510C81B19A6B590A3868F499B23 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys

09:57:43.0843 2716 SiS315 - ok

09:57:43.0890 2716 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys

09:57:43.0890 2716 SISAGP - ok

09:57:43.0921 2716 [ 14ED728E44B0E7A169217127D8510CA9 ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys

09:57:43.0921 2716 SiSkp - ok

09:57:43.0984 2716 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe

09:57:43.0984 2716 SNMP - ok

09:57:44.0015 2716 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe

09:57:44.0015 2716 SNMPTRAP - ok

09:57:44.0046 2716 Sparrow - ok

09:57:44.0093 2716 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

09:57:44.0093 2716 splitter - ok

09:57:44.0140 2716 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

09:57:44.0140 2716 Spooler - ok

09:57:44.0187 2716 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

09:57:44.0203 2716 sr - ok

09:57:44.0218 2716 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

09:57:44.0234 2716 srservice - ok

09:57:44.0296 2716 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

09:57:44.0328 2716 Srv - ok

09:57:44.0375 2716 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

09:57:44.0375 2716 SSDPSRV - ok

09:57:44.0421 2716 [ 57E6C2D078E633225C3B264D71E5BC47 ] SSKBFD C:\WINDOWS\system32\Drivers\sskbfd.sys

09:57:44.0437 2716 SSKBFD - ok

09:57:44.0468 2716 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys

09:57:44.0484 2716 StillCam - ok

09:57:44.0562 2716 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

09:57:44.0578 2716 stisvc - ok

09:57:44.0625 2716 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

09:57:44.0625 2716 swenum - ok

09:57:44.0656 2716 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

09:57:44.0703 2716 swmidi - ok

09:57:44.0734 2716 SwPrv - ok

09:57:44.0765 2716 symc810 - ok

09:57:44.0781 2716 symc8xx - ok

09:57:44.0812 2716 sym_hi - ok

09:57:44.0828 2716 sym_u3 - ok

09:57:44.0859 2716 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

09:57:44.0859 2716 sysaudio - ok

09:57:44.0906 2716 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

09:57:44.0921 2716 SysmonLog - ok

09:57:44.0968 2716 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

09:57:44.0984 2716 TapiSrv - ok

09:57:45.0046 2716 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

09:57:45.0046 2716 Tcpip - ok

09:57:45.0109 2716 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys

09:57:45.0125 2716 Tcpip6 - ok

09:57:45.0156 2716 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

09:57:45.0156 2716 TDPIPE - ok

09:57:45.0203 2716 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

09:57:45.0203 2716 TDTCP - ok

09:57:45.0234 2716 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

09:57:45.0234 2716 TermDD - ok

09:57:45.0296 2716 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

09:57:45.0312 2716 TermService - ok

09:57:45.0343 2716 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

09:57:45.0359 2716 Themes - ok

09:57:45.0375 2716 TosIde - ok

09:57:45.0406 2716 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

09:57:45.0421 2716 TrkWks - ok

09:57:45.0453 2716 [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys

09:57:45.0578 2716 TrueSight - ok

09:57:45.0640 2716 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys

09:57:45.0640 2716 tunmp - ok

09:57:45.0671 2716 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

09:57:45.0687 2716 Udfs - ok

09:57:45.0703 2716 ultra - ok

09:57:45.0765 2716 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

09:57:45.0781 2716 Update - ok

09:57:45.0828 2716 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

09:57:45.0843 2716 upnphost - ok

09:57:45.0875 2716 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

09:57:45.0875 2716 UPS - ok

09:57:45.0937 2716 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

09:57:45.0937 2716 usbccgp - ok

09:57:46.0000 2716 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

09:57:46.0000 2716 usbehci - ok

09:57:46.0046 2716 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

09:57:46.0062 2716 usbhub - ok

09:57:46.0109 2716 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

09:57:46.0109 2716 usbohci - ok

09:57:46.0125 2716 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

09:57:46.0140 2716 usbprint - ok

09:57:46.0171 2716 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

09:57:46.0187 2716 usbscan - ok

09:57:46.0187 2716 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

09:57:46.0203 2716 USBSTOR - ok

09:57:46.0234 2716 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

09:57:46.0234 2716 usbuhci - ok

09:57:46.0265 2716 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

09:57:46.0265 2716 VgaSave - ok

09:57:46.0312 2716 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys

09:57:46.0312 2716 viaagp1 - ok

09:57:46.0375 2716 [ 45489356501EC6CBB789DECE991D393F ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys

09:57:46.0390 2716 viagfx - ok

09:57:46.0421 2716 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys

09:57:46.0421 2716 ViaIde - ok

09:57:46.0437 2716 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

09:57:46.0453 2716 VolSnap - ok

09:57:46.0500 2716 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

09:57:46.0515 2716 VSS - ok

09:57:46.0562 2716 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

09:57:46.0578 2716 W32Time - ok

09:57:46.0640 2716 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

09:57:46.0640 2716 Wanarp - ok

09:57:46.0687 2716 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys

09:57:46.0687 2716 wanatw - ok

09:57:46.0734 2716 [ EB9A99AB5D17B1727034FF191E6448D7 ] WANMiniportService C:\WINDOWS\wanmpsvc.exe

09:57:47.0171 2716 WANMiniportService - ok

09:57:47.0187 2716 WDICA - ok

09:57:47.0218 2716 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

09:57:47.0218 2716 wdmaud - ok

09:57:47.0281 2716 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

09:57:47.0281 2716 WebClient - ok

09:57:47.0375 2716 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

09:57:47.0375 2716 winmgmt - ok

09:57:47.0437 2716 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

09:57:47.0437 2716 WmdmPmSN - ok

09:57:47.0500 2716 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

09:57:47.0500 2716 WmiApSrv - ok

09:57:47.0609 2716 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

09:57:47.0640 2716 WMPNetworkSvc - ok

09:57:47.0687 2716 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

09:57:47.0687 2716 WS2IFSL - ok

09:57:47.0734 2716 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

09:57:47.0750 2716 wscsvc - ok

09:57:47.0765 2716 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

09:57:47.0781 2716 wuauserv - ok

09:57:47.0812 2716 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

09:57:47.0812 2716 WudfPf - ok

09:57:47.0843 2716 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

09:57:47.0843 2716 WudfRd - ok

09:57:47.0890 2716 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

09:57:47.0906 2716 WudfSvc - ok

09:57:47.0984 2716 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

09:57:48.0000 2716 WZCSVC - ok

09:57:48.0046 2716 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

09:57:48.0140 2716 xmlprov - ok

09:57:48.0171 2716 ================ Scan global ===============================

09:57:48.0218 2716 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

09:57:48.0281 2716 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

09:57:48.0328 2716 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

09:57:48.0359 2716 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

09:57:48.0359 2716 [Global] - ok

09:57:48.0375 2716 ================ Scan MBR ==================================

09:57:48.0390 2716 [ BAD0263FBE81B49F5F07B32DC9D198B3 ] \Device\Harddisk0\DR0

09:57:48.0546 2716 \Device\Harddisk0\DR0 - ok

09:57:48.0546 2716 ================ Scan VBR ==================================

09:57:48.0562 2716 [ D7F8C25131D3FEF1A9316238F7E6EBC9 ] \Device\Harddisk0\DR0\Partition1

09:57:48.0562 2716 \Device\Harddisk0\DR0\Partition1 - ok

09:57:48.0578 2716 [ 37AF56104BFF51A5615013BE74E26038 ] \Device\Harddisk0\DR0\Partition2

09:57:48.0578 2716 \Device\Harddisk0\DR0\Partition2 - ok

09:57:48.0593 2716 ============================================================

09:57:48.0593 2716 Scan finished

09:57:48.0593 2716 ============================================================

09:57:48.0625 2872 Detected object count: 0

09:57:48.0625 2872 Actual detected object count: 0

10:01:07.0718 2704 Deinitialize success

Link to post
Share on other sites

OK. Much better. The TDSSKILLER tool detected nothing. A very good indicator.

Please do proceed with rest of what I outlined before. I need to see OTL.txt, Extras.txt, and Checkup.txt.

Also, when you have a quiet moment, without distractions:

Press Start button, then select RUN

type in

explorer.exe

press Enter key to proceed.

Windows Explorer will start.

Navigate to this folder c:\documents and settings\hp_owner\My Documents.bak

Don't make changes. I need for you to tell me if you see your documents, your files in there ?

Link to post
Share on other sites

OTL logfile created on: 1/30/2013 11:24:19 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Owner\My Documents\Downloads

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.48 Mb Total Physical Memory | 199.72 Mb Available Physical Memory | 44.63% Memory free

1.69 Gb Paging File | 1.51 Gb Available in Paging File | 89.53% Paging File free

Paging file location(s): C:\pagefile.sys 1344 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 143.24 Gb Total Space | 79.57 Gb Free Space | 55.55% Space Free | Partition Type: NTFS

Drive D: | 5.79 Gb Total Space | 0.77 Gb Free Space | 13.23% Space Free | Partition Type: FAT32

Computer Name: KAREN | User Name: HP_Owner | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/30 11:21:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\My Documents\Downloads\OTL.exe

PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2008/08/26 18:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe

PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2004/05/27 19:50:06 | 000,045,056 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2013/01/21 13:11:14 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/01/09 06:07:11 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2008/08/26 18:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2008/04/13 18:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)

SRV - [2008/04/13 18:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)

SRV - [2004/05/27 19:50:06 | 000,045,056 | ---- | M] (CANON INC.) [Auto | Running] -- C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe -- (PDUiP6000DMemCrdMgr)

SRV - [2003/08/27 10:27:44 | 000,065,536 | ---- | M] (America Online, Inc.) [Disabled | Stopped] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (niqopnmx)

DRV - File not found [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E75ECA9-1285-4C40-8D3A-71C4535CE816}\MpKslc15fe620.sys -- (MpKslc15fe620)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (ksdgyezd)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2013/01/29 20:13:10 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)

DRV - [2011/06/28 17:13:40 | 000,101,720 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)

DRV - [2010/02/11 06:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2008/10/29 19:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2008/05/28 10:02:16 | 000,020,848 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sskbfd.sys -- (SSKBFD)

DRV - [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008/04/13 12:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)

DRV - [2004/10/01 09:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)

DRV - [2004/08/04 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2004/08/04 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2004/07/19 18:33:14 | 000,218,112 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)

DRV - [2004/07/17 05:20:34 | 000,012,160 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)

DRV - [2003/12/12 07:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)

DRV - [2003/12/02 19:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Fasttx2k.sys -- (fasttx2k)

DRV - [2003/09/19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)

DRV - [2003/07/18 17:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)

DRV - [2003/07/02 12:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)

DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)

DRV - [2002/10/04 18:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)

DRV - [2001/06/04 07:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.bing.com [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {9DDA0B46-23D5-4225-B58A-C7BEACC011CA}

IE - HKCU\..\SearchScopes\{9DDA0B46-23D5-4225-B58A-C7BEACC011CA}: "URL" = http://www.google.co...utputEncoding?}

IE - HKCU\..\SearchScopes\{E51FCAA8-FF6C-437B-8E4F-CC143C781CB2}: "URL" = http://search.avg.co...e}&iy=&ychte=us

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1

FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Documents and Settings\HP_Owner\My Documents\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Documents and Settings\HP_Owner\My Documents\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Documents and Settings\HP_Owner\My Documents.bak\components [2013/01/21 13:11:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Documents and Settings\HP_Owner\My Documents.bak\plugins

[2011/08/11 16:23:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Extensions

[2012/10/23 16:26:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\cv97o9qa.default\extensions

[2013/01/21 11:56:41 | 000,000,000 | ---D | M] (Java Console) -- C:\DOCUMENTS AND SETTINGS\HP_OWNER\MY DOCUMENTS.BAK\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2013/01/21 11:56:42 | 000,000,000 | ---D | M] (Java Console) -- C:\DOCUMENTS AND SETTINGS\HP_OWNER\MY DOCUMENTS.BAK\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

O1 HOSTS File: ([2011/07/26 09:42:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.

O3 - HKCU\..\Toolbar\ShellBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)

O3 - HKCU\..\Toolbar\WebBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)

O4 - Startup: C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{610CC52D-334C-4546-BF76-DC5F0734E124}: DhcpNameServer = 192.168.2.1

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/10/26 10:16:24 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/29 20:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Desktop\RK_Quarantine

[2013/01/29 19:40:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT

[2013/01/29 19:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT

[2013/01/28 10:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/01/28 10:30:15 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013/01/28 10:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2013/01/22 12:29:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner\My Documents\My Videos

[2013/01/22 12:29:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner\My Documents\My Music

[2013/01/22 12:29:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites

[2013/01/22 12:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\My Documents\Downloads

[2013/01/21 11:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\My Documents.bak

[2013/01/21 09:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\LogMeIn Rescue Applet

[2013/01/20 19:51:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner\My Documents\My Pictures

[2013/01/20 17:46:40 | 000,000,000 | ---D | C] -- C:\65d00a201a5aef7d160b0ee2dea5

[2013/01/20 17:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Shutterfly

[2013/01/20 17:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia

[2013/01/20 16:12:29 | 000,000,000 | ---D | C] -- C:\Config.Msi

[2013/01/20 16:02:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner\My Documents

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[174 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

[160 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/30 10:59:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/01/30 10:15:51 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/30 10:06:47 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/30 10:05:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/29 20:13:10 | 000,015,616 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys

[2013/01/29 19:46:39 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

[2013/01/29 19:40:14 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\HP_Owner\Desktop\NTREGOPT.lnk

[2013/01/29 19:40:14 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\HP_Owner\Desktop\ERUNT.lnk

[2013/01/29 19:24:41 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A42F3538-B6AA-453E-A234-9E1D7D8C8AFC}.job

[2013/01/29 13:02:09 | 000,047,104 | ---- | M] () -- C:\Documents and Settings\HP_Owner\Desktop\attach.wps

[2013/01/28 10:30:19 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/22 15:01:53 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\Resume 2013.rtf.wps

[2013/01/22 15:01:23 | 000,010,862 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\Resume 2013.rtf

[2013/01/22 12:10:21 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\HP_Owner\Desktop\HiJackThis.lnk

[2013/01/21 18:35:16 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\HP_Owner\Desktop\Shortcut to firefox.lnk

[2013/01/20 18:08:12 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/20 16:55:22 | 000,476,038 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/20 16:55:22 | 000,086,720 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/12 06:54:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/09 06:07:10 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013/01/09 06:07:10 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013/01/05 23:34:35 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[174 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

[160 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/29 20:00:44 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys

[2013/01/29 19:46:39 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

[2013/01/29 19:40:14 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Desktop\NTREGOPT.lnk

[2013/01/29 19:40:14 | 000,000,603 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Desktop\ERUNT.lnk

[2013/01/29 13:02:08 | 000,047,104 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Desktop\attach.wps

[2013/01/28 10:30:19 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/22 15:01:53 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\Resume 2013.rtf.wps

[2013/01/22 15:01:22 | 000,010,862 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\Resume 2013.rtf

[2013/01/21 18:35:16 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Desktop\Shortcut to firefox.lnk

[2013/01/21 11:56:53 | 000,012,082 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\Ken 2012.rtf

[2012/10/18 11:08:41 | 000,000,909 | ---- | C] () -- C:\Documents and Settings\HP_Owner\.recently-used.xbel

[2012/02/15 07:22:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011/07/26 09:14:27 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011/07/26 09:14:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011/07/26 09:14:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011/07/26 09:14:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011/07/26 09:14:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011/06/24 17:11:47 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat

[2011/06/24 17:11:47 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat

[2011/05/24 00:43:10 | 000,021,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2011/05/23 07:28:15 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/05/02 09:18:05 | 000,014,108 | -HS- | C] () -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\23632tqd15c66kbesf6gf6o1531yloq3la6gi1ul1ms60n2

[2011/05/02 09:18:05 | 000,014,108 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\23632tqd15c66kbesf6gf6o1531yloq3la6gi1ul1ms60n2

[2009/06/26 15:10:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Owner\bookmark.htm

[2009/06/26 15:07:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Owner\attrib

[2006/12/24 20:38:07 | 000,248,593 | ---- | C] () -- C:\Documents and Settings\HP_Owner\.fonts.cache-1

[2005/01/08 02:23:35 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2004/11/22 12:25:16 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/07 13:33:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/28 22:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2010/11/22 09:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2012/03/19 19:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2013/01/20 16:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2010/11/16 07:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2011/05/24 00:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2012/01/30 21:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit

[2013/01/20 16:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCA21C.tmp

[2012/03/19 18:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2006/01/02 10:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies

[2011/12/29 18:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon

[2013/01/20 16:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!

[2013/01/20 16:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2009/04/19 14:50:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8AE45C14-3559-45A6-AF34-03CE304FA276}

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 1/30/2013 11:24:19 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Owner\My Documents\Downloads

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.48 Mb Total Physical Memory | 199.72 Mb Available Physical Memory | 44.63% Memory free

1.69 Gb Paging File | 1.51 Gb Available in Paging File | 89.53% Paging File free

Paging file location(s): C:\pagefile.sys 1344 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 143.24 Gb Total Space | 79.57 Gb Free Space | 55.55% Space Free | Partition Type: NTFS

Drive D: | 5.79 Gb Total Space | 0.77 Gb Free Space | 13.23% Space Free | Partition Type: FAT32

Computer Name: KAREN | User Name: HP_Owner | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Documents and Settings\HP_Owner\My Documents.bak\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer

"C:\Program Files\SysTracker Server\STServer.exe" = C:\Program Files\SysTracker Server\STServer.exe:*:Enabled:SysTracker - Server -- (SEPAMA Software)

"C:\Program Files\Secunia\PSI\psi.exe" = C:\Program Files\Secunia\PSI\psi.exe:*:Enabled:Secunia PSI

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert

"{0861E87B-24D7-4E7C-B11B-54F86E5C5199}" = hpg8200

"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE

"{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo

"{14B4E017-ACDF-4DB0-9D94-8988F5F0145A}" = hpg4600

"{15B9DC72-73F9-4d99-9E28-848D66DA8D99}" = HP Photo & Imaging 3.5 - HP Devices

"{1A103D70-5C9B-4E1A-B306-5106C68F9914}" = Microsoft Plus! Dancer LE

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan

"{20CF99FC-2CE7-4AA4-966E-A4B11C0662B4}" = hpg3970

"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant

"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax

"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 37

"{29B39FB2-5ADF-4F94-BC82-13942871DD0D}" = CameraDrivers

"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects

"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2

"{32F66A20-7614-11D4-BD11-00104BD3F987}" = MathPlayer

"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35F768BD-330E-4A2C-89C5-A38B588AF08D}" = Canon PIXMA iP6000D Memory Card Utility

"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy

"{3AEF2F6C-F1D3-47CD-BF3B-A327F1FABE58}" = PSPrinters06

"{3B901CB2-9DAF-43FC-BDD2-4149AF19381C}" = Hallmark Card Studio 2006 Deluxe

"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics

"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5E1494D4-3562-4FFB-B35C-600F80F6934C}" = HP Image Zone Plus 4.2

"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR

"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7CD0118B-FE1C-6513-7FCC-2D4BC220DD1F}" = Shutterfly Express Uploader

"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility

"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D9768AE-DE42-4A04-A461-2361A58C384D}" = HPIZ402

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1

"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects

"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen

"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery

"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}" = Photosmart 320,370,7400,8100,8400 Series

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)

"{AD17BC8E-4A5D-4E59-8640-10DF36E9EB75}" = hpg5530

"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update

"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2

"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc

"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director

"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates

"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer

"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2

"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare

"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C4A978A3-CAE4-4856-89D5-696498A7B8F7}" = HPODiscovery

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = HP Organize

"{D885E48B-80E2-47FC-A923-C2317F9FF845}" = Norton Internet Security

"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord

"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp

"{E2EFF20D-30BF-4907-B1FD-B7EBCED798D6}" = HPHDiscovery

"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm

"{ED869D8B-6C7E-44C7-9F2F-BD5436849C61}" = hpg2436

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5

"{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers

"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations

"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg

"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour

"Ad-Aware SE Personal" = Ad-Aware SE Personal

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"BackWeb-309731 Uninstaller" = Updates from HP

"CANONBJ_Deinstall_CNMCP69.DLL" = Canon PIXMA iP6000D

"com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader

"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint

"Easy-WebPrint" = Easy-WebPrint

"ERUNT_is1" = ERUNT 1.1j

"HP Photo & Imaging" = HP Image Zone 4.2

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie8" = Windows Internet Explorer 8

"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Security Client" = Microsoft Security Essentials

"Move Networks Player_is1" = Move Networks Player for Internet Explorer

"Mozilla Firefox 18.0 (x86 en-US)" = Mozilla Firefox 18.0 (x86 en-US)

"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MSNINST" = MSN

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"PS2" = PS2

"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions

"Python 2.2.1" = Python 2.2.1

"StreetPlugin" = Learn2 Player (Uninstall Only)

"ViewpointMediaPlayer" = Viewpoint Media Player

"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinGimp-2.0_is1" = GIMP 2.6.11

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 1/20/2013 6:55:15 PM | Computer Name = KAREN | Source = LoadPerf | ID = 3001

Description = The performance counter name string value in the registry is incorrectly

formatted.

The bogus string is 13676, the bogus index value is the first DWORD in Data section

while the last valid index values are the second and third DWORD in Data section.

Error - 1/20/2013 6:55:15 PM | Computer Name = KAREN | Source = LoadPerf | ID = 3011

Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)

failed. The Error code is the first DWORD in Data section.

Error - 1/20/2013 6:55:22 PM | Computer Name = KAREN | Source = LoadPerf | ID = 3001

Description = The performance counter name string value in the registry is incorrectly

formatted.

The bogus string is 13676, the bogus index value is the first DWORD in Data section

while the last valid index values are the second and third DWORD in Data section.

Error - 1/21/2013 12:15:44 PM | Computer Name = KAREN | Source = MsiInstaller | ID = 11706

Description = Product: DocumentViewer -- Error 1706.No valid source could be found

for product DocumentViewer. The Windows Installer cannot continue.

Error - 1/28/2013 12:29:08 PM | Computer Name = KAREN | Source = MPSampleSubmission | ID = 5000

Description =

Error - 1/29/2013 3:35:18 PM | Computer Name = KAREN | Source = MPSampleSubmission | ID = 5000

Description =

Error - 1/29/2013 10:01:33 PM | Computer Name = KAREN | Source = Application Error | ID = 1000

Description = Faulting application roguekiller.exe, version 8.4.3.0, faulting module

roguekiller.exe, version 8.4.3.0, fault address 0x001162c7.

Error - 1/29/2013 10:14:23 PM | Computer Name = KAREN | Source = Application Error | ID = 1000

Description = Faulting application roguekiller.exe, version 8.4.3.0, faulting module

roguekiller.exe, version 8.4.3.0, fault address 0x001162c7.

Error - 1/30/2013 11:21:59 AM | Computer Name = KAREN | Source = MPSampleSubmission | ID = 5000

Description =

[ Application Events ]

Error - 1/20/2013 6:55:15 PM | Computer Name = KAREN | Source = LoadPerf | ID = 3001

Description = The performance counter name string value in the registry is incorrectly

formatted.

The bogus string is 13676, the bogus index value is the first DWORD in Data section

while the last valid index values are the second and third DWORD in Data section.

Error - 1/20/2013 6:55:15 PM | Computer Name = KAREN | Source = LoadPerf | ID = 3011

Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)

failed. The Error code is the first DWORD in Data section.

Error - 1/20/2013 6:55:22 PM | Computer Name = KAREN | Source = LoadPerf | ID = 3001

Description = The performance counter name string value in the registry is incorrectly

formatted.

The bogus string is 13676, the bogus index value is the first DWORD in Data section

while the last valid index values are the second and third DWORD in Data section.

Error - 1/21/2013 12:15:44 PM | Computer Name = KAREN | Source = MsiInstaller | ID = 11706

Description = Product: DocumentViewer -- Error 1706.No valid source could be found

for product DocumentViewer. The Windows Installer cannot continue.

Error - 1/28/2013 12:29:08 PM | Computer Name = KAREN | Source = MPSampleSubmission | ID = 5000

Description =

Error - 1/29/2013 3:35:18 PM | Computer Name = KAREN | Source = MPSampleSubmission | ID = 5000

Description =

Error - 1/29/2013 10:01:33 PM | Computer Name = KAREN | Source = Application Error | ID = 1000

Description = Faulting application roguekiller.exe, version 8.4.3.0, faulting module

roguekiller.exe, version 8.4.3.0, fault address 0x001162c7.

Error - 1/29/2013 10:14:23 PM | Computer Name = KAREN | Source = Application Error | ID = 1000

Description = Faulting application roguekiller.exe, version 8.4.3.0, faulting module

roguekiller.exe, version 8.4.3.0, fault address 0x001162c7.

Error - 1/30/2013 11:21:59 AM | Computer Name = KAREN | Source = MPSampleSubmission | ID = 5000

Description =

[ System Events ]

Error - 1/29/2013 8:31:29 AM | Computer Name = KAREN | Source = Tcpip | ID = 4199

Description = The system detected an address conflict for IP address 192.168.2.2

with the system having network hardware address 68:94:23:AE:88:A5. Network operations

on this system may be disrupted as a result.

Error - 1/29/2013 8:31:29 AM | Computer Name = KAREN | Source = Tcpip | ID = 4199

Description = The system detected an address conflict for IP address 192.168.2.2

with the system having network hardware address 68:94:23:AE:88:A5. Network operations

on this system may be disrupted as a result.

Error - 1/29/2013 9:20:37 PM | Computer Name = KAREN | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service RDSessMgr with

arguments "-Service" in order to run the server: {A6A6F92B-26B5-463B-AE0D-5F361B09C171}

Error - 1/29/2013 9:21:06 PM | Computer Name = KAREN | Source = DCOM | ID = 10010

Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register

with DCOM within the required timeout.

Error - 1/29/2013 9:26:56 PM | Computer Name = KAREN | Source = Print | ID = 6161

Description = The document Documents moved, updates/downloads duplicated, email

problems.. - Malwarebytes Forum owned by HP_Owner failed to print on printer Canon

PIXMA iP6000D. Data type: NT EMF 1.008. Size of the spool file in bytes: 6843852.

Number of bytes printed: 4474856. Total number of pages in the document: 12. Number

of pages printed: 0. Client machine: \\KAREN. Win32 error code returned by the

print processor: 0 (0x0).

Error - 1/29/2013 9:29:01 PM | Computer Name = KAREN | Source = Print | ID = 6161

Description = The document Documents moved, updates/downloads duplicated, email

problems.. - Malwarebytes Forum owned by HP_Owner failed to print on printer Canon

PIXMA iP6000D. Data type: NT EMF 1.008. Size of the spool file in bytes: 6844344.

Number of bytes printed: 4902176. Total number of pages in the document: 12. Number

of pages printed: 0. Client machine: \\KAREN. Win32 error code returned by the

print processor: 0 (0x0).

Error - 1/30/2013 7:24:53 AM | Computer Name = KAREN | Source = DCOM | ID = 10010

Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register

with DCOM within the required timeout.

Error - 1/30/2013 7:24:58 AM | Computer Name = KAREN | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service RDSessMgr with

arguments "-Service" in order to run the server: {A6A6F92B-26B5-463B-AE0D-5F361B09C171}

Error - 1/30/2013 10:55:01 AM | Computer Name = KAREN | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service RDSessMgr with

arguments "-Service" in order to run the server: {A6A6F92B-26B5-463B-AE0D-5F361B09C171}

Error - 1/30/2013 12:06:41 PM | Computer Name = KAREN | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service RDSessMgr with

arguments "-Service" in order to run the server: {A6A6F92B-26B5-463B-AE0D-5F361B09C171}

< End of report >

Results of screen317's Security Check version 0.99.57

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Norton Internet Security

Microsoft Security Essentials

`````````Anti-malware/Other Utilities Check:`````````

Ad-Aware

Malwarebytes Anti-Malware version 1.70.0.1100

Java™ 6 Update 37

Java version out of Date!

Adobe Flash Player 11.5.502.146

Adobe Reader 10.1.4 Adobe Reader out of Date!

Mozilla Firefox (18.0.1)

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Ad-Aware AAWService.exe is disabled!

Ad-Aware AAWTray.exe is disabled!

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 7%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.