Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Autocad lt 2007 stopped launching

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 1st, 2012, 6:53 pm

Hi Maxi,
Performed ASWMBR scan and fix. Log report follows:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-28 10:20:50
-----------------------------
10:20:50.109 OS Version: Windows 5.1.2600 Service Pack 3
10:20:50.109 Number of processors: 2 586 0xE08
10:20:50.109 ComputerName: DELL UserName: FAR
10:21:09.921 Initialize success
10:21:48.125 AVAST engine defs: 12042800
10:23:53.578 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:23:53.578 Disk 0 Vendor: ST98823AS 8.03 Size: 74881MB BusType: 3
10:23:54.875 Disk 0 MBR read successfully
10:23:54.875 Disk 0 MBR scan
10:23:54.875 Disk 0 unknown MBR code
10:23:54.875 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
10:23:54.890 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71751 MB offset 96390
10:23:54.921 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 147042945
10:23:54.953 Disk 0 scanning sectors +153340425
10:23:54.984 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
10:23:54.984 Disk 0 PE file @ sector 153340450 !
10:23:55.046 Disk 0 scanning C:\WINDOWS\system32\drivers
10:24:08.546 Service scanning
10:24:24.906 Modules scanning
10:24:54.703 Disk 0 trace - called modules:
10:24:54.781 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:24:54.781 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87175ab8]
10:24:54.781 3 CLASSPNP.SYS[f75d1fd7] -> nt!IofCallDriver -> \Device\00000075[0x87178510]
10:24:54.781 5 ACPI.sys[f7468620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x871d3940]
10:24:55.328 AVAST engine scan C:\WINDOWS
10:25:03.968 AVAST engine scan C:\WINDOWS\system32
10:38:15.671 AVAST engine scan C:\WINDOWS\system32\drivers
10:38:34.937 AVAST engine scan C:\Documents and Settings\FAR
10:40:53.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
10:40:53.937 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"
10:42:37.171 File: C:\Documents and Settings\FAR\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll **HIDDEN**
10:42:37.468 File: C:\Documents and Settings\FAR\Application Data\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe **HIDDEN**
10:42:37.656 File: C:\Documents and Settings\FAR\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe **HIDDEN**
10:42:54.671 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-72568e8b-n\decora-d3d.dll **HIDDEN**
10:42:54.921 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-72568e8b-n\decora-sse.dll **HIDDEN**
10:42:58.156 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\jmc.dll **HIDDEN**
10:42:58.421 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\msvcp71.dll **HIDDEN**
10:42:58.750 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\msvcr71.dll **HIDDEN**
10:42:59.406 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3fe765a8-n\decora-d3d.dll **HIDDEN**
10:42:59.578 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3fe765a8-n\decora-sse.dll **HIDDEN**
10:43:00.781 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\jmc.dll **HIDDEN**
10:43:01.109 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\msvcp71.dll **HIDDEN**
10:43:01.281 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\msvcr71.dll **HIDDEN**
10:43:02.734 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\jre1.6.0_22\gtapi.dll **HIDDEN**
10:43:03.062 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\jre1.6.0_22\lzma.dll **HIDDEN**
10:43:05.812 File: C:\Documents and Settings\FAR\Desktop\aswMBR.exe **HIDDEN**
10:43:06.171 File: C:\Documents and Settings\FAR\Desktop\ccsetup317.exe **HIDDEN**
10:43:06.359 File: C:\Documents and Settings\FAR\Desktop\CIT207355-HPCOM-PATCH-v8.exe **HIDDEN**
10:43:06.500 File: C:\Documents and Settings\FAR\Desktop\cnet2_MyDefrag-v4_3_1_exe.exe **HIDDEN**
10:43:06.671 File: C:\Documents and Settings\FAR\Desktop\COL9278.exe **HIDDEN**
10:43:06.812 File: C:\Documents and Settings\FAR\Desktop\dds.com **HIDDEN**
10:43:06.984 File: C:\Documents and Settings\FAR\Desktop\dds.scr **HIDDEN**
10:43:07.218 File: C:\Documents and Settings\FAR\Desktop\Dial-a-fix-v0.60.0.24\Dial-a-fix-v0.60.0.24\Dial-a-fix.exe **HIDDEN**
10:43:07.359 File: C:\Documents and Settings\FAR\Desktop\Dial-a-fix-v0.60.0.24\Dial-a-fix-v0.60.0.24\secedit.exe **HIDDEN**
10:43:07.531 File: C:\Documents and Settings\FAR\Desktop\erunt\AUTOBACK.EXE **HIDDEN**
10:43:07.640 File: C:\Documents and Settings\FAR\Desktop\erunt\ERDNT.E_E **HIDDEN**
10:43:07.828 File: C:\Documents and Settings\FAR\Desktop\erunt\ERUNT.EXE **HIDDEN**
10:43:08.078 File: C:\Documents and Settings\FAR\Desktop\erunt\NTREGOPT.EXE **HIDDEN**
10:43:08.359 File: C:\Documents and Settings\FAR\Desktop\erunt-setup.exe **HIDDEN**
10:43:09.000 File: C:\Documents and Settings\FAR\Desktop\jre-6u31-windows-i586.exe **HIDDEN**
10:43:09.031 File: C:\Documents and Settings\FAR\Desktop\mbam-setup-1.46.exe **HIDDEN**
10:43:09.156 File: C:\Documents and Settings\FAR\Desktop\OnlineArmor_Setup_Free.exe **HIDDEN**
10:43:09.375 File: C:\Documents and Settings\FAR\Desktop\PSISetup.exe **HIDDEN**
10:43:09.421 File: C:\Documents and Settings\FAR\Desktop\QuickTimeInstaller.exe **HIDDEN**
10:43:09.531 File: C:\Documents and Settings\FAR\Desktop\RSIT.exe **HIDDEN**
10:43:09.687 File: C:\Documents and Settings\FAR\Desktop\TFC.exe **HIDDEN**
10:43:09.765 File: C:\Documents and Settings\FAR\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe **HIDDEN**
10:43:10.031 File: C:\Documents and Settings\FAR\Desktop\WindowsXP-KB942288-v3-x86.exe **HIDDEN**
10:43:10.234 File: C:\Documents and Settings\FAR\Desktop\wlsetup-web.exe **HIDDEN**
10:43:10.421 File: C:\Documents and Settings\FAR\Desktop\wpsetup.exe **HIDDEN**
10:43:44.312 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ar-EG\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:44.750 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\cs\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.156 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\da\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.578 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\de\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.Core.dll **HIDDEN**
10:43:46.281 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.ISOImage.dll **HIDDEN**
10:43:46.656 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.Localization.dll **HIDDEN**
10:43:47.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\DellDriverDownloadManager.exe **HIDDEN**
10:43:47.718 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\el\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:48.187 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\en-US\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:48.640 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\es\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fi\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.437 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fr\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fr-CA\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:50.312 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\he\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:50.703 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\hu\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:51.203 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Interop.IWshRuntimeLibrary.dll **HIDDEN**
10:43:51.609 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\it\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.015 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ja\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.468 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ko\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.828 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\nl\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\no\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.515 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\pl\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\pt-BR\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:54.359 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ro\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:54.781 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ru\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:55.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\stdole.dll **HIDDEN**
10:43:55.625 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\sv\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:56.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\tr\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:56.421 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Xceed.Compression.dll **HIDDEN**
10:43:56.890 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\zh-CN\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:57.343 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\zh-TW\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:57.968 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..ager_c8a6012355de1b2d_0004.0050_none_ec66d2575893ec7f\DellDriverDownloadManager.exe **HIDDEN**
10:43:58.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..core_c8a6012355de1b2d_0004.0050_none_b1600ccfe933d7dc\Dell.eSupport.DownloadManager.Core.dll **HIDDEN**
10:43:58.359 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..mage_c8a6012355de1b2d_0004.0050_none_2820c010b7539cc3\Dell.eSupport.DownloadManager.ISOImage.dll **HIDDEN**
10:43:58.562 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ar-eg_a1dd90878fa074ee\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:58.765 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_cs_d170cc65a7eedb5a\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:58.968 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_da_d2a4f22ba713e8ef\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.187 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_de_d279b27ba73458b3\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.390 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_el_d29f8a35a72420d1\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.593 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_en-us_33d2ca03565a4a72\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.796 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_es_d253dac1a75ce468\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.000 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fi_d3318127a6c2d185\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.203 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fr-ca_cecbe7304e2bb89f\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.406 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fr_d2d031dba70bccfe\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.625 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_he_d43fcf33a6106acf\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.828 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_hu_d392d073a69229df\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.031 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_it_d40f278da6411275\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.218 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ja_d54e1d3fa55e0419\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.421 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ko_d5284585a5868fce\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.640 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_nl_d69d4ad3a4934990\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.843 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_no_d67cdb0fa4ab9d63\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_pl_d780592fa401529e\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.250 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_pt-br_356f0087c30e4811\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.453 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ro_d842f7c7a387af7f\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.671 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ru_d802183fa3b85725\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.875 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_sv_d868cf81a377779d\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.078 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_tr_d905965fa30e0c60\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.265 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_zh-cn_935934713d7c2484\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.484 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_zh-tw_975571c73aed00f4\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.687 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..tion_c8a6012355de1b2d_0004.0050_none_892ef5fe67b2933f\Dell.eSupport.DownloadManager.Localization.dll **HIDDEN**
10:44:03.890 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\inte..rary_c8a6012355de1b2d_0001.0000_none_9f2fc1421dc4509c\Interop.IWshRuntimeLibrary.dll **HIDDEN**
10:44:09.062 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\stdole_b03f5f7f11d50a3a_0007.0000_none_333059d4a751806f\stdole.dll **HIDDEN**
10:44:09.296 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\xcee..sion_ba83ff368b7563c6_0003.0007_none_9c2cb3433c0f3426\Xceed.Compression.dll **HIDDEN**
10:44:10.546 File: C:\Documents and Settings\FAR\Local Settings\Temp\Adobelm_Cleanup.0001 **HIDDEN**
10:44:14.171 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-3PVLS.tmp\is-H8GG1.tmp **HIDDEN**
10:44:14.468 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-TB9UQ.tmp\UNZIP32.EXE **HIDDEN**
10:44:14.734 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-TB9UQ.tmp\_shfoldr.dll **HIDDEN**
10:44:15.718 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\MBR.DAT **HIDDEN**
10:44:16.171 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\PEV.DAT **HIDDEN**
10:44:16.500 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\SED.DAT **HIDDEN**
10:44:16.843 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\SWREG.DAT **HIDDEN**
10:44:17.109 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\System.dll **HIDDEN**
10:44:17.250 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\UserInfo.dll **HIDDEN**
10:44:17.703 File: C:\Documents and Settings\FAR\Local Settings\Temp\vmpremov.exe **HIDDEN**
10:47:05.093 File: C:\Documents and Settings\FAR\Local Settings\Temporary Internet Files\Content.IE5\NJOOI0TV\dds[1].scr **HIDDEN**
10:47:43.343 File: C:\Documents and Settings\FAR\My Documents\Downloads\esetsmartinstaller_enu.exe **HIDDEN**
10:47:43.703 File: C:\Documents and Settings\FAR\My Documents\Downloads\RealPlayerSPGold(2).exe **HIDDEN**
10:47:44.046 File: C:\Documents and Settings\FAR\My Documents\Downloads\RealPlayerSPGold.exe **HIDDEN**
10:47:53.562 AVAST engine scan C:\Documents and Settings\All Users
10:50:42.953 Scan finished successfully
10:56:27.375 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
10:56:27.375 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-30 11:40:32
-----------------------------
11:40:32.953 OS Version: Windows 5.1.2600 Service Pack 3
11:40:32.953 Number of processors: 2 586 0xE08
11:40:32.953 ComputerName: DELL UserName: FAR
11:40:49.750 Initialize success
11:40:54.453 AVAST engine defs: 12043000
11:41:15.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:41:15.453 Disk 0 Vendor: ST98823AS 8.03 Size: 74881MB BusType: 3
11:41:15.484 Disk 0 MBR read successfully
11:41:15.484 Disk 0 MBR scan
11:41:15.500 Disk 0 unknown MBR code
11:41:15.500 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
11:41:15.515 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71751 MB offset 96390
11:41:15.546 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 147042945
11:41:15.546 Disk 0 scanning sectors +153340425
11:41:15.562 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
11:41:15.562 Disk 0 PE file @ sector 153340450 !
11:41:15.625 Disk 0 scanning C:\WINDOWS\system32\drivers
11:41:31.875 Service scanning
11:41:50.187 Modules scanning
11:41:56.546 Disk 0 trace - called modules:
11:41:56.578 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
11:41:56.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8711aab8]
11:41:56.578 3 CLASSPNP.SYS[f75d1fd7] -> nt!IofCallDriver -> \Device\00000075[0x871d4f18]
11:41:56.578 5 ACPI.sys[f7468620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x871d2d98]
11:41:56.890 AVAST engine scan C:\WINDOWS
11:42:05.218 AVAST engine scan C:\WINDOWS\system32
11:44:08.796 AVAST engine scan C:\WINDOWS\system32\drivers
11:44:23.375 AVAST engine scan C:\Documents and Settings\FAR
11:46:44.609 AVAST engine scan C:\Documents and Settings\All Users
11:49:06.781 Scan finished successfully
11:57:23.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
11:57:23.781 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-01 11:57:07
-----------------------------
11:57:07.125 OS Version: Windows 5.1.2600 Service Pack 3
11:57:07.125 Number of processors: 2 586 0xE08
11:57:07.125 ComputerName: DELL UserName: FAR
11:57:50.421 Initialize success
11:57:54.000 AVAST engine defs: 12050100
11:58:47.718 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:58:47.718 Disk 0 Vendor: ST98823AS 8.03 Size: 74881MB BusType: 3
11:58:47.796 Disk 0 MBR read successfully
11:58:47.796 Disk 0 MBR scan
11:58:47.796 Disk 0 unknown MBR code
11:58:47.796 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
11:58:47.812 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71751 MB offset 96390
11:58:47.843 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 147042945
11:58:47.859 Disk 0 scanning sectors +153340425
11:58:47.875 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
11:58:47.921 Disk 0 scanning C:\WINDOWS\system32\drivers
11:58:57.828 Service scanning
11:59:14.281 Modules scanning
11:59:20.031 Disk 0 trace - called modules:
11:59:20.046 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
11:59:20.062 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87116ab8]
11:59:20.062 3 CLASSPNP.SYS[f75d1fd7] -> nt!IofCallDriver -> \Device\00000075[0x871c9510]
11:59:20.062 5 ACPI.sys[f7468620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x87174940]
11:59:20.546 AVAST engine scan C:\WINDOWS
11:59:28.359 AVAST engine scan C:\WINDOWS\system32
12:01:33.156 AVAST engine scan C:\WINDOWS\system32\drivers
12:01:49.000 AVAST engine scan C:\Documents and Settings\FAR
12:04:05.984 AVAST engine scan C:\Documents and Settings\All Users
12:06:18.375 Scan finished successfully
12:10:49.890 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
12:10:49.890 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-01 18:23:06
-----------------------------
18:23:06.562 OS Version: Windows 5.1.2600 Service Pack 3
18:23:06.562 Number of processors: 2 586 0xE08
18:23:06.562 ComputerName: DELL UserName: FAR
18:23:32.343 Initialize success
18:23:35.906 AVAST engine defs: 12050100
18:24:37.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:24:37.609 Disk 0 Vendor: ST98823AS 8.03 Size: 74881MB BusType: 3
18:24:37.687 Disk 0 MBR read successfully
18:24:37.703 Disk 0 MBR scan
18:24:37.703 Disk 0 unknown MBR code
18:24:37.703 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
18:24:37.703 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71751 MB offset 96390
18:24:37.734 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 147042945
18:24:37.765 Disk 0 scanning sectors +153340425
18:24:37.796 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
18:24:37.890 Disk 0 scanning C:\WINDOWS\system32\drivers
18:24:48.609 Service scanning
18:25:06.687 Modules scanning
18:25:12.421 Disk 0 trace - called modules:
18:25:12.453 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
18:25:12.453 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87116ab8]
18:25:12.453 3 CLASSPNP.SYS[f75d1fd7] -> nt!IofCallDriver -> \Device\00000075[0x871c9510]
18:25:12.453 5 ACPI.sys[f7468620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x87174940]
18:25:12.875 AVAST engine scan C:\WINDOWS
18:25:21.125 AVAST engine scan C:\WINDOWS\system32
18:27:39.468 AVAST engine scan C:\WINDOWS\system32\drivers
18:27:55.062 AVAST engine scan C:\Documents and Settings\FAR
18:30:34.859 AVAST engine scan C:\Documents and Settings\All Users
18:32:54.562 Scan finished successfully
18:35:34.546 Disk 0 MBR read successfully
18:35:34.562 Disk 0 scanning sectors +153340425
18:35:34.593 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
18:35:34.593 Disk 0 sector 153340428 cleaned
18:35:34.593 Verifying disinfection
18:35:45.031 Infection fixed successfully - please reboot ASAP
18:36:44.281 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
18:36:44.296 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada
Advertisement
Register to Remove

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 2nd, 2012, 10:24 am

Hi frerom, It looks good but I would like a comfirmation of this.
Step 1
Please run TDSSKiller again like you did the first time in This post and post the log in your next reply.

Step 2 (If avast asks, choose to to this normally, not in the sandbox)
Please download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Standard Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Step 3
ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Select the option YES, I accept the Terms of Use then click on Start.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

In your next reply please include:
The latest TDSSKiller log.
Both logs from OTL.
The eset log.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 3rd, 2012, 11:14 am

Hi Maxi,
Step 1
Downloaded the updated version of the TDSS and completed the scan. No problems reported. Report follows:
23:43:33.0656 2448 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
23:43:34.0375 2448 ============================================================
23:43:34.0375 2448 Current date / time: 2012/05/02 23:43:34.0375
23:43:34.0375 2448 SystemInfo:
23:43:34.0375 2448
23:43:34.0375 2448 OS Version: 5.1.2600 ServicePack: 3.0
23:43:34.0375 2448 Product type: Workstation
23:43:34.0375 2448 ComputerName: DELL
23:43:34.0375 2448 UserName: FAR
23:43:34.0375 2448 Windows directory: C:\WINDOWS
23:43:34.0390 2448 System windows directory: C:\WINDOWS
23:43:34.0390 2448 Processor architecture: Intel x86
23:43:34.0390 2448 Number of processors: 2
23:43:34.0390 2448 Page size: 0x1000
23:43:34.0390 2448 Boot type: Normal boot
23:43:34.0390 2448 ============================================================
23:43:36.0359 2448 Drive \Device\Harddisk0\DR0 - Size: 0x1248119400 (73.13 Gb), SectorSize: 0x200, Cylinders: 0x254A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:43:36.0359 2448 ============================================================
23:43:36.0359 2448 \Device\Harddisk0\DR0:
23:43:36.0359 2448 MBR partitions:
23:43:36.0359 2448 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8C239FB
23:43:36.0359 2448 ============================================================
23:43:36.0500 2448 C: <-> \Device\Harddisk0\DR0\Partition0
23:43:36.0500 2448 ============================================================
23:43:36.0500 2448 Initialize success
23:43:36.0500 2448 ============================================================
23:44:02.0265 1284 ============================================================
23:44:02.0265 1284 Scan started
23:44:02.0265 1284 Mode: Manual;
23:44:02.0265 1284 ============================================================
23:44:02.0640 1284 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
23:44:02.0640 1284 Aavmker4 - ok
23:44:02.0640 1284 Abiosdsk - ok
23:44:02.0687 1284 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
23:44:02.0687 1284 abp480n5 - ok
23:44:02.0734 1284 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:44:02.0750 1284 ACPI - ok
23:44:02.0781 1284 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:44:02.0781 1284 ACPIEC - ok
23:44:02.0875 1284 Adobe LM Service (6d182c31acf16213407f2768f1107fe3) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:44:02.0875 1284 Adobe LM Service - ok
23:44:02.0984 1284 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:44:02.0984 1284 AdobeFlashPlayerUpdateSvc - ok
23:44:03.0015 1284 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
23:44:03.0031 1284 adpu160m - ok
23:44:03.0062 1284 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:44:03.0078 1284 aec - ok
23:44:03.0125 1284 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:44:03.0140 1284 AFD - ok
23:44:03.0187 1284 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
23:44:03.0187 1284 agp440 - ok
23:44:03.0218 1284 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
23:44:03.0218 1284 agpCPQ - ok
23:44:03.0234 1284 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
23:44:03.0234 1284 Aha154x - ok
23:44:03.0234 1284 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
23:44:03.0234 1284 aic78u2 - ok
23:44:03.0250 1284 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
23:44:03.0250 1284 aic78xx - ok
23:44:03.0312 1284 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
23:44:03.0312 1284 Alerter - ok
23:44:03.0343 1284 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
23:44:03.0343 1284 ALG - ok
23:44:03.0343 1284 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
23:44:03.0359 1284 AliIde - ok
23:44:03.0359 1284 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
23:44:03.0359 1284 alim1541 - ok
23:44:03.0375 1284 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
23:44:03.0375 1284 amdagp - ok
23:44:03.0375 1284 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
23:44:03.0375 1284 amsint - ok
23:44:03.0421 1284 APPDRV - ok
23:44:03.0453 1284 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
23:44:03.0468 1284 AppMgmt - ok
23:44:03.0515 1284 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:44:03.0515 1284 Arp1394 - ok
23:44:03.0515 1284 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
23:44:03.0515 1284 asc - ok
23:44:03.0531 1284 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
23:44:03.0531 1284 asc3350p - ok
23:44:03.0531 1284 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
23:44:03.0531 1284 asc3550 - ok
23:44:03.0656 1284 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:44:03.0671 1284 aspnet_state - ok
23:44:03.0718 1284 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
23:44:03.0718 1284 aswFsBlk - ok
23:44:03.0718 1284 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
23:44:03.0734 1284 aswMon2 - ok
23:44:03.0750 1284 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
23:44:03.0750 1284 aswRdr - ok
23:44:03.0828 1284 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
23:44:03.0859 1284 aswSnx - ok
23:44:03.0890 1284 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
23:44:03.0921 1284 aswSP - ok
23:44:03.0937 1284 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
23:44:03.0937 1284 aswTdi - ok
23:44:04.0000 1284 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:44:04.0000 1284 AsyncMac - ok
23:44:04.0015 1284 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:44:04.0015 1284 atapi - ok
23:44:04.0015 1284 Atdisk - ok
23:44:04.0093 1284 Ati HotKey Poller (954c1d5b84d1cf925999a4c27e2ab34d) C:\WINDOWS\system32\Ati2evxx.exe
23:44:04.0093 1284 Ati HotKey Poller - ok
23:44:04.0218 1284 ati2mtag (bebeb471617782d138b6f92e7c3fab1c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:44:04.0296 1284 ati2mtag - ok
23:44:04.0406 1284 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:44:04.0406 1284 Atmarpc - ok
23:44:04.0453 1284 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
23:44:04.0453 1284 AudioSrv - ok
23:44:04.0500 1284 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:44:04.0500 1284 audstub - ok
23:44:04.0625 1284 Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
23:44:04.0625 1284 Autodesk Licensing Service - ok
23:44:04.0718 1284 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:44:04.0718 1284 avast! Antivirus - ok
23:44:04.0765 1284 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
23:44:04.0765 1284 bcm4sbxp - ok
23:44:04.0781 1284 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:44:04.0781 1284 Beep - ok
23:44:04.0843 1284 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
23:44:04.0906 1284 BITS - ok
23:44:04.0953 1284 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
23:44:04.0968 1284 Browser - ok
23:44:04.0984 1284 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
23:44:05.0000 1284 cbidf - ok
23:44:05.0000 1284 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:44:05.0000 1284 cbidf2k - ok
23:44:05.0015 1284 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
23:44:05.0015 1284 cd20xrnt - ok
23:44:05.0031 1284 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:44:05.0031 1284 Cdaudio - ok
23:44:05.0078 1284 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:44:05.0078 1284 Cdfs - ok
23:44:05.0093 1284 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:44:05.0093 1284 Cdrom - ok
23:44:05.0109 1284 Changer - ok
23:44:05.0156 1284 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
23:44:05.0156 1284 CiSvc - ok
23:44:05.0156 1284 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
23:44:05.0171 1284 ClipSrv - ok
23:44:05.0296 1284 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:44:05.0343 1284 clr_optimization_v2.0.50727_32 - ok
23:44:05.0390 1284 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
23:44:05.0390 1284 CmBatt - ok
23:44:05.0421 1284 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
23:44:05.0421 1284 CmdIde - ok
23:44:05.0453 1284 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:44:05.0468 1284 Compbatt - ok
23:44:05.0468 1284 COMSysApp - ok
23:44:05.0500 1284 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
23:44:05.0515 1284 Cpqarray - ok
23:44:05.0546 1284 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
23:44:05.0562 1284 CryptSvc - ok
23:44:05.0578 1284 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
23:44:05.0593 1284 dac2w2k - ok
23:44:05.0609 1284 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
23:44:05.0609 1284 dac960nt - ok
23:44:05.0671 1284 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
23:44:05.0718 1284 DcomLaunch - ok
23:44:05.0781 1284 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
23:44:05.0796 1284 Dhcp - ok
23:44:05.0812 1284 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:44:05.0812 1284 Disk - ok
23:44:05.0812 1284 dmadmin - ok
23:44:05.0890 1284 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
23:44:05.0937 1284 dmboot - ok
23:44:05.0953 1284 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
23:44:05.0953 1284 dmio - ok
23:44:05.0968 1284 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:44:05.0984 1284 dmload - ok
23:44:06.0015 1284 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
23:44:06.0015 1284 dmserver - ok
23:44:06.0046 1284 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:44:06.0062 1284 DMusic - ok
23:44:06.0093 1284 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
23:44:06.0109 1284 Dnscache - ok
23:44:06.0156 1284 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
23:44:06.0171 1284 Dot3svc - ok
23:44:06.0203 1284 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
23:44:06.0203 1284 dpti2o - ok
23:44:06.0234 1284 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:44:06.0234 1284 drmkaud - ok
23:44:06.0265 1284 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
23:44:06.0281 1284 drvmcdb - ok
23:44:06.0296 1284 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
23:44:06.0296 1284 drvnddm - ok
23:44:06.0437 1284 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
23:44:06.0437 1284 DSBrokerService - ok
23:44:06.0468 1284 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
23:44:06.0468 1284 DSproct - ok
23:44:06.0515 1284 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
23:44:06.0515 1284 dsunidrv - ok
23:44:06.0546 1284 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
23:44:06.0562 1284 E100B - ok
23:44:06.0593 1284 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
23:44:06.0609 1284 EapHost - ok
23:44:06.0656 1284 EIO (59d74c7b787aa3dda0948986403cea55) C:\WINDOWS\system32\drivers\EIO.sys
23:44:06.0656 1284 EIO - ok
23:44:06.0687 1284 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
23:44:06.0687 1284 ERSvc - ok
23:44:06.0718 1284 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
23:44:06.0781 1284 Eventlog - ok
23:44:06.0828 1284 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
23:44:06.0859 1284 EventSystem - ok
23:44:06.0890 1284 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:44:06.0906 1284 Fastfat - ok
23:44:06.0937 1284 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
23:44:06.0953 1284 FastUserSwitchingCompatibility - ok
23:44:07.0000 1284 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:44:07.0000 1284 Fdc - ok
23:44:07.0031 1284 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
23:44:07.0031 1284 Fips - ok
23:44:07.0062 1284 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:44:07.0062 1284 Flpydisk - ok
23:44:07.0109 1284 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:44:07.0125 1284 FltMgr - ok
23:44:07.0234 1284 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:44:07.0234 1284 FontCache3.0.0.0 - ok
23:44:07.0281 1284 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:44:07.0281 1284 Fs_Rec - ok
23:44:07.0328 1284 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:44:07.0343 1284 Ftdisk - ok
23:44:07.0390 1284 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:44:07.0390 1284 Gpc - ok
23:44:07.0421 1284 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:44:07.0421 1284 HDAudBus - ok
23:44:07.0515 1284 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:44:07.0515 1284 helpsvc - ok
23:44:07.0546 1284 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
23:44:07.0546 1284 HidServ - ok
23:44:07.0578 1284 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:44:07.0578 1284 HidUsb - ok
23:44:07.0609 1284 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
23:44:07.0625 1284 hkmsvc - ok
23:44:07.0671 1284 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
23:44:07.0671 1284 hpn - ok
23:44:07.0718 1284 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
23:44:07.0734 1284 HSFHWAZL - ok
23:44:07.0781 1284 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
23:44:07.0843 1284 HSF_DPV - ok
23:44:07.0906 1284 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:44:07.0921 1284 HTTP - ok
23:44:07.0953 1284 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
23:44:07.0968 1284 HTTPFilter - ok
23:44:08.0000 1284 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
23:44:08.0015 1284 i2omgmt - ok
23:44:08.0046 1284 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
23:44:08.0046 1284 i2omp - ok
23:44:08.0078 1284 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:44:08.0078 1284 i8042prt - ok
23:44:08.0218 1284 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:44:08.0250 1284 idsvc - ok
23:44:08.0281 1284 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:44:08.0296 1284 Imapi - ok
23:44:08.0343 1284 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
23:44:08.0359 1284 ImapiService - ok
23:44:08.0406 1284 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
23:44:08.0406 1284 ini910u - ok
23:44:08.0437 1284 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
23:44:08.0437 1284 IntelIde - ok
23:44:08.0484 1284 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:44:08.0484 1284 intelppm - ok
23:44:08.0515 1284 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:44:08.0515 1284 Ip6Fw - ok
23:44:08.0546 1284 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:44:08.0546 1284 IpFilterDriver - ok
23:44:08.0578 1284 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:44:08.0578 1284 IpInIp - ok
23:44:08.0625 1284 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:44:08.0640 1284 IpNat - ok
23:44:08.0640 1284 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:44:08.0656 1284 IPSec - ok
23:44:08.0671 1284 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:44:08.0687 1284 IRENUM - ok
23:44:08.0703 1284 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:44:08.0718 1284 isapnp - ok
23:44:08.0875 1284 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
23:44:08.0875 1284 JavaQuickStarterService - ok
23:44:08.0906 1284 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:44:08.0906 1284 Kbdclass - ok
23:44:08.0937 1284 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:44:08.0937 1284 kmixer - ok
23:44:08.0968 1284 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:44:08.0984 1284 KSecDD - ok
23:44:09.0031 1284 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
23:44:09.0062 1284 lanmanserver - ok
23:44:09.0109 1284 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
23:44:09.0140 1284 lanmanworkstation - ok
23:44:09.0156 1284 lbrtfdc - ok
23:44:09.0203 1284 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
23:44:09.0218 1284 LmHosts - ok
23:44:09.0218 1284 MaxBackServiceInt - ok
23:44:09.0359 1284 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
23:44:09.0390 1284 MDM - ok
23:44:09.0437 1284 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:44:09.0437 1284 mdmxsdk - ok
23:44:09.0468 1284 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
23:44:09.0468 1284 Messenger - ok
23:44:09.0515 1284 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:44:09.0515 1284 mnmdd - ok
23:44:09.0562 1284 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
23:44:09.0578 1284 mnmsrvc - ok
23:44:09.0625 1284 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
23:44:09.0625 1284 Modem - ok
23:44:09.0640 1284 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:44:09.0640 1284 Mouclass - ok
23:44:09.0687 1284 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:44:09.0687 1284 mouhid - ok
23:44:09.0703 1284 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:44:09.0703 1284 MountMgr - ok
23:44:09.0734 1284 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
23:44:09.0734 1284 mraid35x - ok
23:44:09.0812 1284 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
23:44:09.0812 1284 MREMP50 - ok
23:44:09.0828 1284 MREMP50a64 - ok
23:44:09.0843 1284 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
23:44:09.0843 1284 MRENDIS5 - ok
23:44:09.0859 1284 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
23:44:09.0859 1284 MRESP50 - ok
23:44:09.0859 1284 MRESP50a64 - ok
23:44:09.0890 1284 mrtRate (5300cb219dcfebc7540ce61532db329e) C:\WINDOWS\system32\drivers\mrtRate.sys
23:44:09.0890 1284 mrtRate - ok
23:44:09.0937 1284 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:44:09.0937 1284 MRxDAV - ok
23:44:09.0984 1284 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:44:10.0031 1284 MRxSmb - ok
23:44:10.0078 1284 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
23:44:10.0093 1284 MSDTC - ok
23:44:10.0093 1284 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:44:10.0109 1284 Msfs - ok
23:44:10.0109 1284 MSIServer - ok
23:44:10.0140 1284 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:44:10.0140 1284 MSKSSRV - ok
23:44:10.0156 1284 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:44:10.0156 1284 MSPCLOCK - ok
23:44:10.0156 1284 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:44:10.0171 1284 MSPQM - ok
23:44:10.0203 1284 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:44:10.0203 1284 mssmbios - ok
23:44:10.0250 1284 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:44:10.0265 1284 Mup - ok
23:44:10.0312 1284 MXOPSWD (c29f284ff7ab4ed38ce419a9424e52a2) C:\WINDOWS\system32\DRIVERS\mxopswd.sys
23:44:10.0312 1284 MXOPSWD - ok
23:44:10.0359 1284 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
23:44:10.0390 1284 napagent - ok
23:44:10.0421 1284 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:44:10.0437 1284 NDIS - ok
23:44:10.0468 1284 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:44:10.0468 1284 NdisTapi - ok
23:44:10.0484 1284 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:44:10.0484 1284 Ndisuio - ok
23:44:10.0500 1284 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:44:10.0515 1284 NdisWan - ok
23:44:10.0562 1284 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:44:10.0562 1284 NDProxy - ok
23:44:10.0578 1284 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:44:10.0578 1284 NetBIOS - ok
23:44:10.0609 1284 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:44:10.0625 1284 NetBT - ok
23:44:10.0671 1284 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
23:44:10.0687 1284 NetDDE - ok
23:44:10.0703 1284 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
23:44:10.0703 1284 NetDDEdsdm - ok
23:44:10.0750 1284 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:44:10.0765 1284 Netlogon - ok
23:44:10.0781 1284 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
23:44:10.0812 1284 Netman - ok
23:44:10.0921 1284 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:44:10.0937 1284 NetTcpPortSharing - ok
23:44:11.0093 1284 NETw4x32 (88100ebdd10309fbd445ef8e42452eae) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
23:44:11.0203 1284 NETw4x32 - ok
23:44:11.0390 1284 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:44:11.0406 1284 NIC1394 - ok
23:44:11.0578 1284 NICCONFIGSVC (11d8a00c7eff1aaec8e8464769c84a3d) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
23:44:11.0578 1284 NICCONFIGSVC - ok
23:44:11.0640 1284 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
23:44:11.0671 1284 Nla - ok
23:44:11.0718 1284 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:44:11.0718 1284 Npfs - ok
23:44:11.0750 1284 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:44:11.0796 1284 Ntfs - ok
23:44:11.0828 1284 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:44:11.0828 1284 NtLmSsp - ok
23:44:11.0890 1284 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
23:44:11.0921 1284 NtmsSvc - ok
23:44:11.0968 1284 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:44:11.0968 1284 Null - ok
23:44:12.0109 1284 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:44:12.0203 1284 nv - ok
23:44:12.0328 1284 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:44:12.0328 1284 NwlnkFlt - ok
23:44:12.0343 1284 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:44:12.0343 1284 NwlnkFwd - ok
23:44:12.0515 1284 OAcat (27e83f14ae20f92ed7c30e840d71e23d) C:\Program Files\Tall Emu\Online Armor\OAcat.exe
23:44:12.0531 1284 OAcat - ok
23:44:12.0609 1284 OADevice (da5e5a2026eeef52d94fcb760e171752) C:\WINDOWS\system32\drivers\OADriver.sys
23:44:12.0625 1284 OADevice - ok
23:44:12.0640 1284 OAmon (3524dd1f24bd0114eaa98048d76075c1) C:\WINDOWS\system32\drivers\OAmon.sys
23:44:12.0640 1284 OAmon - ok
23:44:12.0687 1284 OAnet (e57d9d511e837ef56f93ec29f1ff730d) C:\WINDOWS\system32\drivers\OAnet.sys
23:44:12.0687 1284 OAnet - ok
23:44:12.0718 1284 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:44:12.0718 1284 ohci1394 - ok
23:44:12.0781 1284 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
23:44:12.0781 1284 omci - ok
23:44:12.0875 1284 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:44:12.0890 1284 ose - ok
23:44:12.0906 1284 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
23:44:12.0921 1284 Parport - ok
23:44:12.0921 1284 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:44:12.0921 1284 PartMgr - ok
23:44:12.0953 1284 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
23:44:12.0953 1284 ParVdm - ok
23:44:12.0984 1284 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
23:44:13.0000 1284 PCI - ok
23:44:13.0000 1284 PCIDump - ok
23:44:13.0031 1284 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:44:13.0046 1284 PCIIde - ok
23:44:13.0062 1284 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:44:13.0062 1284 Pcmcia - ok
23:44:13.0078 1284 PDCOMP - ok
23:44:13.0078 1284 PDFRAME - ok
23:44:13.0093 1284 PDRELI - ok
23:44:13.0093 1284 PDRFRAME - ok
23:44:13.0125 1284 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
23:44:13.0125 1284 perc2 - ok
23:44:13.0140 1284 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
23:44:13.0140 1284 perc2hib - ok
23:44:13.0203 1284 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
23:44:13.0234 1284 PlugPlay - ok
23:44:13.0281 1284 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
23:44:13.0296 1284 Pml Driver HPZ12 - ok
23:44:13.0312 1284 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:44:13.0328 1284 PolicyAgent - ok
23:44:13.0359 1284 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:44:13.0359 1284 PptpMiniport - ok
23:44:13.0359 1284 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:44:13.0375 1284 ProtectedStorage - ok
23:44:13.0375 1284 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:44:13.0390 1284 PSched - ok
23:44:13.0437 1284 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
23:44:13.0453 1284 PSI - ok
23:44:13.0468 1284 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:44:13.0484 1284 Ptilink - ok
23:44:13.0531 1284 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:44:13.0531 1284 PxHelp20 - ok
23:44:13.0546 1284 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
23:44:13.0562 1284 ql1080 - ok
23:44:13.0578 1284 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
23:44:13.0578 1284 Ql10wnt - ok
23:44:13.0609 1284 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
23:44:13.0609 1284 ql12160 - ok
23:44:13.0625 1284 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
23:44:13.0625 1284 ql1240 - ok
23:44:13.0656 1284 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
23:44:13.0656 1284 ql1280 - ok
23:44:13.0687 1284 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:44:13.0687 1284 RasAcd - ok
23:44:13.0734 1284 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
23:44:13.0765 1284 RasAuto - ok
23:44:13.0781 1284 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:44:13.0796 1284 Rasl2tp - ok
23:44:13.0843 1284 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
23:44:13.0875 1284 RasMan - ok
23:44:13.0890 1284 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:44:13.0890 1284 RasPppoe - ok
23:44:13.0906 1284 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:44:13.0921 1284 Raspti - ok
23:44:13.0937 1284 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:44:13.0953 1284 Rdbss - ok
23:44:13.0984 1284 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:44:13.0984 1284 RDPCDD - ok
23:44:14.0015 1284 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:44:14.0015 1284 rdpdr - ok
23:44:14.0078 1284 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
23:44:14.0078 1284 RDPWD - ok
23:44:14.0125 1284 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
23:44:14.0156 1284 RDSessMgr - ok
23:44:14.0218 1284 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:44:14.0218 1284 redbook - ok
23:44:14.0250 1284 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
23:44:14.0265 1284 RemoteAccess - ok
23:44:14.0328 1284 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
23:44:14.0343 1284 RemoteRegistry - ok
23:44:14.0406 1284 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
23:44:14.0406 1284 rimmptsk - ok
23:44:14.0421 1284 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
23:44:14.0421 1284 rimsptsk - ok
23:44:14.0421 1284 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
23:44:14.0437 1284 rismxdp - ok
23:44:14.0484 1284 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
23:44:14.0500 1284 RpcLocator - ok
23:44:14.0546 1284 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
23:44:14.0578 1284 RpcSs - ok
23:44:14.0625 1284 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
23:44:14.0640 1284 RSVP - ok
23:44:14.0656 1284 s24trans - ok
23:44:14.0703 1284 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:44:14.0703 1284 SamSs - ok
23:44:14.0750 1284 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
23:44:14.0765 1284 SCardSvr - ok
23:44:14.0812 1284 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
23:44:14.0843 1284 Schedule - ok
23:44:14.0890 1284 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
23:44:14.0890 1284 sdbus - ok
23:44:14.0937 1284 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:44:14.0937 1284 Secdrv - ok
23:44:14.0984 1284 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
23:44:15.0000 1284 seclogon - ok
23:44:15.0171 1284 Secunia PSI Agent (1ce8490e8919ef5c72275952c202e749) C:\Program Files\Secunia\PSI\PSIA.exe
23:44:15.0171 1284 Secunia PSI Agent - ok
23:44:15.0234 1284 Secunia Update Agent (9337c7c45392a32cac5e59ddac0d0342) C:\Program Files\Secunia\PSI\sua.exe
23:44:15.0250 1284 Secunia Update Agent - ok
23:44:15.0343 1284 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
23:44:15.0359 1284 SENS - ok
23:44:15.0468 1284 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:44:15.0484 1284 serenum - ok
23:44:15.0500 1284 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
23:44:15.0515 1284 Serial - ok
23:44:15.0562 1284 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:44:15.0562 1284 Sfloppy - ok
23:44:15.0609 1284 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
23:44:15.0640 1284 SharedAccess - ok
23:44:15.0703 1284 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
23:44:15.0718 1284 ShellHWDetection - ok
23:44:15.0718 1284 Simbad - ok
23:44:15.0765 1284 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
23:44:15.0765 1284 sisagp - ok
23:44:15.0812 1284 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
23:44:15.0812 1284 Sparrow - ok
23:44:15.0859 1284 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:44:15.0859 1284 splitter - ok
23:44:15.0906 1284 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
23:44:15.0921 1284 Spooler - ok
23:44:15.0968 1284 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
23:44:15.0968 1284 sr - ok
23:44:16.0031 1284 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
23:44:16.0062 1284 srservice - ok
23:44:16.0125 1284 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:44:16.0140 1284 Srv - ok
23:44:16.0171 1284 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
23:44:16.0171 1284 sscdbhk5 - ok
23:44:16.0203 1284 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
23:44:16.0218 1284 SSDPSRV - ok
23:44:16.0234 1284 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
23:44:16.0234 1284 ssrtln - ok
23:44:16.0328 1284 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
23:44:16.0375 1284 STHDA - ok
23:44:16.0421 1284 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
23:44:16.0437 1284 StillCam - ok
23:44:16.0500 1284 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
23:44:16.0546 1284 stisvc - ok
23:44:16.0843 1284 SvcOnlineArmor (2a27eaa524005170ded0415596e75f46) C:\Program Files\Tall Emu\Online Armor\oasrv.exe
23:44:16.0968 1284 SvcOnlineArmor - ok
23:44:17.0156 1284 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:44:17.0156 1284 swenum - ok
23:44:17.0218 1284 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:44:17.0218 1284 swmidi - ok
23:44:17.0234 1284 SwPrv - ok
23:44:17.0281 1284 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
23:44:17.0281 1284 symc810 - ok
23:44:17.0296 1284 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
23:44:17.0312 1284 symc8xx - ok
23:44:17.0312 1284 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
23:44:17.0328 1284 sym_hi - ok
23:44:17.0328 1284 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
23:44:17.0343 1284 sym_u3 - ok
23:44:17.0406 1284 SynTP (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:44:17.0421 1284 SynTP - ok
23:44:17.0468 1284 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:44:17.0468 1284 sysaudio - ok
23:44:17.0515 1284 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
23:44:17.0546 1284 SysmonLog - ok
23:44:17.0562 1284 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
23:44:17.0593 1284 TapiSrv - ok
23:44:17.0671 1284 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:44:17.0703 1284 Tcpip - ok
23:44:17.0734 1284 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:44:17.0734 1284 TDPIPE - ok
23:44:17.0781 1284 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:44:17.0781 1284 TDTCP - ok
23:44:17.0796 1284 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:44:17.0812 1284 TermDD - ok
23:44:17.0859 1284 TermService (56f4867bae6fd78e5365a3a7afa59c82) C:\WINDOWS\System32\termsrv32.dll
23:44:17.0875 1284 TermService - ok
23:44:18.0000 1284 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
23:44:18.0000 1284 tfsnboio - ok
23:44:18.0015 1284 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
23:44:18.0015 1284 tfsncofs - ok
23:44:18.0031 1284 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
23:44:18.0031 1284 tfsndrct - ok
23:44:18.0031 1284 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
23:44:18.0031 1284 tfsndres - ok
23:44:18.0046 1284 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
23:44:18.0046 1284 tfsnifs - ok
23:44:18.0062 1284 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
23:44:18.0062 1284 tfsnopio - ok
23:44:18.0062 1284 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
23:44:18.0078 1284 tfsnpool - ok
23:44:18.0078 1284 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
23:44:18.0093 1284 tfsnudf - ok
23:44:18.0109 1284 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
23:44:18.0109 1284 tfsnudfa - ok
23:44:18.0156 1284 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
23:44:18.0171 1284 Themes - ok
23:44:18.0203 1284 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
23:44:18.0218 1284 TlntSvr - ok
23:44:18.0265 1284 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
23:44:18.0265 1284 TosIde - ok
23:44:18.0328 1284 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
23:44:18.0343 1284 TrkWks - ok
23:44:18.0375 1284 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:44:18.0390 1284 Udfs - ok
23:44:18.0406 1284 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
23:44:18.0421 1284 ultra - ok
23:44:18.0468 1284 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:44:18.0500 1284 Update - ok
23:44:18.0531 1284 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
23:44:18.0562 1284 upnphost - ok
23:44:18.0578 1284 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
23:44:18.0593 1284 UPS - ok
23:44:18.0640 1284 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:44:18.0640 1284 usbccgp - ok
23:44:18.0671 1284 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:44:18.0687 1284 usbehci - ok
23:44:18.0734 1284 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:44:18.0734 1284 usbhub - ok
23:44:18.0781 1284 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:44:18.0781 1284 usbscan - ok
23:44:18.0796 1284 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:44:18.0812 1284 USBSTOR - ok
23:44:18.0812 1284 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:44:18.0828 1284 usbuhci - ok
23:44:18.0828 1284 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:44:18.0828 1284 VgaSave - ok
23:44:18.0859 1284 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
23:44:18.0859 1284 viaagp - ok
23:44:18.0875 1284 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
23:44:18.0890 1284 ViaIde - ok
23:44:18.0921 1284 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
23:44:18.0921 1284 VolSnap - ok
23:44:18.0968 1284 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
23:44:19.0000 1284 VSS - ok
23:44:19.0046 1284 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
23:44:19.0078 1284 w32time - ok
23:44:19.0187 1284 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
23:44:19.0265 1284 w39n51 - ok
23:44:19.0421 1284 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:44:19.0421 1284 Wanarp - ok
23:44:19.0421 1284 wanatw - ok
23:44:19.0437 1284 WDICA - ok
23:44:19.0484 1284 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:44:19.0484 1284 wdmaud - ok
23:44:19.0531 1284 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
23:44:19.0546 1284 WebClient - ok
23:44:19.0640 1284 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
23:44:19.0687 1284 winachsf - ok
23:44:19.0796 1284 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:44:19.0812 1284 winmgmt - ok
23:44:19.0875 1284 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
23:44:19.0890 1284 WmdmPmSN - ok
23:44:19.0953 1284 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
23:44:19.0984 1284 Wmi - ok
23:44:20.0046 1284 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
23:44:20.0046 1284 WmiAcpi - ok
23:44:20.0093 1284 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:44:20.0109 1284 WmiApSrv - ok
23:44:20.0265 1284 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
23:44:20.0265 1284 WMPNetworkSvc - ok
23:44:20.0328 1284 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
23:44:20.0359 1284 wscsvc - ok
23:44:20.0375 1284 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
23:44:20.0421 1284 wuauserv - ok
23:44:20.0453 1284 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:44:20.0468 1284 WudfPf - ok
23:44:20.0515 1284 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:44:20.0515 1284 WudfRd - ok
23:44:20.0546 1284 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
23:44:20.0562 1284 WudfSvc - ok
23:44:20.0625 1284 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
23:44:20.0671 1284 WZCSVC - ok
23:44:20.0703 1284 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
23:44:20.0734 1284 xmlprov - ok
23:44:20.0765 1284 MBR (0x1B8) (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0
23:44:20.0796 1284 \Device\Harddisk0\DR0 - ok
23:44:20.0843 1284 Boot (0x1200) (43926fcb5c4b3ae5531c5fb6dcc2b5af) \Device\Harddisk0\DR0\Partition0
23:44:20.0843 1284 \Device\Harddisk0\DR0\Partition0 - ok
23:44:20.0843 1284 ============================================================
23:44:20.0843 1284 Scan finished
23:44:20.0843 1284 ============================================================
23:44:20.0859 1532 Detected object count: 0
23:44:20.0859 1532 Actual detected object count: 0
23:46:56.0937 1696 Deinitialize success

Step2.
OTL was very touchy again. Finally got it to work(disabled Avast fo 1 hr) but then encountered a blue screen stop error while OTL was performing the "checking newly modified files" I believe. Details follow here:
Technical info
***0X0000008E (0XC0000005, 0XECDCC4A0, 0XB7C8473C, 0X00000000
*** aswsnx.sys Address ECDCC4A0 base at ECDBA000, Date stamp 4f56a5e5 mem dump
C:windows\minidump03/05/2012.
I have the minidump file if you need it.
No reports generated.
Note: ESET identified Onlie Armor as an antivirus program. Maybe I should retry OTL with both Avast and Online Armor disabled. I'll wait till your next post before I try that.

Step 3.
ESET found some threats
a variant of Win32/Install Core D application
Win32PrcView application
Report follows
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c094ecf5f492064e9f9dace08b87823c
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-03 06:21:49
# local_time=2012-05-03 02:21:49 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 45778220 45778220 0 0
# compatibility_mode=770 16774141 100 95 0 111810229 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=6401 16777213 66 100 0 63347427 0 0
# compatibility_mode=8192 67108863 100 0 45528471 45528471 0 0
# scanned=89723
# found=2
# cleaned=0
# scan_time=4158
C:\Documents and Settings\FAR\Desktop\cnet2_MyDefrag-v4_3_1_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Fred\Desktop\UBCD4WinV360.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I

I was away yesterday.
Regards
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 3rd, 2012, 2:57 pm

Hi frerom,

That looks better :) Try OTL again but this time disconnect the computer from the internet, Disable both avast and online armour and see if it will scan.

Also follow the step below.
Upload File/Files for testing

Please go to Virustotal or jotti.org

Copy/paste this file and path into the white box at the top:
C:\Documents and Settings\FAR\Desktop\cnet2_MyDefrag-v4_3_1_exe.exe
C:\Documents and Settings\Fred\Desktop\UBCD4WinV360.exe

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the permalink (web address) in your next response.
Example of web address :
Image

Regards maxi
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 4th, 2012, 6:41 pm

Hi maxi,

Step 1
Ran OTL but selected none for some of the outputs you did not mention.

OTL Reports follow:

OTL logfile created on: 04/05/2012 5:29:52 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\FAR\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1022.37 Mb Total Physical Memory | 627.35 Mb Available Physical Memory | 61.36% Memory free
2.40 Gb Paging File | 2.12 Gb Available in Paging File | 88.31% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.07 Gb Total Space | 41.76 Gb Free Space | 59.60% Space Free | Partition Type: NTFS

Computer Name: DELL | User Name: FAR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.ca/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.ca/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.ca/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.ca/myway
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://support.dell.com/support/index.a ... l=en&s=dhs
IE - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008\..\SearchScopes,DefaultScope = {D38DBEF7-3085-40B8-8584-70057192D41F}
IE - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008\..\SearchScopes\{D38DBEF7-3085-40B8-8584-70057192D41F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.sympatico.ca/default.aspx?lang=en-CA"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1367
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/03/21 16:10:32 | 000,000,000 | ---D | M]

[2009/12/18 04:51:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FAR\Application Data\Mozilla\Extensions
[2012/03/08 15:25:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FAR\Application Data\Mozilla\Firefox\Profiles\k5pqeeyn.default\extensions
[2010/11/15 18:41:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\FAR\Application Data\Mozilla\Firefox\Profiles\k5pqeeyn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/03/21 16:10:32 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012/03/08 14:51:22 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2010/02/17 12:32:30 | 000,612,589 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 http://www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 http://www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 http://www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 data2.activshopper.com #[Trackware.ActivShopper]
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 127.0.0.1 ads.ad2games.com
O1 - Hosts: 127.0.0.1 content.ad20.net
O1 - Hosts: 16208 more lines...
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD LT Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008\..Trusted Domains: secunia.com ([psi] https in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0460342453 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 7243105250 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} https://acaeronet.aircanada.ca/http://y ... rview2.cab (ActiveReports Viewer2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/ ... emLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6B939C3-82DB-4DE8-B76E-22CD3042EEB6}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{cf278015-8971-11db-bf93-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{cf278015-8971-11db-bf93-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf278015-8971-11db-bf93-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/02 23:49:12 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\FAR\Desktop\OTL.exe
[2012/05/01 12:29:42 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\FAR\Desktop\mbam-setup-1.61.0.1400.exe
[2012/05/01 06:42:38 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/30 15:42:44 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\FAR\Desktop\tdsskiller.exe
[2012/04/28 11:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FAR\Application Data\U3
[2012/04/28 10:19:31 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\FAR\Desktop\aswMBR.exe
[2012/04/28 09:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/04/28 09:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/04/28 09:34:31 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\FAR\Desktop\erunt-setup.exe
[2012/04/27 00:53:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\FAR\Start Menu\Programs\Administrative Tools
[2012/04/27 00:47:18 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\FAR\Desktop\dds.com
[2012/04/27 00:43:14 | 000,607,260 | ---- | C] (Swearware) -- C:\Documents and Settings\FAR\Desktop\dds.scr
[2012/04/14 20:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/04/14 19:49:09 | 000,840,264 | ---- | C] (BillP Studios) -- C:\Documents and Settings\FAR\Desktop\wpsetup.exe

========== Files - Modified Within 30 Days ==========

[2012/05/04 17:04:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/04 16:45:31 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2012/05/04 16:45:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/04 16:45:27 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4111410036-3936580720-2215604264-1008.job
[2012/05/04 16:29:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/04 16:29:53 | 1072,103,424 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/03 15:48:33 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FB547E51-C5E8-4E22-A8A3-A8DF7F288FE7}.job
[2012/05/03 00:57:07 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/05/02 23:59:57 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FAR\Desktop\OTL.exe
[2012/05/02 23:41:45 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\FAR\Desktop\tdsskiller.exe
[2012/05/01 18:36:44 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\FAR\Desktop\MBR.dat
[2012/05/01 12:36:25 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/01 12:29:43 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\FAR\Desktop\mbam-setup-1.61.0.1400.exe
[2012/04/29 21:16:53 | 000,001,614 | ---- | M] () -- C:\Documents and Settings\FAR\Local Settings\Application Data\FASTWiz.html
[2012/04/28 12:56:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-4111410036-3936580720-2215604264-1008.job
[2012/04/28 10:19:31 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\FAR\Desktop\aswMBR.exe
[2012/04/28 09:43:59 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\FAR\Desktop\ERUNT.lnk
[2012/04/28 09:34:42 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\FAR\Desktop\erunt-setup.exe
[2012/04/28 07:33:21 | 000,607,260 | ---- | M] (Swearware) -- C:\Documents and Settings\FAR\Desktop\dds.scr
[2012/04/27 01:15:51 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\FAR\Desktop\HiJackThis.lnk
[2012/04/27 01:02:26 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\FAR\Desktop\HiJackThis.msi
[2012/04/27 00:47:28 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\FAR\Desktop\dds.com
[2012/04/26 20:23:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/22 13:57:50 | 000,000,028 | ---- | M] () -- C:\WINDOWS\qfnonl.ini
[2012/04/22 13:17:43 | 000,001,387 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2012/04/14 19:59:57 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\FAR\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/14 19:49:17 | 000,840,264 | ---- | M] (BillP Studios) -- C:\Documents and Settings\FAR\Desktop\wpsetup.exe
[2012/04/11 17:11:59 | 000,446,120 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/11 17:11:59 | 000,073,542 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/10 20:43:23 | 000,000,212 | RHS- | M] () -- C:\boot.ini

========== Files Created - No Company Name ==========

[2012/04/30 11:57:23 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\FAR\Desktop\MBR.dat
[2012/04/29 21:16:53 | 000,001,614 | ---- | C] () -- C:\Documents and Settings\FAR\Local Settings\Application Data\FASTWiz.html
[2012/04/28 09:43:59 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\FAR\Desktop\ERUNT.lnk
[2012/04/27 01:02:15 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\FAR\Desktop\HiJackThis.msi
[2012/04/10 20:30:17 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/05 22:12:43 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/03/29 13:54:11 | 000,085,319 | ---- | C] () -- C:\WINDOWS\hpgins01.dat.temp
[2012/03/29 13:54:11 | 000,000,145 | ---- | C] () -- C:\WINDOWS\hpgmdl01.dat
[2012/02/18 12:29:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/29 15:46:49 | 000,000,043 | ---- | C] () -- C:\WINDOWS\hpfcCopy.INI
[2010/07/25 15:47:05 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\FAR\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/24 08:17:52 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini

< End of report >

OTL Extras logfile created on: 04/05/2012 5:29:52 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\FAR\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1022.37 Mb Total Physical Memory | 627.35 Mb Available Physical Memory | 61.36% Memory free
2.40 Gb Paging File | 2.12 Gb Available in Paging File | 88.31% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.07 Gb Total Space | 41.76 Gb Free Space | 59.60% Space Free | Partition Type: NTFS

Computer Name: DELL | User Name: FAR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-4111410036-3936580720-2215604264-1008\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.scr [@ = AutoCADLTScriptFile] -- C:\Program Files\Windows NT\Accessories\WORDPAD.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"4896:TCP" = 4896:TCP:*:Enabled:Services

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"8443:TCP" = 8443:TCP:*:Enabled:Steve Camera
"4896:TCP" = 4896:TCP:*:Enabled:Services

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Mozilla Firefox
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{302A1E2E-DD58-4673-BC99-9CC10EC2637A}" = WinPatrol
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{326957C7-83FD-4550-A59A-849B7B4297DE}" = Microsoft Easy Assist v2
"{32A72502-BC2C-4C39-ACEA-BC3D463F0697}" = EN
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{5783F2D7-5009-0409-0002-0060B0CE6BBA}" = AutoCAD LT 2007 - English
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6DD9963C-271A-4A14-82B0-4DC148C52E58}" = LaCie Backup Software v1.5.2215
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{7DB9BF65-46AC-4803-82AA-14EFCA927789}" = HP Scanjet 4070
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B667052-ECC4-41F2-9490-BA4F2FA0C580}" = hpg4070
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BC7D1833-11C1-4DD1-8093-531AACD09683}" = Isoview 5.0.011 (Airbus License)
"{BE66348A-E83F-4982-941F-DFF2F742B851}" = Microsoft Office Live Meeting 2007
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C93A6CFE-2C74-428B-9CFE-6EAF1BE34BFA}" = ArcSoft Collage Creator
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C9A162C1-031F-4EBF-A3E6-C45F7FCCBB9E}_is1" = Genie Backup Assistant
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC138D22-037B-40B4-A7FC-E050404BC2B2}" = InstallActiveX
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E8F4F176-AC5C-47E7-AF2E-83983EC3C36F}" = Cortona_ActiveX
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition)
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FE56F651-BAFF-49C9-9F8B-069D76EFA442}" = CorelDRAW Design Collection - 2
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"6F8C52CF07BBF1FE2471DC68C08F06D7C58B7D49" = Windows Driver Package - Intel (w29n51) net (09/12/2005 9.0.3.9)
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.1.4 Professional
"Adobe Acrobat 7.0 Professional_714" = Adobe Acrobat 7.1.4 - CPSID_50030
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ATI Display Driver" = ATI Display Driver
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"avast" = avast! Free Antivirus
"BD783877877F8379747E631823C95556275EC783" = Windows Driver Package - Intel (w39n51) net (12/04/2005 10.1.0.13)
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Links 2001 1.0" = Microsoft Links 2001
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSMONEYV80" = Microsoft Money 2000 Standard Edition
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnlineArmor_is1" = Online Armor 4.0
"Secunia PSI" = Secunia PSI (2.0.0.1003)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPatrol" = WinPatrol 2009
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4111410036-3936580720-2215604264-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ System Events ]
Error - 01/05/2012 11:43:35 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = The APPDRV service failed to start due to the following error: %%3

Error - 01/05/2012 4:20:16 PM | Computer Name = DELL | Source = DCOM | ID = 10010
Description = The server {601AC3DC-786A-4EB0-BF40-EE3521E70BFB} did not register
with DCOM within the required timeout.

Error - 01/05/2012 6:21:13 PM | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = The APPDRV service failed to start due to the following error: %%3

Error - 01/05/2012 6:35:44 PM | Computer Name = DELL | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 01/05/2012 6:40:19 PM | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = The APPDRV service failed to start due to the following error: %%3

Error - 02/05/2012 3:56:21 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = The APPDRV service failed to start due to the following error: %%3

Error - 02/05/2012 3:57:20 AM | Computer Name = DELL | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0013029904DD. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 02/05/2012 10:24:56 PM | Computer Name = DELL | Source = Print | ID = 19
Description = Sharing printer failed + 1722, Printer Microsoft Office Live Meeting
2007 Document Writer share name Printer2.

Error - 02/05/2012 10:25:04 PM | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = The APPDRV service failed to start due to the following error: %%3

Error - 03/05/2012 12:48:27 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = The APPDRV service failed to start due to the following error: %%3


< End of report >

Step 2
Ran Jotti

The second file is a 250MB setup file which produces a"error on page" message.

The permalink web address for the first file follows:

http://virusscan.jotti.org/en/scanresul ... a9f9cabac7

If you want me to redo any of the instructions should be no problem.
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 5th, 2012, 6:38 am

Hi frerom,

Please back up your registry with Erunt like you did before and disable both Avast and Online Armour before you attempt the following fix.

Step 1
Run OTL Script

We need to run an OTL Fix

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :otl
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
    FF - user.js - File not found
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O15 - HKU\S-1-5-21-4111410036-3936580720-2215604264-1008\..Trusted Domains: secunia.com ([psi] https in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
    
    
    
    :files
    ipconfig /flushdns /c
    C:\Documents and Settings\FAR\Desktop\cnet2_MyDefrag-v4_3_1_exe.exe 
    
    
    :commands
    [emptytemp]
    [createrestorepoint]
    [REBOOT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.


Step 2
Security Check

  • Please download Security Check by screen317 from one of the links below:
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt
  • Please post the contents of that document.


In your next reply please include:
The OTL log.
The Security Check log.
How your computer is behaving now.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 5th, 2012, 10:53 am

Hi Maxi,

Copied the OTL report on reboot but computer was slow to complete the reboot after that. I waited and it finally completed.

OTL report follows:

All processes killed
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31 removed from extensions.enabledItems
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4111410036-3936580720-2215604264-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\secunia.com\psi\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Could not flush the DNS Resolver Cache: Function failed during execution.
C:\Documents and Settings\FAR\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\FAR\Desktop\cmd.txt deleted successfully.
C:\Documents and Settings\FAR\Desktop\cnet2_MyDefrag-v4_3_1_exe.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: FAR
->Temp folder emptied: 38667419 bytes
->Temporary Internet Files folder emptied: 14033806 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 727 bytes

User: Fred
->Temp folder emptied: 8997557 bytes
->Temporary Internet Files folder emptied: 50251026 bytes
->Java cache emptied: 196100 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2016 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: HelpAssistant
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Julia
->Temp folder emptied: 347 bytes
->Temporary Internet Files folder emptied: 3520191 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 584 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5155317 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 14909034 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 104694 bytes

Total Files Cleaned = 130.00 mb

Unable to start System Restore Service. Error code 1056

OTL by OldTimer - Version 3.2.42.2 log created on 05052012_090946

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\FAR\Local Settings\Temporary Internet Files\Content.IE5\MCUVRX1Q\viewtopic[2].htm not found!

Registry entries deleted on Reboot...

Security Check

Runs slow.

The command window opened and it collected data and finally saw collecting data done.

But the window stayed open with no change in instructions.

I decided to log off and post the OTL report.

I'll try the Security Check again.
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 5th, 2012, 11:59 am

Hi Maxi,
Security check report follows,

Computer appears to be operating satisfactorily.

regards

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
Online Armor 4.0
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:

WinPatrol 2009 (Outdated! Latest version is WinPatrol 2011)
MVPS Hosts File
Secunia PSI (2.0.0.1003)
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 31
````````````````````````````````
Process Check:
objlist.exe by Laurent

WinPatrol winpatrol.exe
Tall Emu Online Armor OAcat.exe
Alwil Software Avast5 AvastSvc.exe
ALWILS~1 Avast5 avastUI.exe
BillP Studios WinPatrol winpatrol.exe
``````````End of Log````````````
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 6th, 2012, 6:42 pm

Hi frerom,

Please download Farbar's Service Scanner and run it on the computer with the issue.

Tick ALL the boxes.

Press "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.

So post the log created in your next reply.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 6th, 2012, 8:30 pm

Hi Maxi,

Online Armor makes it hard to select the tick boxes, I disabled it.
Note: I tried FSS on my desktop with Onlne Armor running and there was no problems. I posted that log after the FAR log

Farbar Service Scanner Version: 30-04-2012 01
Ran by FAR (administrator) on 06-05-2012 at 20:27:45
Running from "C:\Documents and Settings\FAR\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is set to Demand. The default start type is Auto.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(1) Gpc(6) IPSec(4) NetBT(5) OAmon(13) PSched(7) s24trans(8) Tcpip(3)



**** End of log ****





Farbar Service Scanner Version: 30-04-2012 01
Ran by Fred on 06-05-2012 at 20:03:58
Running from "C:\Documents and Settings\Fred\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is set to Demand. The default start type is Auto.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

NetBt Service is not running. Checking service configuration:
The start type of NetBt service is OK.
The ImagePath of NetBt service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.

IpSec Service is not running. Checking service configuration:
The start type of IpSec service is OK.
The ImagePath of IpSec service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.

netman Service is not running. Checking service configuration:
The start type of netman service is OK.
The ImagePath of netman service is OK.
The ServiceDll of netman service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt service is OK.
The ServiceDll of winmgmt service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".

sr Service is not running. Checking service configuration:
The start type of sr service is OK.
The ImagePath of sr service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt service is OK.
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".

cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================

PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is OK.
The ImagePath of PlugPlay service is OK.


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(1) fssfltr(2) Gpc(6) IPSec(4) NetBT(5) OAmon(8) Tcpip(3)
0x080000000400000003000000010000000800000005000000060000000700000002000000
IpSec Tag value is correct.

**** End of log ****
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 7th, 2012, 2:39 pm

Hi frerom,

Just for clarity, are those two logs from two different computers or from two different users on the same computer ?
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 7th, 2012, 3:24 pm

Hi Maxi,
It's 2 separate computers. Sorry.
Actually I forgot to mention the log "FAR" is on the computer we are scanning and I'm logged in as administrator.
The other log "Fred" I'm logged in a different computer as a Limited user.
I guess you should forget about this log, If you like I can delete it.
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 7th, 2012, 4:48 pm

Hi frerom, Your latest logs (from the computer we were working on) show no signs of Malware, However the log from your desktop has a few suspicious entries. I would urge you to open a new topic with the logs from that computer.

Please go to add/remove Programs and remove all java entries present and then follow the instructions below on how to install the latest version.
Java SE Runtime Environment (JRE).

Please download from HERE

  • Find Java SE 7u4.
  • Click the Download JRE button to the right.
  • Choose the correct Platform and Multi-language. Next, check the box that says I agree to the Java SE Runtime Environment 6 License Agreement.
  • Click the Continue button.
  • Click on the filename under Windows Offline Installation and save it to your desktop.
  • Close all active windows.
  • Install the program.




Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:



Clean up with OTL

  • Double-click OTL.exe to start the program. This will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

You can now safely remove any programs that are left on your desktop.



Create a new, clean System Restore point which you can use in case of future system problems:
  • Press Start >> All Programs >> Accessories >>System Tools >> System Restore
  • Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
  • Now remove old, infected System Restore points:
  • Next click Start >> Run and type cleanmgr in the box and press OK
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
  • Press OK and Yes to confirm

Update your AntiVirus Software and keep your other programs up-to-date
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.

Install Malwarebytes' Anti-Malware - Malwarebytes is a very good anti-Malware program. I recommend you keep this and Update and run a Quick scan with it once a week.

Malwarebytes' Anti-Malware Setup Guide

Malwarebytes' Anti-Malware Scanning Guide




Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety:

Install Web of Trust (WOT). WOT keeps you from dangerous websites with warnings and blockings.
http://www.mywot.com/

Winpatrol <= You might consider updating this program to the 2012 verson

Also, please read this great article by Tony Klein So How Did I Get Infected In First Place

Happy surfing and stay clean!
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 8th, 2012, 2:29 pm

Hi Maxi,
Computer is great. Thank you very much.
I followed your recommendations with no problems.
I also ran defrag and check disk including the F option.
I will make a request for a check of the other computer.
The Autocad Lt still doesn't launch but I believe it is a license issue. I have contacted Autodesk.
You may consider this issue closed.
Thanks again
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 8th, 2012, 6:28 pm

Your very welcome :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 132 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware