Generic Host Processes for Win32 Services error - Virus, Trojan, Spyware, and Malware Removal Help (2023)

Thank you for your post Gringo; I look forward to working with you and appreciate your time. I had no problems with these:

DDS (Ver_10-03-17.01) - NTFSx86
Run by Denise at 10:57:27.13 on Sun 07/18/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.431 [GMT -4:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\NOVA Development\MediaNow CD & DVD Burning Suite\PowerDVD\PDVDServ.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Desksware\Desktop iCal\Calendar.exe
C:\Program Files\NOVA Development\MediaNow CD & DVD Burning Suite\Power2Go\Power2GoExpress.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Documents and Settings\Denise\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://
uSearch Page =
uDefault_Page_URL = hxxp://
uSearch Bar =
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [iCalendar] c:\program files\desksware\desktop ical\Calendar.exe
uRun: [Power2GoExpress] "c:\program files\nova development\medianow cd & dvd burning suite\power2go\Power2GoExpress.exe" /Startup
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [RemoteControl] "c:\program files\nova development\medianow cd & dvd burning suite\powerdvd\PDVDServ.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe"
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\denise\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\puresp.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\denise\applic~1\mozilla\firefox\profiles\22jza867.default\
FF - prefs.js: browser.startup.homepage - hxxp://
FF - prefs.js: keyword.URL - hxxp://
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPUploader.dll
FF - plugin: c:\program files\musicnotes\npmusicn.dll
FF - plugin: c:\program files\musicnotes\NPSibelius.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

(Video) How to Remove ANY Virus from Windows 10 in ONE STEP in 2021

FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\drivers\CLBStor.sys [2009-10-4 10368]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-12-30 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-12-30 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-15 40384]
R2 CLBUDF;CyberLink UDF Filesystem;c:\windows\system32\drivers\CLBUDF.sys [2009-10-4 182272]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-8-22 54752]
R2 PermissionTVDownloadManager;PermissionTV Download Manager Service;c:\progra~1\permis~1\bin\dm.exe [2009-4-19 213053]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-7 24652]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-15 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-15 40384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-2 136176]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

=============== Created Last 30 ================

2010-07-18 14:46:140----a-w-c:\documents and settings\denise\defogger_reenable
2010-07-12 03:32:280dc----w-c:\docume~1\alluse~1\applic~1\{65893B95-F47B-4483-B883-86BA181E9B54}
2010-07-12 01:21:040d-----w-c:\docume~1\denise\applic~1\MSNInstaller
2010-07-08 20:01:27223----a-w-c:\documents and settings\denise\fix.bat
2010-07-06 01:59:380d-----w-c:\windows\system32\wbem\Repository
2010-07-05 03:01:010d-----w-c:\program files\Spybot - Search & Destroy
2010-07-05 03:01:010d-----w-c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-06-29 18:20:0138848----a-w-c:\windows\avastSS.scr
2010-06-26 13:58:080d-----w-c:\docume~1\alluse~1\applic~1\Toolbar4
2010-06-26 13:57:240d-----w-c:\program files\FLV Direct Player

==================== Find3M ====================

2010-06-29 01:05:0754044---ha-w-c:\windows\system32\mlfcache.dat
2010-06-03 02:41:443600384----a-w-c:\windows\system32\GPhotos.scr
2010-05-04 12:39:2770656------w-c:\windows\system32\dllcache\ie4uinit.exe
2010-05-04 12:39:2713824------w-c:\windows\system32\dllcache\ieudinit.exe
2010-05-02 05:22:501851264----a-w-c:\windows\system32\win32k.sys
2010-05-02 05:22:501851264------w-c:\windows\system32\dllcache\win32k.sys
2010-04-20 05:30:08285696----a-w-c:\windows\system32\atmfd.dll
2010-04-20 05:30:08285696------w-c:\windows\system32\dllcache\atmfd.dll
2008-12-28 22:47:4816410637----a-w-c:\program files\YamiPod.exe
2005-09-27 02:39:0456--sh--r-c:\windows\system32\D7C9B72073.sys
2010-03-18 03:04:302516--sha-w-c:\windows\system32\KGyGaAvL.sys
2009-03-31 23:17:3032768--sha-w-c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009033120090401\index.dat

============= FINISH: 10:58:31.49 ===============


(Video) How to Remove Trojan Virus from Windows?

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 7/13/2005 9:52:55 PM
System Uptime: 7/18/2010 7:55:26 AM (3 hours ago)

Motherboard: Dell Computer Corp. | | 0TC667
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 71 GiB total, 9.922 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 466 GiB total, 368.883 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1033: 6/14/2010 4:06:29 AM - System Checkpoint
RP1034: 6/15/2010 5:06:32 AM - System Checkpoint
RP1035: 6/15/2010 3:25:47 PM - Installed Java™ 6 Update 20
RP1036: 6/16/2010 4:47:44 PM - System Checkpoint
RP1037: 6/17/2010 4:53:16 PM - System Checkpoint
RP1038: 6/18/2010 4:54:16 PM - System Checkpoint
RP1039: 6/19/2010 5:53:14 PM - System Checkpoint
RP1040: 6/20/2010 6:00:04 PM - System Checkpoint
RP1041: 6/21/2010 6:53:17 PM - System Checkpoint
RP1042: 6/24/2010 9:57:56 AM - System Checkpoint
RP1043: 6/25/2010 3:00:25 AM - Software Distribution Service 3.0
RP1044: 6/26/2010 3:35:40 AM - System Checkpoint
RP1045: 6/27/2010 4:35:42 AM - System Checkpoint
RP1046: 6/28/2010 5:35:42 AM - System Checkpoint
RP1047: 6/29/2010 12:16:17 PM - System Checkpoint
RP1048: 6/30/2010 1:49:34 PM - System Checkpoint
RP1049: 7/1/2010 2:36:02 PM - System Checkpoint
RP1050: 7/2/2010 3:31:48 PM - System Checkpoint
RP1051: 7/3/2010 4:33:13 PM - System Checkpoint
RP1052: 7/5/2010 9:56:24 PM - Restore Operation
RP1053: 7/6/2010 5:01:31 PM - Removed Nancy Drew: The Haunted Carousel
RP1054: 7/6/2010 5:01:56 PM - Removed QuickBooks Simple Start Online Edition

==== Installed Programs ======================


Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 7.1.0
Adobe Shockwave Player
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arcade Master
ArcSoft Panorama Maker 3
avast! Free Antivirus
Balloon Kaboom
Balloon Kaboom Challenge
Blast Thru Special Edition
Block Rox
Boa Constricter
Bowling Mania Special Edition
Brain Twister
Camera Support Core Library
Camera Window DS
Camera Window DVC
Camera Window MC
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DS for ZoomBrowser EX
Canon Camera Window MC 5 for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities PhotoStitch 3.1
Canon ZoomBrowser EX
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
CyberLink InstantBurn
Dart Mania
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Picture Studio v3.0
Dell System Restore
Demonstar Special Edition
Desktop iCalendar Lite 1.1.0
Diamond Fall
Disney's Magic Artist
FLV Direct Player
Foto Breakout
Gonzo Heads
Google Earth Plug-in
Google Update Helper
Holiday Screen Saver
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections
Internet Explorer Default Page
J2SE Runtime Environment 5.0 Update 7
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java Auto Updater
Java™ 6 Update 20
Jewel Jam Special Edition
Junk Mail filter update
Kombat Kars Special Edition
LabelPrint 2.0
Leap And Croak
Learn2 Player (Uninstall Only)
Lexmark Supplies Monitor
Lexmark Z25-Z35
Macromedia Flash Player
Master of Dwarves
Max Mix Foto
Maze Cube
MediaNow CD & DVD Burning Suite
MediaShow 3.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Search Enhancement Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mini Golf Special Edition
MobileMe Control Panel
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox (3.6.6)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicmatch® Jukebox
Musicnotes Software Suite 1.4
myFairTunes v.7.0.2c
Nebula Fighter Special Edition
Nikon Message Center
Node Jumper Special Edition
Norton Internet Security 2005 (Symantec Corporation)
Oxide Special Edition
PermissionTV Carnegie Library of Pittsburgh Player 3.15
PermissionTV Download Manager
Picasa 3
PictureProject In Touch 1.0
PictureProject In Touch Downloader 1.0
Power2Go 5.0
PowerBackup 2.5
PowerDVD Copy 1.0
Pure Networks Network Magic
Qualxserve Service Agreement
RAW Image Task
Rifle Range
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Segoe UI
Snake Arena Special Edition
Speedy Eggbert Special Edition
Spybot - Search & Destroy
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WebFldrs XP
Wild Wheels Special Edition
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
WordPerfect Office 12
WordPerfect Office ProductCode 1 Key
WordPerfect OfficeReady

==== Event Viewer Messages From Past Week ========

7/18/2010 7:58:51 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
7/15/2010 12:26:56 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer ',0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/15/2010 10:30:26 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service iPod Service with arguments "-Service" in order to run the server: {7A7FB085-6068-4898-8CCA-480A9187277C}
7/12/2010 9:19:33 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service iPod Service with arguments "-Service" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
7/12/2010 9:19:05 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume F:.
7/12/2010 9:19:05 PM, error: NetBT [4311] - Initialization failed because the driver device could not be created.
7/12/2010 9:19:05 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
7/12/2010 9:19:05 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
7/12/2010 12:29:41 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
7/12/2010 1:58:30 PM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
7/11/2010 6:12:51 PM, error: Service Control Manager [7000] - The Pure Networks Network Magic Service service failed to start due to the following error: The system cannot find the path specified.

==== End Of File ===========================


RkU Version: 3.8.388.590, Type LE (SR2)
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2189952 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2189952 bytes
0x804D7000 RAW 2189952 bytes
0x804D7000 WMIxWDM 2189952 bytes
0xBF800000 Win32k 1851392 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF6B54000 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 1302528 bytes (Intel Corporation, Intel Graphics Miniport Driver)
0xF69D2000 C:\WINDOWS\system32\DRIVERS\IntelC51.sys 1208320 bytes (Intel Corporation, Modem DSP Driver)
0xBF077000 C:\WINDOWS\System32\ialmdd5.DLL 925696 bytes (Intel Corporation, DirectDraw® Driver for Intel® Graphics Technology)
0xF67EC000 C:\WINDOWS\system32\drivers\senfilt.sys 733184 bytes (Creative Technology Ltd., Creative WDM Audio Driver)
0xF693D000 C:\WINDOWS\system32\DRIVERS\IntelC52.sys 610304 bytes (Intel Corporation, Modem CP Driver)
0xF73C4000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xEE4F5000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6736000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xEE5DA000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xED7D4000 C:\WINDOWS\system32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xED293000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF68C3000 C:\WINDOWS\system32\drivers\smwdm.sys 262144 bytes (Analog Devices, Inc., SoundMAX Integrated Digital Audio )
0xBF042000 C:\WINDOWS\System32\ialmdev5.DLL 217088 bytes (Intel Corporation, Component GHAL Driver)
0xF6794000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF7508000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xEE313000 C:\WINDOWS\System32\Drivers\CLBUDF.SYS 184320 bytes (CyberLink Corporation., UDF File System Driver (Windows2000))
0xEDB66000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF7397000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xEC94A000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xEE565000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xEE5B2000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xEE4A8000 C:\WINDOWS\System32\Drivers\aswSP.SYS 159744 bytes (ALWIL Software, avast! self protection module)
0xF74B2000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xF6917000 C:\WINDOWS\system32\DRIVERS\e100b325.sys 155648 bytes (Intel Corporation, Intel® PRO/100 Adapter NDIS 5.1 driver)
0xEE4CF000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xED03F000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF689F000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6B1C000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF6AF9000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xEE590000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xBF020000 C:\WINDOWS\System32\ialmdnt5.dll 139264 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0x806EE000 ACPI_HAL 131840 bytes
0x806EE000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF747A000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF74D8000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF737D000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF749A000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xEE0E3000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (ALWIL Software, avast! File System Filter Driver for Windows XP)
0xF7451000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF67D5000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xEDB51000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6903000 C:\WINDOWS\system32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xF6B40000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xEE633000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF7468000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF74F7000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF67C4000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xEE302000 C:\WINDOWS\System32\Drivers\Udfs.SYS 69632 bytes (Microsoft Corporation, UDF File System Driver)
0xF77C7000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF7667000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7647000 C:\WINDOWS\system32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xF7687000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7627000 C:\WINDOWS\system32\DRIVERS\IntelC53.sys 61440 bytes (Intel Corporation, Modem AFE Driver)
0xF7677000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xEDD6B000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF7737000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xBF012000 C:\WINDOWS\System32\ialmrnt5.dll 57344 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0xF7597000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF7637000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF76B7000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF7577000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF77A7000 C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 49152 bytes (Microsoft Corporation, Family Safety Filter Driver (TDI))
0xF76C7000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF7787000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF7657000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF7567000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF7777000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF7757000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (ALWIL Software, avast! TDI Filter Driver)
0xF7557000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF7717000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF76E7000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF7587000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF75F7000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF76D7000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF7767000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xED893000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF75A7000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF7797000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF793F000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF7887000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF792F000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7947000 C:\WINDOWS\system32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0xF77D7000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF786F000 C:\WINDOWS\system32\DRIVERS\usbprint.sys 28672 bytes (Microsoft Corporation, USB Printer driver)
0xF7867000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF7897000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (ALWIL Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF795F000 C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF794F000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7937000 C:\WINDOWS\system32\DRIVERS\mohfilt.sys 24576 bytes (Intel Corporation, Filter Driver to Support Modem-on-Hold)
0xF7957000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7927000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF7877000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7837000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (ALWIL Software, avast! TDI RDR Driver)
0xF787F000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF77DF000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7857000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF785F000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF784F000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF78AF000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xEE39C000 C:\WINDOWS\system32\DRIVERS\asyncmac.sys 16384 bytes (Microsoft Corporation, MS Remote Access serial network driver)
0xF7338000 C:\WINDOWS\system32\drivers\MODEMCSA.sys 16384 bytes (Microsoft Corporation, Unimodem CSA Filter)
0xF7A23000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xEE656000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7A47000 C:\WINDOWS\system32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xF797B000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (ALWIL Software, avast! File System Access Blocking Driver)
0xF7967000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF796B000 CLBStor.sys 12288 bytes (Cyberlink Co.,Ltd., Cyberlink Storage Helper Driver (WindowsNT5.x))
0xEE692000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF7328000 C:\WINDOWS\System32\Drivers\i2omgmt.SYS 12288 bytes (Microsoft Corporation, I2O Utility Filter)
0xF7A07000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7324000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7A75000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7A5D000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7AD1000 C:\WINDOWS\system32\DRIVERS\dsunidrv.sys 8192 bytes (Gteko Ltd., GUniDriver)
0xF7A73000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7A5B000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF7A57000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7A77000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7A7B000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7A69000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7A6D000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7A59000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7BDF000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7B47000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7C10000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7B1F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
!!!!!!!!!!!Hidden driver: 0x86BBDAEA ?_empty_? 1302 bytes
0x86BBDEC5 unknown_irp_handler 315 bytes
!!!!!!!!!!!Hidden driver: 0x86D932C0 ?_empty_? 0 bytes
0xF749A000 WARNING: suspicious driver modification [atapi.sys::0x86BBDAEA]
0xF7667000 WARNING: Virus alike driver modification [cdrom.sys], 65536 bytes

end of RKUnhooker

MBR check:

MBRCheck, version 1.1.1

(Video) Fix Generic Host For Win32 and Svchost.exe.error

© 2010, AD

\\.\C: --> \\.\PhysicalDrive0

\\.\F: --> \\.\PhysicalDrive1

Size Device Name MBR Status


74 GB \\.\PhysicalDrive0 Dell MBR code detected

465 GB \\.\PhysicalDrive1 Error reading raw MBR!

Done! Press ENTER to exit...


How do I fix Generic Host process for win32 Services? ›

  1. Start - Run - type 'netsh'
  2. in command promt type 'winsock' press enter.
  3. then type 'reset' and press enter...
16 Jan 2010

How do I know if Svchost is infected? ›

Is svchost.exe safe? 5 easy ways to see if svchost.exe is safe or malware.
  1. See who signed the svchost.exe (check the publisher)
  2. Scan svchost.exe with Windows Security.
  3. Check the network activity of svchost.exe.
  4. Analyze svchost.exe with VirusTotal.
  5. Run it in Windows Sandbox.

What does svchost virus do? ›

Svchost.exe actually stands for "service host," and it is a file used by many Windows applications. Despite this, it often is mistaken as a virus because malware authors have been known to attach malicious files to the svchost.exe service to prevent detection.

How do I get rid of Win32 application error? ›

Steps to Fix “not a valid Win32 application” issue
  1. Re-register Shell32. ...
  2. Fix it using FixExec Tool (Automatically) ...
  3. Make sure the file is not corrupted – Download the File Once Again. ...
  4. Install File with Administrator Rights. ...
  5. Install File using Windows Compatible Mode. ...
  6. IDE Controller is Improperly Configured.

Can I turn off host process for Windows Services? ›

Can I Disable It? No, you can't disable Host Process for Windows Tasks. And you wouldn't want to anyway. It's essential for being able to load DLL-based services onto your system and, depending on what you've got running, disabling Host Process for Windows Tasks could break any number of things.

What happens if I delete Service Host? ›

What happens if I delete svchost.exe? If you delete a legitimate svchost.exe Microsoft Windows executable file, your computer may stop working properly.

How do I force remove a virus? ›

How to remove a virus from a PC
  1. Download antivirus software. There are two main types of antivirus software that can detect and remove computer viruses and malware: real-time and on-demand. ...
  2. Run a virus scan. ...
  3. Delete or quarantine infected files. ...
  4. Restart your computer.
14 Mar 2022

Should I delete Service Host? ›

However, you shouldn't remove the legitimate svchost.exe, as these files are important and integral to Windows operations, and removing them might cause unnecessary disruptions. Also, the system most likely won't allow you to remove them.

Is svchost.exe Trojan? ›

svchost.exe is the name of a genuine Windows process, however, criminals might use it to disguise malware. To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.

How can I tell if an EXE is a virus? ›

5 simple ways to check if an .exe file is safe.
  1. Check it with Windows itself.
  2. Upload the file to VirusTotal.
  3. Who is the publisher?
  4. Run it in Windows Sandbox.
  5. Check the .exe's network activity for suspicious behavior.
19 Nov 2021

Why are there so many service hosts running? ›

There are usually many instances of svchost.exe running because Windows requires numerous services to operate correctly. If you've ever browsed through Task Manager, you may have wondered why there are so many Service Host processes running. You can't kill them, and you sure didn't start them.

Why do I have multiple svchost.exe processes running? ›

More often than not, Svchost is being used by Windows and multiple instances are normal because many services utilize it. Worst-case scenario, the file is infected with a virus, the last thing you need on your computer.

Is Win32 Trojan a virus? ›

Trojan. Win32 is a file installed by rogue anti-spyware program. This is caused by a malicious software engineered by internet hackers which when installed generates a pop up message.
Win32 Trojan Virus - How to Remove.
Microsofts Spyware Fight & How to Erase Hard Drive Completely
VOIP security guide
Remove Spyware and Adware Now
18 more rows

Can Windows Defender remove trojan Win32? ›

Can Windows Defender remove Trojans? Thanks for the A2A. It can, it is just not that great. Zemana and Malwarebytes are just anti malware programs, they are not supposed to be used as your main antivirus program.

Is Win32 Trojan Gen a virus? ›

"win32:trojan-gen exe" is a fairly generic warning about an executable program (exe) that could be malware, but has not yet actually been run, nor done any harm, yet.

What Windows services should I disable? ›

12 Windows 10 Services That Are Safe to Disable
  • Disable Windows Defender. ...
  • Windows Mobile Hotspot Service. ...
  • Print Spooler. ...
  • Fax Service. ...
  • Downloaded Maps Manager. ...
  • Windows 10 Security Center. ...
  • Certificate Propagation Service. ...
  • Universal Telemetry Client (UTC)
1 Sept 2022

Should I disable Windows host process on startup? ›

The official Windows Rundll32.exe is safe and cannot harm your computer; there is no need to remove it or stop the process from running. Rundll32.exe is a critical Windows process that launches other 32-bit DLLs that reside on your computer.

Why is Service Host network using so much network? ›

Service Host Network Service high disk or network usage can be caused by the infection of malware or viruses. In this case, you had better scan your device using Windows Defender. Step 1. Go to Settings > Update & Security > Windows Security > Virus & threat protection.

Is Service Host network service a virus? ›

Is svchost.exe (netsvcs) a virus? The svchost.exe (netsvcs) process itself is not a virus, malware, or dangerous application. It is a verified Windows file that's required for your operating system to function. However, in most cases, the high resource usage of svchost.exe is caused by malware or unwanted application.

Can I delete host app service? ›

If you have not moved it, it should be in the lower-left corner of your computer screen. – Type in the word “uninstall.” – Then click Remove or Add programs. – Click on the program, then uninstall it.

What happens if you don't remove a virus? ›

Removing a Computer Virus

If you do not completely eliminate the program, it may also reinstall itself at the next system reboot. In some cases, viruses play nasty tricks like invading the registry of a Windows system. Removing the wrong line in this database can then cause the entire system to fail.

How do you remove a virus from a PC without an antivirus? ›

How to Remove Virus from Laptop Without Antivirus
  1. Use Task Manager to Get Rid of the Virus.
  2. Use Command Prompt to remove the computer viruses.
  3. Check newly installed software and applications.
  4. Use Safe Mode to delete the virus.
28 Mar 2022

Why can't I remove a virus? ›

If a virus continues to re-infect your system, however, it could be a sign of a more serious problem. If your virus scanner cannot even delete the infected programs, you may be suffering a rootkit infection, and it may have compromised your entire network.

What is running under svchost? ›

Svchost.exe is a process that hosts other Windows services that perform various system functions. There can be multiple instances of svchost.exe running on your computer, with each instance containing a different service.

Can you get hacked from an EXE file? ›

One of the most common tricks used by hackers is to get unsuspecting users to click on a malicious .exe file which leads to malware being downloaded onto a computer. They're usually sent to you as an email attachment with the email offering some form of compelling inducement to get you to open the attachment.

Where is the suspicious app on Windows? ›

Check for spyware in StartUp by typing Msconfig in the Windows search bar. If you notice any suspicious software running in StartUp consuming a substantial amount for memory, temporarily terminate its process. If you're unsure what the program is, search for it online.

Does exe always mean virus? ›

An .exe file can be a virus, but that is certainly not true for all of them. In fact, the majority are safe to use or even necessary for your Windows system to run. It all depends on what is in an .exe file. Basically .exe files are programs that have been translated into machine code (compiled).

Can I end all Service Host? ›

#1) Press the “Windows+R” button from your keyboard and type “MSConfig“. #2) A window will open, click on “Selective startup” and uncheck “Load startup items“. #3) Click on “Services” and then click on “Hide all Microsoft services“. Click on “Disable all” to disable all services at the time of Boot.

How many processes should be running on Windows 10? ›

Windows 10 will average at some 100–150 processes when no other software is installed, so long as you meet the recommended specifications in terms of RAM capacity.

What processes should I end in task manager? ›

End these Windows task manager processes to make your PC run...
  • How to open Task Manager. Opening your task manager in Windows is super easy. ...
  • End ctfmon.exe. ...
  • End OneDrive.exe. ...
  • End LockApp.exe. ...
  • End NewsAndInterests.exe. ...
  • End GrooveMusic.exe. ...
  • There's one more thing you can do. ...
  • Read More.
8 Sept 2022

Is host process for Windows Services a virus? ›

As mentioned before, Host Process for Windows Tasks is a core Windows process. Normally it can't be a virus. But, it is also possible that a virus may disguise itself as the Host Process for Windows Tasks on your PC.

How do I enable host process for Windows Services? ›

You can refer to these steps:
  1. Press Windows key + X, select “task manager'.
  2. In the task manager, click on the Processes tab.
  3. Under 'Windows processes' you might find several instance of 'Svchost.exe'.
  4. Check which of the instance is consuming high data and expand that 'svchoste.exe' process.

What are Win32 services? ›

Alternatively referred to as the Windows API and WinAPI, Win32 is the main set of Microsoft Windows APIs used for developing 32-bit applications. These APIs are responsible for functions in the following categories: Administration and Management - Install, configure, and service applications or systems.

What is generic host? ›

The Generic Host can be used with other types of . NET applications, such as Console apps. A host is an object that encapsulates an app's resources and lifetime functionality, such as: Dependency injection (DI) Logging.

How do you tell if a process is a virus? ›

3 Ways to Tell if the Exe of a Windows Process Is Safe
  1. Scan the EXE with an Antivirus. Perhaps one of the quickest ways to tell if a file is a virus is by scanning it with your antivirus. ...
  2. Scan the EXE With VirusTotal. Another way to find out if the EXE is legit is to scan it with VirusTotal. ...
  3. Check the Certificate.
22 Jan 2022

Which Windows services are safe to disable? ›

12 Windows 10 Services That Are Safe to Disable
  • Disable Windows Defender. ...
  • Windows Mobile Hotspot Service. ...
  • Print Spooler. ...
  • Fax Service. ...
  • Downloaded Maps Manager. ...
  • Windows 10 Security Center. ...
  • Certificate Propagation Service. ...
  • Universal Telemetry Client (UTC)
1 Sept 2022

What is the use of host process for Windows Services? ›

It is also used by Windows itself to fetch data from the internet. This process is also known as 'scvhost.exe'. It is classified as a process on your computer that hosts or contains other individual services. There can also be multiple instances of this process running at the same time on your computer.

What is host process for setting? ›

Host Process for Setting Synchronization (SettingSynchHost.exe) is a process which synchronizes all your system settings with your other devices. the process is responsible for synchronizing all devices with system settings.

Is Win32 a virus? ›

Summary. Virus:Win32/Xpaj is a family of viruses that spread by infecting local files and removable and network drives.

Is Win32 malware Gen a virus? ›

When your anti-virus program warns you that it detected Win32:Malware-gen on your computer, it indicates that a 32-bit file on your Windows PC may be malicious. Win32:Malware-gen might sometimes indicate false positive. But in most cases, it the file identified as Win32:Malware-gen is really a virus.

What does Win32 error mean? ›

This error can be generated by a file that is a virus, worm, trojan, or another malware file. Often, this is caused because the virus scanner installed in the computer does not allow the file to be installed or run. Try scanning the file to verify it is not a virus or infected with a virus.

What is Generic host and Web Host? ›

As name suggests Web host can be used only for HTTP (eg tied for web application) only but generic host, which has been introduced in . Net core 3.0, can be used for Console application as well. Though the Generic host got included in . NET core 2.1 it was only used for non HTTP workloads.

What is generic host in .NET Core? ›

NET Generic Host in ASP.NET Core. The ASP.NET Core templates create a WebApplicationBuilder and WebApplication, which provide a streamlined way to configure and run web applications without a Startup class. For more information on WebApplicationBuilder and WebApplication , see Migrate from ASP.NET Core 5.0 to 6.0.

How do I stop RunConsoleAsync? ›

The final step is to call RunConsoleAsync on the HostBuilder which builds and starts the application. It will then keep running until CTRL+C is used to trigger it to shutdown.


1. Completely Remove win32/Spy.Zbot.ABC From your PC
(Tee Wang)
2. Computers Programs & Accessories : How to Get Rid of Adware.Win32
3. ThreatFire vs Trojan.Win32.Filecoder.c Dedection Problem
4. How to Remove Virus from Windows 11
5. Adware:Win32/FastSaveApp Virus - Manual Removal
6. Uninstall Trojan.Win32.Jorik.Kbot.j From Win (XP/Vista/7/8/10)
(RMV Tutorials)
Top Articles
Latest Posts
Article information

Author: Corie Satterfield

Last Updated: 03/30/2023

Views: 5542

Rating: 4.1 / 5 (62 voted)

Reviews: 85% of readers found this page helpful

Author information

Name: Corie Satterfield

Birthday: 1992-08-19

Address: 850 Benjamin Bridge, Dickinsonchester, CO 68572-0542

Phone: +26813599986666

Job: Sales Manager

Hobby: Table tennis, Soapmaking, Flower arranging, amateur radio, Rock climbing, scrapbook, Horseback riding

Introduction: My name is Corie Satterfield, I am a fancy, perfect, spotless, quaint, fantastic, funny, lucky person who loves writing and wants to share my knowledge and understanding with you.