newbie111

My browser is now Waterfox with Ghostery per your suggestion. Waterfox is a varient of Firefox.I'll look into NoScript but may old off for now. Thanks, again Ron. I know why I have Malwarebytes premium. Bob

It's the best its been in months. My gigablast is working without hangups! Thanks, Ron

Thanks again ron I've deleted a lot of Bloatware and added Ghostery. I ran CHKDSK as suggested. I can't find the logfile on my desktop but found it on a search which shows it on my desktop? Below is a copy of the file. Bob TimeCreated : 8/11/2019 11:46:26 AM Message : Checking file system on C: The type of the file system is NTFS. Volume label is OS. A disk check has been scheduled. Windows will now check the disk. Stage 1: Examining basic file system structure ... 768512 file records processed. File verification completed. 8728 large file records processed. 0 bad file records processed. Stage 2: Examining file name linkage ... 1649 reparse records processed. 909446 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered to lost and found. 1649 reparse records processed. Stage 3: Examining security descriptors ... Cleaning up 10 unused index entries from index $SII of file 0x9. Cleaning up 10 unused index entries from index $SDH of file 0x9. Cleaning up 10 unused security descriptors. Security descriptor verification completed. 70468 data files processed. CHKDSK is verifying Usn Journal... 2537880 USN bytes processed. Usn Journal verification completed. Windows has scanned the file system and found no problems. No further action is required. 959858495 KB total disk space. 122082636 KB in 371606 files. 159260 KB in 70469 indexes. 0 KB in bad sectors. 874367 KB in use by the system. 65536 KB occupied by the log file. 836742232 KB available on disk. 4096 bytes in each allocation unit. 239964623 total allocation units on disk. 209185558 allocation units available on disk. Internal Info: 00 ba 0b 00 b4 be 06 00 a2 ca 07 00 00 00 00 00 ................ 00 03 00 00 71 03 00 00 00 00 00 00 00 00 00 00 ....q........... Windows has finished checking your disk. Please wait while your computer restarts. TimeCreated : 8/11/2019 11:03:59 AM Message : Checking file system on C: The type of the file system is NTFS. Volume label is OS. A disk check has been scheduled. Windows will now check the disk. Stage 1: Examining basic file system structure ... Cleaning up instance tags for file 0x22028. Cleaning up instance tags for file 0x3968c. 768512 file records processed. File verification completed. 8733 large file records processed. 0 bad file records processed. Stage 2: Examining file name linkage ... 1655 reparse records processed. 909350 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered to lost and found. 1655 reparse records processed. Stage 3: Examining security descriptors ... Cleaning up 10290 unused index entries from index $SII of file 0x9. Cleaning up 10290 unused index entries from index $SDH of file 0x9. Cleaning up 10290 unused security descriptors. CHKDSK is compacting the security descriptor stream Security descriptor verification completed. 70420 data files processed. CHKDSK is verifying Usn Journal... Usn Journal verification completed. Correcting errors in the Volume Bitmap. Windows has made corrections to the file system. No further action is required. 959858495 KB total disk space. 121704700 KB in 370496 files. 158968 KB in 70423 indexes. 0 KB in bad sectors. 871803 KB in use by the system. 65536 KB occupied by the log file. 837123024 KB available on disk. 4096 bytes in each allocation unit. 239964623 total allocation units on disk. 209280756 allocation units available on disk. Internal Info: 00 ba 0b 00 2e ba 06 00 1c c6 07 00 00 00 00 00 ................ 06 03 00 00 71 03 00 00 00 00 00 00 00 00 00 00 ....q........... Windows has finished checking your disk. Please wait while your computer restarts.

I removed a lot of programs which I never use and found others that I don't know about. I found McAfee Antivirus and removed it. Should I send you a list of programs or apps that I don't know if they can be removed?

Thanks, I went to startup apps and found 15. I turned them all off and restarted the computer and 6 aps had again turned on, some of which I know I don't need at startup. How do I turn these off? I have 2 antivirus programs, Malwarebytes premium and Avast Pro. Should I remove Avast Pro? I'll search the computer for other programs that I can remove.

Thanks, Ron I entered CHKDSK in Cortana and CHKDSK showed up. I ran it as administrator. A black screen showed up and it ran several things then closed down. I don't know if this is right. Is there anything else for me to do to run this the way you want me to? The computer is still running slow. Bob

I've run the tool and I hope that I did this right. mbst-grab-results.zip

Since I installed Cox Gigablast and purchased Surfboard DOCSIS 3.1 modem and added Linksys AC1200 Router I intermittently got 94+ Mbps downloads speed. But after surfing the internet my speed went down to 10 Mbps. I had to restart the computer to get speed back up. But now the computer just runs extremely slow and wont open emails easily.I have the Premimum version of Malwarebytes. I also have Avast, Ccleaner and Spywareblaster. None show a virus. What could be wrond with my computer. Thanks newbie111.

Thanks for the reply. I wasn't notified of this post.

So I've had 45 views and no responses. I still don't know if I'm infected and can't open a program that I want to run. Any help is appreciated.

I opened a program which I haven't used for 1 month and Avast! stopped the program from opening and sent it to the Quarentine Virus Chest, I can't past a screen shot. I did this twice and the virus names were slightly different and I couldn't find anything on these viruses on a google search. Virus name GLB3E03.tmp and GLBBEF3.tmp. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16526 Run by Dr Minow Dell 8300 at 17:22:24 on 2013-12-18 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12270.9939 [GMT -8:00] . AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Program Files (x86)\Soda PDF 5\HelperService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\WUDFHost.exe C:\Windows\System32\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\SugarSync\SugarSync.exe C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe C:\Windows\System32\wiawow64.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\splwow64.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Soda PDF 5 IE Helper: {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Soda PDF 5 IE Toolbar: {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [sugarSync] "C:\Program Files (x86)\SugarSync\SugarSync.exe" -startInTray -usedelay=true mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\e476afbe-8f49-4206-93d5-6a45ee50c6bf.exe /check mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANSN~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: &ieSpell Options - C:\Program Files\ieSpell\ieSpell.dll/SPELLOPTION.HTM IE: Check &Spelling - C:\Program Files\ieSpell\ieSpell.dll/SPELLCHECK.HTM IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\ieSpell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\ieSpell.dll/SPELLOPTION.HTM IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.254 TCP: Interfaces\{D350710D-241D-4AA8-AEF8-FF2535C5FD7C} : DHCPNameServer = 192.168.1.254 Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64 x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon x64-Run: [Onboard] C:\Program Files\Western Digital\WD SmartWare\BackupTask.exe /Onboard "C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe" x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll x64-STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Dr Minow Dell 8300\AppData\Roaming\Mozilla\Firefox\Profiles\1bui9urv.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - ExtSQL: 2013-11-22 14:40; info@priceblink.com; C:\Users\Dr Minow Dell 8300\AppData\Roaming\Mozilla\Firefox\Profiles\1bui9urv.default\extensions\info@priceblink.com.xpi FF - ExtSQL: 2013-11-22 14:44; nosquint@urandom.ca; C:\Users\Dr Minow Dell 8300\AppData\Roaming\Mozilla\Firefox\Profiles\1bui9urv.default\extensions\nosquint@urandom.ca.xpi FF - ExtSQL: 2013-11-26 15:26; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF FF - ExtSQL: 2013-12-14 11:30; FFSodaPDF5Converter@sodapdf.com; C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-18 65776] R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-4-18 205320] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-4-18 55856] R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-9-22 22600] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-4-18 1032416] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-4-18 409832] R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-4-18 30752] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-4-18 38984] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-4-18 84328] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-26 50344] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-17 13592] R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-12-14 1168960] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-14 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-14 682344] R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2013-12-14 82160] R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704] R2 Soda PDF 5 Helper Service;Soda PDF 5 Helper Service;C:\Program Files (x86)\Soda PDF 5\HelperService.exe [2012-12-7 1236824] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-4-12 231440] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-4-12 317440] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2013-4-12 406056] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-14 24176] R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456] R3 SSCBFS3;SugarSync CallBack File System driver v3;C:\Windows\System32\drivers\sscbfs3.sys [2013-5-30 347904] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 Soda PDF 5 Service;Soda PDF 5 Service;C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [2012-12-7 874328] S2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-4-22 1042808] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-18 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-15 56832] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-4-18 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-18 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-12 204288] S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656] S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632] S4 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504] S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680] S4 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-4-22 270192] . =============== Created Last 30 ================ . 2013-12-18 15:00:05 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BB359BD-1438-4071-BC06-B73E2FCB320B}\offreg.dll 2013-12-17 11:03:05 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BB359BD-1438-4071-BC06-B73E2FCB320B}\mpengine.dll 2013-12-14 20:54:31 2155152 ----a-w- C:\Windows\System32\Incinerator64.dll 2013-12-14 20:54:30 2097984 ----a-w- C:\Windows\SysWow64\Incinerator32.dll 2013-12-14 20:54:27 82160 ----a-w- C:\Windows\System32\drivers\PDFsFilter.sys 2013-12-14 20:54:27 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe 2013-12-14 20:54:27 26184 ----a-w- C:\Windows\System32\smrgdf.exe 2013-12-14 20:54:27 -------- d-----w- C:\ProgramData\ioloGovernor 2013-12-14 20:54:26 69000 ----a-w- C:\Windows\System32\offreg.dll 2013-12-14 20:54:26 56200 ----a-w- C:\Windows\SysWow64\offreg.dll 2013-12-14 20:54:26 -------- d-----w- C:\Users\Dr Minow Dell 8300\AppData\Roaming\ioloGovernor 2013-12-14 20:54:26 -------- d-----w- C:\Program Files (x86)\iolo 2013-12-14 20:42:51 -------- d-----w- C:\Windows\SysWow64\spool 2013-12-14 20:42:51 -------- d-----w- C:\Users\Dr Minow Dell 8300\AppData\Local\Sony 2013-12-14 20:42:51 -------- d-----w- C:\Program Files (x86)\Sony 2013-12-14 20:30:18 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2013-12-14 20:30:18 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2013-12-14 20:30:18 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2013-12-14 20:30:17 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2013-12-14 20:26:55 -------- d-----w- C:\Windows\Migration 2013-12-14 20:09:10 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat 2013-12-14 20:09:10 -------- d-----w- C:\Users\Dr Minow Dell 8300\AppData\Roaming\iolo 2013-12-14 20:09:10 -------- d-----w- C:\ProgramData\iolo 2013-12-14 19:35:31 -------- d-----w- C:\Users\Dr Minow Dell 8300\AppData\Roaming\PDF Software 2013-12-14 19:30:54 -------- d-----w- C:\Users\Dr Minow Dell 8300\AppData\Roaming\APP_NAME_NON_STRING 2013-12-14 19:30:38 -------- d-----w- C:\Program Files (x86)\Soda PDF 5 2013-12-14 19:29:15 -------- d-----w- C:\Program Files (x86)\Common Files\Soda PDF 5 2013-12-14 16:01:50 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-12-14 16:01:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-11 04:55:33 335360 ----a-w- C:\Windows\System32\msieftp.dll 2013-12-11 04:55:33 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll 2013-12-11 04:55:32 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-12-11 04:55:31 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-12-11 04:55:31 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-12-11 04:55:31 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-12-11 04:55:30 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-12-11 04:55:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-12-11 04:55:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-12-11 04:55:27 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys 2013-12-11 04:55:27 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys 2013-12-11 04:55:00 150016 ----a-w- C:\Windows\System32\wshom.ocx 2013-12-11 04:54:59 202752 ----a-w- C:\Windows\System32\scrrun.dll 2013-12-11 04:54:59 168960 ----a-w- C:\Windows\System32\wscript.exe 2013-12-11 04:54:59 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll 2013-12-11 04:54:59 156160 ----a-w- C:\Windows\System32\cscript.exe 2013-12-11 04:54:59 141824 ----a-w- C:\Windows\SysWow64\wscript.exe 2013-12-11 04:54:59 126976 ----a-w- C:\Windows\SysWow64\cscript.exe 2013-12-11 04:54:59 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx 2013-11-26 23:30:12 -------- d-----w- C:\Users\Dr Minow Dell 8300\AppData\Roaming\AVAST Software 2013-11-22 22:24:47 -------- d-----w- C:\Users\Dr Minow Dell 8300\AppData\Local\Mozilla 2013-11-22 22:24:41 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service . ==================== Find3M ==================== . 2013-12-10 18:27:15 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-12-10 18:27:15 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-26 23:26:26 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-11-26 23:26:26 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-11-26 23:26:26 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-11-26 23:26:26 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-11-26 23:26:26 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-11-26 23:26:25 43152 ----a-w- C:\Windows\avastSS.scr 2013-11-19 11:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe 2013-11-15 01:37:29 2334720 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-15 01:29:03 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-11-15 01:28:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-11-15 01:22:21 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-15 01:20:47 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-11-15 01:18:03 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-14 22:50:50 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-11-14 22:42:41 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-11-14 22:42:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-11-14 22:38:54 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-11-14 22:38:16 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-11-14 22:35:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll 2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll 2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL 2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll 2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll 2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll 2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll 2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll 2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll 2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll 2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll 2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-10-02 02:22:20 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2013-10-02 02:11:13 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2013-10-02 02:08:53 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll 2013-10-02 01:48:59 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll 2013-10-02 01:48:08 18944 ----a-w- C:\Windows\System32\wksprtPS.dll 2013-10-02 01:29:05 62976 ----a-w- C:\Windows\System32\tsgqec.dll 2013-10-02 01:10:56 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll 2013-10-02 00:15:45 1057280 ----a-w- C:\Windows\System32\rdvidcrl.dll 2013-10-02 00:14:58 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll 2013-10-02 00:14:20 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll 2013-10-02 00:08:30 83968 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2013-10-02 00:01:16 420864 ----a-w- C:\Windows\System32\wksprt.exe 2013-10-01 23:58:48 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll 2013-10-01 23:31:09 1147392 ----a-w- C:\Windows\System32\mstsc.exe 2013-10-01 23:08:10 855552 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll 2013-10-01 22:34:12 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe 2013-10-01 20:57:46 6578176 ----a-w- C:\Windows\System32\mstscax.dll 2013-10-01 20:55:10 5698048 ----a-w- C:\Windows\SysWow64\mstscax.dll 2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-09-25 02:23:41 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll 2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll 2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll 2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll 2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-09-25 01:57:53 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll 2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe . ============= FINISH: 17:22:36.33 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 4/17/2013 12:55:52 PM System Uptime: 12/18/2013 2:51:57 PM (3 hours ago) . Motherboard: Dell Inc. | | 0Y2MRG Processor: Intel® Core i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1384 GiB total, 1274.398 GiB free. D: is CDROM () G: is Removable H: is Removable I: is Removable K: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {36fc9e60-c465-11cf-8056-444553540000} Description: Unknown Device Device ID: USB\VID_0000&PID_0000\6&7947E71&0&4 Manufacturer: (Standard USB Host Controller) Name: Unknown Device PNP Device ID: USB\VID_0000&PID_0000\6&7947E71&0&4 Service: . ==== System Restore Points =================== . RP126: 11/19/2013 5:54:24 AM - Windows Update RP127: 11/19/2013 7:59:12 AM - Windows Update RP128: 11/19/2013 8:56:01 AM - Windows Modules Installer RP129: 11/19/2013 9:13:08 AM - Restore Operation RP130: 11/26/2013 5:28:51 AM - Windows Update RP131: 11/26/2013 3:24:59 PM - avast! antivirus system restore point RP132: 11/29/2013 6:08:25 AM - Windows Update RP133: 12/3/2013 5:46:41 AM - Windows Update RP134: 12/10/2013 5:59:07 AM - Windows Update RP135: 12/14/2013 11:29:54 AM - Installed Soda PDF 5 RP136: 12/14/2013 12:22:41 PM - Windows Update . ==== Installed Programs ====================== . ABBYY FineReader for ScanSnap 4.1 Adobe Flash Player 11 ActiveX Adobe Reader XI (11.0.05) AMD APP SDK Runtime Apple Application Support Apple Mobile Device Support Apple Software Update ATI AVIVO64 Codecs ATI Catalyst Install Manager avast! Free Antivirus Bonjour Canon IJ Network Scan Utility Canon IJ Network Tool Canon MP Navigator EX 2.1 Canon MX860 series MP Drivers Canon MX860 series User Registration Canon Utilities Easy-PhotoPrint EX Canon Utilities My Printer Canon Utilities Solution Menu CardMinder CardMinder V4.1 Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Cozi Dell Edoc Viewer Dell MusicStage Dell Stage Dell VideoStage DirectX 9 Runtime DW WLAN Card iKnowMed Support Applications Intel® Control Center Intel® Rapid Storage Technology iolo technologies' System Mechanic Professional iTunes Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Basic 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Mozilla Firefox 26.0 (x86 en-US) Mozilla Maintenance Service MSVCRT Redists MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) Multimedia Card Reader PhotoShowExpress Rack2-Filer Rack2-Viewer (This application may be deleted by deleting Rack2-Filer) Rack2 Folder Monitor Software RBVirtualFolder64Inst Realtek High Definition Audio Driver Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Roxio File Backup ScanSnap ScanSnap Manager ScanSnap Organizer Secunia PSI (3.0.0.6005) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition SES Driver Skype Click to Call Skype™ 6.10 Soda PDF 5 Sonic CinePlayer Decoder Pack SpywareBlaster 5.0 SugarSync THX TruStudio PC Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Vegas Movie Studio HD 11.0 WD Quick View WD SmartWare WD SmartWare Installer Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0) Windows Mobile Device Updater Component Windows Phone Intro Video (ENU) Zune Zune Language Pack (DEU) Zune Language Pack (ESP) Zune Language Pack (FRA) Zune Language Pack (ITA) Zune Language Pack (NLD) Zune Language Pack (PTB) Zune Language Pack (PTG) . ==== Event Viewer Messages From Past Week ======== . 12/18/2013 5:22:40 PM, Error: Service Control Manager [7023] - The Soda PDF 5 Service service terminated with the following error: %%-2147467259 12/18/2013 3:48:39 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 12/18/2013 3:48:39 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 12/18/2013 3:48:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 12/18/2013 3:47:31 PM, Error: Service Control Manager [7001] - The WD Backup service depends on the WD Drive Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 12/18/2013 2:37:00 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 12/18/2013 2:37:00 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. 12/18/2013 2:33:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service WDBackup with arguments "" in order to run the server: {81213AB4-5937-4340-88CD-66B4BC80DF73} 12/18/2013 2:33:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service WDBackup with arguments "" in order to run the server: {59484148-65C9-4467-A092-3F8380023772} 12/17/2013 10:16:38 AM, Error: volmgr [46] - Crash dump initialization failed! 12/14/2013 8:06:49 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user DrMinowDell8300\Dr Minow Dell 8300 SID (S-1-5-21-3091903195-1817203055-3543800137-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 12/14/2013 11:51:45 AM, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 2 time(s). 12/14/2013 11:51:22 AM, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File =========================== So what do I do next? Thanks

Adobe Reader has been updated. I'm unable to copy and paste the Avast scan results. They have shown repeatedly since installation some Files that can't be scanned. There are four listed. They are all start with C:Program Files (x86)\Dell DataSafe Local Back\Components\DSUpdate|Update\Updates_LGG_Tag__ini_Update.exe|> Then finish with DataSafe_Green.ico diff_0000001.dif IRIMG1BMP IRIMG1JPG Their status is all Error:Archive is password protected. (42056) Newbie111

The ISP is now working fine. The had to fix a new wireless box for a new tv and reconnect my network.

Security Check Results of screen317's Security Check version 0.99.57 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 8 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SpywareBlaster 4.6 Secunia PSI (2.0.0.4003) Malwarebytes Anti-Malware version 1.70.0.1100 Adobe Flash Player 11.5.502.135 Adobe Reader 10.1.5 Adobe Reader out of Date! Mozilla Firefox (18.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe iolo Common Lib ioloServiceManager.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

OTL Extras.txt OTL Extras logfile created on: 1/23/2013 4:49:18 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\RAM DELL 8300\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 11.98 Gb Total Physical Memory | 9.83 Gb Available Physical Memory | 82.07% Memory free 23.96 Gb Paging File | 21.68 Gb Available in Paging File | 90.48% Paging File free Paging file location(s): Reg Error: Value error. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1383.98 Gb Total Space | 1268.32 Gb Free Space | 91.64% Space Free | Partition Type: NTFS Computer Name: RAMDELL8300-PC | User Name: RAM DELL 8300 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{082DADF3-D67F-4BAD-AF67-92FAF85F6D00}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{08FDC0B2-36F0-4A7B-BCC2-E1CDD761E44A}" = lport=138 | protocol=17 | dir=in | app=system | "{0A4BACEC-EF19-4B6C-8362-B6476877553C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{0C0DDBD1-5629-496C-A150-67B95A151BF5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2111DDF5-0F4E-4100-8651-7AE5BA207F20}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2D5E1135-B966-4C1C-B0EB-E7697C9092CA}" = rport=445 | protocol=6 | dir=out | app=system | "{3011D663-760A-4EC7-AAD0-8413F9CBEB5B}" = lport=7000 | protocol=6 | dir=in | name=windows easy transfer tcp port | "{3166E3C9-E100-449C-9108-9DD0D3619386}" = rport=10243 | protocol=6 | dir=out | app=system | "{43B13E01-0CAE-40CE-B525-1F6A9CF5C4DF}" = lport=137 | protocol=17 | dir=in | app=system | "{4928A908-9D3F-4CAA-B1D8-90C944BCE222}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{4C73A881-FC95-40BA-B342-7934674A2FF0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{4D5B098D-9135-4F0C-BDA1-ACECBA74C52B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{52558B9C-0D0A-42D5-9DBA-AA3BBE3F336D}" = lport=2869 | protocol=6 | dir=in | app=system | "{533B3ED4-4A6A-412E-9A1B-D1B19CCE9A51}" = lport=2869 | protocol=6 | dir=in | app=system | "{54E18212-F145-4C89-BEB1-E5D7DD605640}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5D521883-B2D2-4E2B-8C50-7852A353EBE6}" = lport=1900 | protocol=17 | dir=in | app=%programfiles%\zune\zune.exe | "{68546E2C-FE20-408E-BF0D-23CF099322C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{692A46FA-3F25-4875-89F7-78A45EB5EE6E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6D9BB085-5DFA-4207-9107-BF68CC2F1C8C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{6F4AC622-75C8-4E4F-8F68-A57BA35C476B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7C197D4F-135F-4D13-9C6E-8392EF8890A3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7E9C4317-F228-42D2-ADAD-48FB3425895B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{83C8160F-FEB8-4279-AD0F-2C7CD181C20D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{99B63BE8-106C-4C3C-A45F-11954D89A218}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9A3EE8CB-0EBC-41E9-92FD-E5E5EC48E687}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{A1E20796-88C5-4FF6-BB11-2270C1804C12}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A41DEC5F-90BD-41EE-871B-495B58E6A1ED}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{A96318CE-A963-4BE1-8B3B-D46F45B20F64}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{AED20C65-76FE-441B-BAFA-DBB16D78E3A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B1048AAD-0057-48A0-8385-5ABC97E90286}" = lport=2869 | protocol=6 | dir=in | app=system | "{B732AC15-99C5-48FD-915E-33DF6F7913A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B82011BF-4156-4EE3-87C3-D015EBFEB091}" = rport=138 | protocol=17 | dir=out | app=system | "{B9ADAF00-B84E-4F65-9D2B-BC13A248D787}" = lport=139 | protocol=6 | dir=in | app=system | "{C8478B54-DA3A-48D0-B8C7-10C7E992FBA5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CC3A2395-210A-4868-B2EB-FB8CA15E8E5C}" = rport=137 | protocol=17 | dir=out | app=system | "{CD08C78A-FEB5-4190-8835-54D77FC7BD08}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{D6F78DC7-B3BD-4366-A6A2-8104F4197A09}" = lport=445 | protocol=6 | dir=in | app=system | "{DAFCBB89-D471-41AD-B722-B087FEC41FFD}" = lport=10243 | protocol=6 | dir=in | app=system | "{DCEBA485-C228-442E-87C6-DF2672D8BD05}" = lport=7000 | protocol=17 | dir=in | name=windows easy transfer udp port | "{F3BA5A9C-17FC-4128-9C7C-6D50314770BA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FE87756E-98F1-4372-BA55-9C12653211F2}" = rport=139 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05A98089-4984-4FA6-83AB-9B7BDA463DD3}" = dir=in | app=c:\users\ram dell 8300\appdata\local\microsoft\skydrive\skydrive.exe | "{0DDE17CA-9EBB-4D0D-87E2-E9CD5719F553}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | "{13425713-3FA0-4E7A-98FA-CBE9F99C09FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1B3DF015-AF11-4445-84E2-EDEF032895C3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{20EEBCDB-7720-4315-9DB2-396435103733}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{22172EC3-DF5F-469B-8F6C-F3F2E0DD2C52}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{2B9DF389-C72F-4059-8330-4C7FFDEC84CA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{306DA17A-12CD-4C2E-B88D-DE789A5D7B8B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{322E851C-FF0F-49F9-8E2A-2640C2093D1D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{33DE444A-F2DE-45CE-84B9-82ACE29BD474}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3BD771FE-C76C-4F20-8EF7-6476BBFBE720}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe | "{3EF7B343-E464-4AC4-8B82-910F8C45B08C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{40FC09DE-B6C9-447A-AB40-BE222EB7D1A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{41673CB6-68BE-4664-81E8-E37C79442C8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4B72DE96-72DC-44F0-9AE4-0A168E143433}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4D3CBFE3-4922-46D1-9812-67AE4B8C1B12}" = protocol=6 | dir=out | app=system | "{5EABCA1F-6AE0-4345-AF74-0482DA898677}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{61C3D5C9-058F-44D3-8A7B-05A2535C9E55}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{61FC89CF-098C-4A5B-A79B-9D97F048AEE8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{62E60DEF-FCE8-4E6C-93B0-7BCE7660ED56}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{6497DF3F-AB30-4929-AC46-C3CBEAB690C5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{6B8B477B-E5DF-43B5-8A23-37F051D44F91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6F65758A-666E-4051-A55E-DD62A482D6CC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{711E425F-2386-4763-BC84-FAF91A00D5B3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7CDE1427-B5C1-4065-9C34-A85464224146}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{835805B9-0D88-4D62-9C96-35AB694C99AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{90910AC8-0AA2-4575-838B-FA7C224AECB6}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{989D0773-39EF-4C39-BB4F-3A6B0367817E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{9AF83998-3DE3-4971-AA00-E8D5BEAEEDAA}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{9D2D785A-A94E-4C0A-9066-7707CA6621E9}" = protocol=6 | dir=out | app=system | "{A25C0191-659F-4E38-BBD5-F8154ABDAC5E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AB922BDD-4478-4785-B7FF-8B261689EA2D}" = protocol=6 | dir=out | app=system | "{C6113FC9-5BFD-4CC8-8834-55CA6D70B914}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | "{C80C4578-E2FC-4763-8855-9163F6053E44}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D293CBDD-0343-44C2-B2C4-449B6632D6C7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E3DC37AA-7910-43DD-B114-1DF60CFC183C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EA26BA2F-F61D-4AC4-A734-EDB5D61AB333}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EBA4E583-FE61-4EFE-B94C-C4079E311397}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe | "{ECE4FDCD-AFEC-4CBF-B318-1207602BA40B}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | "{F52653FB-2B83-49AE-969F-98D1C962EA25}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FAC9B15F-F8A9-4E70-8561-1818C6BB2192}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "TCP Query User{09C4B75C-7723-4F9F-9975-0AC1ED0F85EF}C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe" = protocol=6 | dir=in | app=c:\program files\sonicwall\sonicwall global vpn client\swgvc.exe | "TCP Query User{472E6EF0-64BD-4C40-A6EF-DFD2575121A6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{63783EA6-055B-4D7F-937F-74F944709EE4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{D73F7C35-5468-46E3-9071-C2D94AB27EF9}C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe" = protocol=17 | dir=in | app=c:\program files\sonicwall\sonicwall global vpn client\swgvc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center "{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB) "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series" = Canon MX860 series MP Drivers "{18A5D014-E9AD-DEFE-FAFE-A409612F51B4}" = AMD Media Foundation Decoders "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{262325FE-E6AA-7D56-9071-453A374086C9}" = ATI AVIVO64 Codecs "{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS) "{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL) "{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{50BD00DC-127E-BF00-FDD5-E1A93AB3507C}" = ccc-utility64 "{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR) "{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS) "{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG) "{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR) "{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center "{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD) "{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP) "{6B62B973-49F5-4C51-B738-93B56A963417}" = StuffIt Expander 2011 "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE) "{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}" = WD SmartWare "{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64) "{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK) "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN) "{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64 "{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{9049851D-76CC-4DCC-B446-4F370C542797}" = SonicWALL Global VPN Client "{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst "{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT) "{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY) "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{BB009B20-0BA0-ABDF-1947-4D56639214C7}" = AMD Accelerated Video Transcoding "{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU) "{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA) "{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA) "{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN) "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN) "{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}" = AMD Catalyst Install Manager "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter "{FA300000-0001-6400-0000-074957833700}" = ABBYY PDF Transformer 3.0 "CCleaner" = CCleaner "Dell Support Center" = Dell Support Center "DW WLAN Card Utility" = DW WLAN Card Utility "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "sp6" = Logitech SetPoint 6.51 "Zune" = Zune [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4 "{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC "{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup "{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact Pro "{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese "{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional "{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources "{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish "{2721795A-75C5-4F34-B2E5-EDC8A0B4C087}" = ScanSnap "{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration "{2CC5FCAE-51BA-4926-8C2B-4F07E54F6EA3}" = ScanSnap "{2D83C0A3-EA20-4254-948A-B89B16571F9A}" = SlideShow Expressions "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress "{34C147B6-35DF-467E-B720-2F1B2C7F47F1}" = SugarSync for Outlook "{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic "{39D06E77-8921-4056-8901-36D0035BAECA}" = Dell Stage "{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update "{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader "{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{5158974E-2D28-4018-9335-7694C2974746}" = Fix-It "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek "{55E63724-2BFE-49BC-B03E-9BE0F62E18C2}" = ScanSnap Organizer "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn "{79E06DF1-24FE-11E1-913F-F04DA23A5C58}" = DVD Architect Studio 5.0 "{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety "{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish "{7D5F8291-24FE-11E1-BCE5-F04DA23A5C58}" = MSVCRT Redists "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish "{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{830A965B-A880-42DF-B204-2A7D253F7B25}" = Rack2-Viewer (This application may be deleted by deleting Rack2-Filer) "{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish "{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = Catalyst Control Center "{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian "{8DCD0779-8811-4060-9227-871E2FD48E45}" = CardMinder V4.1 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit "{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer "{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common "{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B1975E3-F7AA-4424-BD43-D1DA28F78A58}" = Adobe Update Manager CS4 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai "{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro "{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish "{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay "{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software "{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian "{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA "{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch "{AC76BA86-1033-F400-BA7E-000000000004}_953" = Adobe Acrobat 9.5.3 - CPSID_83708 "{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5) "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime "{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail "{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share "{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1" = iolo technologies' System Mechanic Professional "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO "{C50BA5AB-6459-4104-9EEC-A1D72B962D2C}" = ScanSnap "{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents "{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO "{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D18A468F-B94F-11E0-A9FF-001320F83A25}" = MSVCRT Redists "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer "{D4F2AFD3-0167-4464-B92F-78AB6DA8A0AA}" = CardMinder "{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM "{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common "{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup "{D94C2031-1C03-11E1-BAD7-F04DA23A5C58}" = Vegas Movie Studio HD Platinum 11.0 "{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}" = ScanSnap Manager "{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech "{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage "{DDF94F8B-1239-4612-A8B3-AA425F013726}" = Adobe Setup "{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B2CF40-1C03-11E1-9165-F04DA23A5C58}" = MSVCRT Redists "{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage "{E58F3B88-3B3E-4F85-9323-04789D979C15}" = ScanSnap Organizer "{E639E6B1-E93C-48DC-9882-7FE06398180A}" = Rack2-Filer "{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{EE4CA5AF-4A55-418C-8CB8-74435814207B}" = LogMeIn "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy "{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter "{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger "{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement "{F5EB26E8-0EF6-4AF0-9D43-D2B7E0D9D63C}" = Broken Shortcut Fixer "{FB400000-0002-0000-0000-074957833700}" = ABBYY FineReader for ScanSnap 4.1 "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe_bdaf081c056f11a250e72a7a345a96c" = Adobe Update Manager CS4 "avast" = avast! Free Antivirus "Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility "Canon_IJ_Network_UTILITY" = Canon IJ Network Tool "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "ClubWPT" = ClubWPT "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition "Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX "ERUNT_is1" = ERUNT 1.1j "ESET Online Scanner" = ESET Online Scanner v3 "Free Window Registry Repair" = Free Window Registry Repair "Geekbench 2.4" = Geekbench 2.4 "iKnowMed Support Applications" = iKnowMed Support Applications "InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact Pro "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 2.1" = Canon MP Navigator EX 2.1 "Office14.SingleImage" = Microsoft Office Professional 2010 "PokerStars.net" = PokerStars.net "Professor Answers" = Professor Answers "Professor Teaches Access 2007" = Professor Teaches Access 2007 "Professor Teaches Excel 2007" = Professor Teaches Excel 2007 "Professor Teaches Excel 2007 Advanced" = Professor Teaches Excel 2007 Advanced "Professor Teaches Internet Explorer 8" = Professor Teaches Internet Explorer 8 "Professor Teaches Outlook 2007" = Professor Teaches Outlook 2007 "Professor Teaches PowerPoint 2007" = Professor Teaches PowerPoint 2007 "Professor Teaches PowerPoint 2007 Advanced" = Professor Teaches PowerPoint 2007 Advanced "Professor Teaches Publisher 2007" = Professor Teaches Publisher 2007 "Professor Teaches Windows 7" = Professor Teaches Windows 7 "Professor Teaches Windows 7 Advanced" = Professor Teaches Windows 7 Advanced "Professor Teaches Word 2007" = Professor Teaches Word 2007 "Professor Teaches Word Advanced 2007" = Professor Teaches Word Advanced 2007 "Secunia PSI" = Secunia PSI (2.0.0.4003) "SpywareBlaster_is1" = SpywareBlaster 4.6 "SugarSync" = SugarSync "WinLiveSuite" = Windows Live Essentials "Wondershare Video Converter Ultimate_is1" = Wondershare Video Converter Ultimate(Build 6.0.1.0) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "1674365274.office.microsoft.com" = Interactive Publisher menu to ribbon guide "1677788759.office.microsoft.com" = Interactive Excel menu to ribbon guide "1811948404.office.microsoft.com" = Interactive OneNote menu to ribbon guide "2295245087.office.microsoft.com" = Interactive Word menu to ribbon guide "3260018631.office.microsoft.com" = Interactive PowerPoint menu to ribbon guide "3867980560.office.microsoft.com" = Interactive Outlook menu to ribbon guide "bd4d3a0508d364f5" = Dell Driver Download Manager "GoToMeeting" = GoToMeeting 5.1.0.880 "SkyDriveSetup.exe" = Microsoft SkyDrive ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 11/3/2012 3:34:20 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0x1e44 Faulting application start time: 0x01cdb9f9fdf8922b Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: 76040bc1-25ed-11e2-b4f8-180373dba8ab Error - 11/3/2012 3:36:14 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0x474 Faulting application start time: 0x01cdb9fa73800bd9 Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: b9e9b763-25ed-11e2-b4f8-180373dba8ab Error - 11/3/2012 3:39:18 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0xaf4 Faulting application start time: 0x01cdb9fa8aeeecaf Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: 27a49e15-25ee-11e2-b4f8-180373dba8ab Error - 11/3/2012 3:49:50 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0x1678 Faulting application start time: 0x01cdb9faf11ede3a Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: a0582fe0-25ef-11e2-b4f8-180373dba8ab Error - 11/3/2012 3:50:48 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0x1fa8 Faulting application start time: 0x01cdb9fc72b929b3 Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: c2e3c57e-25ef-11e2-b4f8-180373dba8ab Error - 11/3/2012 3:57:54 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0x14d0 Faulting application start time: 0x01cdb9fd1f0a193e Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: c0d1c745-25f0-11e2-b4f8-180373dba8ab Error - 11/3/2012 4:12:06 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0x690 Faulting application start time: 0x01cdb9fd8917efb8 Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: bcad0781-25f2-11e2-b4f8-180373dba8ab Error - 11/3/2012 4:12:55 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0x2654 Faulting application start time: 0x01cdb9ff90e84686 Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: d9e6b05e-25f2-11e2-b4f8-180373dba8ab Error - 11/3/2012 4:13:52 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp: 0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0xcbc Faulting application start time: 0x01cdb9ffa66d9fb2 Faulting application path: C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: fbce8986-25f2-11e2-b4f8-180373dba8ab Error - 11/3/2012 4:14:55 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000 Description = Faulting application name: mxtask2.exe, version: 12.0.32.9, time stamp: 0x4e456b99 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id: 0x5b4 Faulting application start time: 0x01cdb9ee54dbcf2e Faulting application path: C:\PROGRA~2\AVANQU~1\Fix-It\mxtask2.exe Faulting module path: C:\Windows\system32\MSVCR100.dll Report Id: 21868bc9-25f3-11e2-b4f8-180373dba8ab [ Broadcom Wireless LAN Events ] Error - 4/13/2012 11:03:43 PM | Computer Name = RAMDELL8300-PC | Source = WLAN-Tray | ID = 0 Description = 20:03:41, Fri, Apr 13, 12 Error - Unable to gain access to user store [ Media Center Events ] Error - 1/21/2013 12:44:38 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 8:44:37 PM - Error connecting to the internet. 8:44:38 PM - Unable to contact server.. Error - 1/21/2013 12:44:46 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 8:44:43 PM - Error connecting to the internet. 8:44:43 PM - Unable to contact server.. Error - 1/21/2013 1:44:51 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 9:44:51 PM - Error connecting to the internet. 9:44:51 PM - Unable to contact server.. Error - 1/21/2013 1:44:56 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 9:44:56 PM - Error connecting to the internet. 9:44:56 PM - Unable to contact server.. Error - 1/21/2013 2:45:01 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 10:45:01 PM - Error connecting to the internet. 10:45:01 PM - Unable to contact server.. Error - 1/21/2013 2:45:06 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 10:45:06 PM - Error connecting to the internet. 10:45:06 PM - Unable to contact server.. Error - 1/21/2013 3:45:11 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 11:45:11 PM - Error connecting to the internet. 11:45:11 PM - Unable to contact server.. Error - 1/21/2013 3:45:16 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 11:45:16 PM - Error connecting to the internet. 11:45:16 PM - Unable to contact server.. Error - 1/21/2013 12:19:43 PM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 8:19:43 AM - Error connecting to the internet. 8:19:43 AM - Unable to contact server.. Error - 1/21/2013 12:19:51 PM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0 Description = 8:19:48 AM - Error connecting to the internet. 8:19:48 AM - Unable to contact server.. [ System Events ] Error - 1/23/2013 8:17:41 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7001 Description = The WD Backup service depends on the WD Rules service which failed to start because of the following error: %%1058 Error - 1/23/2013 8:32:38 PM | Computer Name = RAMDELL8300-PC | Source = volmgr | ID = 262190 Description = Crash dump initialization failed! Error - 1/23/2013 8:33:11 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7001 Description = The WD Backup service depends on the WD Rules service which failed to start because of the following error: %%1058 Error - 1/23/2013 8:33:25 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7024 Description = The Windows Search service terminated with service-specific error %%-2147218173. Error - 1/23/2013 8:33:49 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: FileDisk Error - 1/23/2013 8:33:49 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7031 Description = The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error - 1/23/2013 8:34:19 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7032 Description = The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error - 1/23/2013 8:36:09 PM | Computer Name = RAMDELL8300-PC | Source = DCOM | ID = 10005 Description = Error - 1/23/2013 8:36:09 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7001 Description = The WD Backup service depends on the WD Rules service which failed to start because of the following error: %%1058 Error - 1/23/2013 8:48:21 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7001 Description = The WD Backup service depends on the WD Rules service which failed to start because of the following error: %%1058 < End of report >

OTL OTL logfile created on: 1/23/2013 4:49:18 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\RAM DELL 8300\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 11.98 Gb Total Physical Memory | 9.83 Gb Available Physical Memory | 82.07% Memory free 23.96 Gb Paging File | 21.68 Gb Available in Paging File | 90.48% Paging File free Paging file location(s): Reg Error: Value error. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1383.98 Gb Total Space | 1268.32 Gb Free Space | 91.64% Space Free | Partition Type: NTFS Computer Name: RAMDELL8300-PC | User Name: RAM DELL 8300 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/01/23 16:43:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\RAM DELL 8300\Downloads\OTL.exe PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/12/06 23:40:38 | 001,053,184 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe PRC - [2012/11/28 23:20:48 | 000,255,992 | ---- | M] (Microsoft Corporation) -- C:\Users\RAM DELL 8300\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/09/18 12:08:58 | 000,081,328 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe PRC - [2012/05/28 12:33:06 | 001,097,728 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe PRC - [2012/02/01 10:36:22 | 000,634,880 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe PRC - [2011/10/13 22:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe PRC - [2011/10/13 22:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe PRC - [2010/09/13 15:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/09/13 15:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2010/01/18 21:43:00 | 000,124,256 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE PRC - [2009/09/30 10:07:34 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\SSDriver\fi5110\SsWiaChecker.exe ========== Modules (No Company Name) ========== MOD - [2013/01/09 00:26:44 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll MOD - [2013/01/09 00:26:44 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll MOD - [2013/01/08 22:55:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013/01/08 22:54:55 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll MOD - [2013/01/08 22:54:51 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013/01/08 22:54:42 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll MOD - [2013/01/08 22:54:38 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013/01/08 22:54:36 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll MOD - [2013/01/08 22:54:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013/01/08 22:54:31 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2012/01/18 15:35:18 | 000,385,024 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll MOD - [2011/12/14 20:49:20 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll MOD - [2010/08/24 16:56:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll MOD - [2003/04/21 14:19:42 | 000,851,968 | ---- | M] () -- C:\Windows\SSDriver\fi5110\fjiplA6.dll MOD - [2003/04/21 14:19:40 | 000,020,480 | ---- | M] () -- C:\Windows\SSDriver\fi5110\fjipl.dll MOD - [2003/03/26 18:46:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll ========== Services (SafeList) ========== SRV:64bit: - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2012/09/30 23:22:52 | 000,359,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:64bit: - [2012/09/27 17:38:16 | 000,239,616 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011/12/27 08:53:01 | 000,048,128 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm) SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV:64bit: - [2011/01/14 16:07:08 | 000,286,504 | ---- | M] (SonicWALL, Inc.) [Disabled | Stopped] -- C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe -- (SWGVCSvc) SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013/01/20 06:35:23 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/01/13 10:30:17 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/12/06 23:40:38 | 001,053,184 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2012/11/27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2012/11/06 08:53:00 | 000,147,888 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint) SRV - [2012/11/06 08:52:53 | 000,375,728 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2012/09/19 21:10:10 | 001,177,536 | R--- | M] (Western Digital ) [Disabled | Stopped] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService) SRV - [2012/09/19 21:10:06 | 001,157,056 | R--- | M] (Western Digital ) [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup) SRV - [2012/09/19 21:02:48 | 000,248,248 | R--- | M] (Western Digital) [Disabled | Stopped] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService) SRV - [2012/09/18 12:09:15 | 000,311,032 | ---- | M] (Avanquest Software) [Disabled | Stopped] -- C:\Program Files (x86)\Avanquest\Fix-It\AVQWinMonEngine.exe -- (.AVQWindowsMonitorService) SRV - [2012/09/18 12:09:13 | 000,537,608 | ---- | M] (Avanquest Software) [Disabled | Stopped] -- C:\Program Files (x86)\Avanquest\Fix-It\MXTask.exe -- (Fix-It Task Manager) SRV - [2012/09/18 12:08:58 | 000,081,328 | ---- | M] (Avanquest Software) [Auto | Running] -- C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe -- (AQFileRestoreSrv) SRV - [2012/08/13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/07/03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/04/02 11:17:40 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn) SRV - [2011/10/26 09:31:02 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/10/13 22:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2011/08/18 08:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService) SRV - [2010/11/25 02:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010/11/25 02:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010/09/13 15:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010/08/25 17:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/04/27 02:17:14 | 000,759,048 | ---- | M] (ABBYY) [Disabled | Stopped] -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0) SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/11/06 08:52:54 | 000,088,008 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV:64bit: - [2012/11/01 09:59:08 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter) DRV:64bit: - [2012/10/30 17:48:48 | 000,347,456 | ---- | M] (EldoS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sscbfs3.sys -- (SSCBFS3) DRV:64bit: - [2012/10/30 15:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012/10/30 15:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012/10/30 15:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012/10/30 15:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012/10/30 15:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012/10/15 08:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012/09/27 18:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012/09/27 17:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012/09/20 09:20:07 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv) DRV:64bit: - [2012/09/18 01:32:32 | 000,078,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:64bit: - [2012/09/18 01:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2012/09/18 01:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2012/09/18 01:32:32 | 000,015,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/07/26 10:01:26 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk) DRV:64bit: - [2012/06/08 09:32:48 | 000,021,120 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\AQFileRestore.sys -- (AQFileRestore) DRV:64bit: - [2012/05/13 22:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2012/04/02 11:17:40 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV:64bit: - [2012/04/02 11:17:18 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr) DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/12/27 08:53:01 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:64bit: - [2011/12/13 17:19:10 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) DRV:64bit: - [2011/10/26 11:00:18 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/10/26 11:00:18 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/01/14 16:08:20 | 000,100,128 | ---- | M] (SonicWALL, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SWIPsec.sys -- (SWIPsec) DRV:64bit: - [2010/12/06 09:46:24 | 000,131,672 | ---- | M] (Deterministic Networks, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dnelwf64.sys -- (DNE) DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/10/15 17:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010/09/14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/09/01 00:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:64bit: - [2010/08/31 09:32:44 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdispm.sys -- (RDPDISPM) DRV:64bit: - [2010/06/08 04:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2010/05/20 15:42:44 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010/03/22 12:11:12 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE) DRV:64bit: - [2010/03/19 00:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010/02/27 07:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2010/01/23 11:55:28 | 000,024,600 | ---- | M] (SonicWALL, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SWVNIC.sys -- (SWVNIC) DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV:64bit: - [2006/11/01 09:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2012/09/18 12:09:15 | 000,021,120 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AQFileRestore.sys -- (AQFileRestore) DRV - [2012/04/02 11:17:40 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo) DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.dell.com/support/in [binary data over 200 bytes] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://support.dell.com/support/in [binary data over 200 bytes] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070320 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/advanced_search?hl=en IE - HKCU\..\SearchScopes,DefaultScope = {FCCF8EC8-3088-4707-89B5-DF97DAEB5F03} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{FCCF8EC8-3088-4707-89B5-DF97DAEB5F03}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/advanced_search?hl=en" FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@ei.MapsGalaxy_39.com/Plugin: File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012/11/21 07:02:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2012/12/02 07:42:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/01/08 09:40:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/20 06:35:23 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/20 06:35:23 | 000,000,000 | ---D | M] [2012/09/19 05:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Extensions [2012/09/21 08:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Firefox\Profiles\r22rk5lc.default\extensions [2013/01/22 09:49:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/11/21 07:02:25 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT [2013/01/20 06:35:23 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/10/29 07:23:29 | 000,003,544 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012/11/19 22:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/11/19 22:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2012/12/30 06:55:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found. O2 - BHO: (Wondershare Video Converter Ultimate) - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe () O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [browserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe (Wondershare Software) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.) O4 - HKLM..\Run: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED) O4 - HKLM..\Run: [updReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKCU..\Run: [skyDrive] C:\Users\RAM DELL 8300\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - Startup: C:\Users\RAM DELL 8300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\ieSpell.dll (Red Egg Software) O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\ieSpell.dll (Red Egg Software) O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\ieSpell.dll (Red Egg Software) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: advisor.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O15 - HKCU\..Trusted Domains: iknowmed.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: usoncology.com ([]* in Trusted sites) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (Reg Error: Key error.) O16 - DPF: {319B9BA1-E335-4F8D-96CA-A89A1DFE778D} https://ikm07.usoncology.com/downloads/ikmSoundPlayer.cab (Reg Error: Key error.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {9A0F2B30-FEFF-42C8-9C56-F4FE3215C00C} https://ikm07.usoncology.com/downloads/ikmPrinter.cab (Reg Error: Key error.) O16 - DPF: {BB609657-8E59-4175-9E74-86BD28208880} https://ikm07.usoncology.com/downloads/ieWrapper.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=928 (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6147CE2E-EAC1-41B6-812B-8A0D0AD079D2}: DhcpNameServer = 172.20.2.1 64.60.0.17 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB7ECB17-50BB-41A8-888D-4835287ADBE0}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\AutorunsDisabled - No CLSID value found O18:64bit: - Protocol\Handler\AutorunsDisabled\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\cozi - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found O18 - Protocol\Handler\AutorunsDisabled\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.) O18 - Protocol\Handler\gopher - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysNative\SSCbFsMntNtf3.dll (EldoS Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22:64bit: - SharedTaskScheduler: {C28617FD-4FE7-4043-AD51-C8132CE90106} - Virtual Storage Mount Notification - C:\Windows\SysNative\SSCbFsMntNtf3.dll (EldoS Corporation) O22 - SharedTaskScheduler: {C28617FD-4FE7-4043-AD51-C8132CE90106} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation) O32 - HKLM CDRom: AutoRun - 1 O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/01/23 02:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2013/01/23 02:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2013/01/22 05:52:42 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\Desktop\01-22-2013 [2013/01/21 23:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX860 series [2013/01/21 22:56:39 | 000,366,080 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNMNPPM.DLL [2013/01/21 22:56:39 | 000,252,416 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6PPM.DLL [2013/01/21 22:56:39 | 000,152,064 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6UI.DLL [2013/01/20 06:35:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/01/19 07:46:21 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\Desktop\RK_Quarantine [2013/01/19 00:58:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/01/19 00:26:41 | 000,000,000 | ---D | C] -- C:\ComboFix [2013/01/16 18:26:51 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\AppData\Local\SugarSync [2013/01/13 08:58:52 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll [2013/01/08 22:31:35 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/01/08 22:31:35 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/01/08 22:31:14 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013/01/08 22:31:13 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013/01/08 22:31:02 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013/01/08 22:31:02 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013/01/08 22:31:02 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013/01/08 22:31:02 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013/01/08 22:31:02 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013/01/08 22:31:02 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013/01/08 22:31:02 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013/01/08 22:31:01 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013/01/08 22:31:01 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013/01/08 22:31:01 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013/01/08 22:31:01 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013/01/08 22:31:01 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013/01/08 22:31:01 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013/01/08 22:31:01 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013/01/08 22:31:01 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013/01/08 22:31:01 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013/01/08 22:31:01 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013/01/08 22:31:01 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013/01/08 22:31:00 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013/01/08 22:31:00 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013/01/08 22:31:00 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013/01/08 22:31:00 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013/01/08 22:31:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013/01/08 22:31:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013/01/08 22:30:57 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013/01/08 22:30:57 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013/01/08 22:30:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013/01/08 22:30:55 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013/01/08 22:30:54 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013/01/08 22:30:54 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013/01/08 22:30:54 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013/01/08 22:30:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013/01/08 22:29:57 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013/01/08 22:29:56 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013/01/08 22:29:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013/01/08 22:29:56 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013/01/08 22:29:56 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013/01/08 22:29:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013/01/08 22:29:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013/01/08 22:29:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013/01/08 22:29:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013/01/08 22:29:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013/01/08 22:29:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013/01/08 22:29:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013/01/08 22:29:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013/01/08 22:29:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013/01/08 22:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013/01/08 22:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013/01/08 22:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013/01/08 22:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013/01/08 22:29:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013/01/08 22:29:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013/01/08 22:29:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013/01/08 22:29:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013/01/08 22:29:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013/01/08 22:29:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013/01/08 22:29:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013/01/08 22:29:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013/01/08 22:29:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013/01/08 22:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013/01/08 22:29:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013/01/08 22:29:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013/01/08 22:29:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013/01/08 22:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013/01/08 22:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013/01/08 22:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013/01/08 22:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013/01/08 22:29:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013/01/08 22:29:33 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013/01/08 09:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013/01/08 09:41:06 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013/01/08 09:41:05 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/01/08 09:41:04 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013/01/08 09:41:04 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013/01/08 09:41:03 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/01/08 09:41:03 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013/01/08 09:40:51 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2013/01/08 09:40:51 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013/01/08 09:37:23 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\AppData\Local\Avg2013 [2013/01/07 07:14:06 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\Desktop\Mallware Repair [2013/01/04 19:06:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL [2013/01/04 19:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster [2013/01/04 19:06:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster [2013/01/02 07:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013/01/01 13:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/12/30 06:47:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/12/30 06:47:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/12/30 06:47:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/12/30 06:47:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/12/30 06:47:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/12/30 06:14:36 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012/12/30 06:14:36 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012/12/30 06:14:36 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012/12/30 06:14:35 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012/12/28 03:53:25 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\AppData\Local\Programs [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/23 16:44:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/01/23 16:40:56 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/01/23 16:40:56 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/23 16:32:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/01/23 16:32:40 | 1059,934,206 | -HS- | M] () -- C:\hiberfil.sys [2013/01/23 16:04:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013/01/23 11:56:42 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2013/01/23 11:42:56 | 000,001,106 | ---- | M] () -- C:\Users\RAM DELL 8300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2013/01/23 11:42:53 | 000,000,926 | ---- | M] () -- C:\Users\RAM DELL 8300\Desktop\NTREGOPT.lnk [2013/01/23 11:42:53 | 000,000,907 | ---- | M] () -- C:\Users\RAM DELL 8300\Desktop\ERUNT.lnk [2013/01/22 10:17:28 | 001,081,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll [2013/01/22 10:17:28 | 000,960,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2013/01/21 23:02:54 | 000,002,011 | ---- | M] () -- C:\Users\Public\Desktop\Canon IJ Network Tool.lnk [2013/01/21 22:53:00 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/01/21 22:53:00 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/01/21 22:53:00 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/01/13 10:30:17 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/01/13 10:30:17 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/01/08 22:50:27 | 000,509,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/01/08 22:45:16 | 000,772,558 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/01/08 09:41:08 | 000,001,920 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013/01/02 07:02:39 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/01/01 04:31:07 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2012/12/30 06:55:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/12/30 06:31:05 | 000,000,162 | ---- | M] () -- C:\Windows\reimage.ini [2012/12/28 03:53:52 | 000,001,135 | ---- | M] () -- C:\Users\RAM DELL 8300\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/01/23 11:42:56 | 000,001,106 | ---- | C] () -- C:\Users\RAM DELL 8300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2013/01/23 02:31:40 | 000,000,926 | ---- | C] () -- C:\Users\RAM DELL 8300\Desktop\NTREGOPT.lnk [2013/01/23 02:31:40 | 000,000,907 | ---- | C] () -- C:\Users\RAM DELL 8300\Desktop\ERUNT.lnk [2013/01/08 09:41:08 | 000,001,920 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013/01/02 07:02:23 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/01/02 07:02:22 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/12/30 06:47:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/12/30 06:47:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/12/30 06:47:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/12/30 06:47:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/12/30 06:47:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/12/30 06:30:10 | 000,000,162 | ---- | C] () -- C:\Windows\reimage.ini [2012/12/02 07:42:53 | 000,727,952 | ---- | C] () -- C:\Windows\SysWow64\WSCM64.dll [2012/12/02 07:42:53 | 000,159,120 | ---- | C] () -- C:\Windows\SysWow64\WSCM32.dll [2012/11/29 10:06:42 | 000,038,400 | ---- | C] () -- C:\Users\RAM DELL 8300\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/11/23 21:21:39 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat [2012/09/18 12:08:48 | 000,021,120 | ---- | C] () -- C:\Windows\SysWow64\drivers\AQFileRestore.sys [2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012/02/14 18:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/02/14 18:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/01/08 12:39:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011/12/29 06:24:28 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI [2011/12/27 18:28:11 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/12/27 11:13:15 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011/12/27 11:13:15 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2011/10/26 11:05:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011/10/26 09:31:26 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011/10/26 09:31:26 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011/10/26 09:31:26 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini [2011/10/26 09:31:26 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini [2011/10/26 09:31:26 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini [2011/09/12 15:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011/05/16 12:31:44 | 000,008,592 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll [2011/02/10 08:10:51 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 05:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 05:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 05:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/05/12 08:10:09 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Ad-Aware Antivirus [2012/11/03 10:03:07 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Avanquest [2012/02/27 22:06:04 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Canon [2012/12/05 11:25:04 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Catalina Marketing Corp [2011/12/26 21:13:07 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Fingertapps [2011/12/29 08:15:58 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Fujitsu [2011/12/29 13:40:33 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Individual Software [2012/12/06 08:25:01 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\iolo [2011/12/26 21:12:57 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Leadertech [2011/12/27 17:04:51 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\PCDr [2011/12/29 22:30:11 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\PFU [2011/12/29 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Publish Providers [2012/11/28 12:37:34 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Sony [2011/12/29 23:10:07 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Sony Creative Software Inc [2012/09/16 12:23:27 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\TuneUp Software [2012/11/28 15:17:56 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Ulead Systems [2012/02/05 09:37:43 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Windows Live Writer [2012/12/02 07:45:09 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Wondershare Video Converter Ultimate ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:5C321E34 < End of report >

Here's the TDSSKiller report. No threats were found. 16:36:17.0406 5396 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 16:36:17.0843 5396 ============================================================ 16:36:17.0843 5396 Current date / time: 2013/01/23 16:36:17.0843 16:36:17.0843 5396 SystemInfo: 16:36:17.0843 5396 16:36:17.0843 5396 OS Version: 6.1.7601 ServicePack: 1.0 16:36:17.0843 5396 Product type: Workstation 16:36:17.0843 5396 ComputerName: RAMDELL8300-PC 16:36:17.0843 5396 UserName: RAM DELL 8300 16:36:17.0843 5396 Windows directory: C:\Windows 16:36:17.0843 5396 System windows directory: C:\Windows 16:36:17.0843 5396 Running under WOW64 16:36:17.0843 5396 Processor architecture: Intel x64 16:36:17.0843 5396 Number of processors: 8 16:36:17.0843 5396 Page size: 0x1000 16:36:17.0843 5396 Boot type: Normal boot 16:36:17.0843 5396 ============================================================ 16:36:18.0326 5396 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:36:18.0373 5396 ============================================================ 16:36:18.0373 5396 \Device\Harddisk0\DR0: 16:36:18.0373 5396 MBR partitions: 16:36:18.0373 5396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000 16:36:18.0373 5396 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0xACFF4000 16:36:18.0373 5396 ============================================================ 16:36:18.0404 5396 C: <-> \Device\Harddisk0\DR0\Partition2 16:36:18.0404 5396 ============================================================ 16:36:18.0404 5396 Initialize success 16:36:18.0404 5396 ============================================================ 16:36:31.0633 5824 ============================================================ 16:36:31.0633 5824 Scan started 16:36:31.0633 5824 Mode: Manual; 16:36:31.0633 5824 ============================================================ 16:36:32.0522 5824 ================ Scan system memory ======================== 16:36:32.0522 5824 System memory - ok 16:36:32.0522 5824 ================ Scan services ============================= 16:36:32.0647 5824 [ 84F86D9D58D9CCDB8B83C0614D01090D ] .AVQWindowsMonitorService C:\Program Files (x86)\Avanquest\Fix-It\AVQWinMonEngine.exe 16:36:32.0678 5824 .AVQWindowsMonitorService - ok 16:36:33.0115 5824 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 16:36:33.0131 5824 1394ohci - ok 16:36:33.0209 5824 [ E4BA653119103D51744A8D7C89C10E03 ] ABBYY.Licensing.PDFTransformer.Classic.3.0 C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe 16:36:33.0287 5824 ABBYY.Licensing.PDFTransformer.Classic.3.0 - ok 16:36:33.0333 5824 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 16:36:33.0333 5824 ACPI - ok 16:36:33.0349 5824 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 16:36:33.0349 5824 AcpiPmi - ok 16:36:33.0427 5824 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:36:33.0427 5824 AdobeARMservice - ok 16:36:33.0521 5824 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:36:33.0536 5824 AdobeFlashPlayerUpdateSvc - ok 16:36:33.0552 5824 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 16:36:33.0552 5824 adp94xx - ok 16:36:33.0567 5824 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 16:36:33.0583 5824 adpahci - ok 16:36:33.0583 5824 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 16:36:33.0599 5824 adpu320 - ok 16:36:33.0614 5824 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:36:33.0630 5824 AeLookupSvc - ok 16:36:33.0661 5824 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys 16:36:33.0661 5824 Afc - ok 16:36:33.0708 5824 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 16:36:33.0708 5824 AFD - ok 16:36:33.0739 5824 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 16:36:33.0739 5824 agp440 - ok 16:36:33.0770 5824 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 16:36:33.0770 5824 ALG - ok 16:36:33.0770 5824 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 16:36:33.0770 5824 aliide - ok 16:36:33.0817 5824 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 16:36:33.0817 5824 AMD External Events Utility - ok 16:36:33.0817 5824 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 16:36:33.0817 5824 amdide - ok 16:36:33.0833 5824 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 16:36:33.0833 5824 AmdK8 - ok 16:36:33.0989 5824 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 16:36:34.0145 5824 amdkmdag - ok 16:36:34.0176 5824 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 16:36:34.0176 5824 amdkmdap - ok 16:36:34.0176 5824 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 16:36:34.0176 5824 AmdPPM - ok 16:36:34.0207 5824 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 16:36:34.0207 5824 amdsata - ok 16:36:34.0223 5824 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 16:36:34.0223 5824 amdsbs - ok 16:36:34.0254 5824 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 16:36:34.0254 5824 amdxata - ok 16:36:34.0285 5824 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 16:36:34.0285 5824 AppID - ok 16:36:34.0316 5824 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 16:36:34.0316 5824 AppIDSvc - ok 16:36:34.0316 5824 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 16:36:34.0332 5824 Appinfo - ok 16:36:34.0394 5824 [ 5E5233137FEEA6055DB8412C8728B39F ] AQFileRestore C:\Windows\system32\DRIVERS\AQFileRestore.sys 16:36:34.0394 5824 AQFileRestore - ok 16:36:34.0425 5824 [ 84AD82ED5B623529B536775E2E1960D2 ] AQFileRestoreSrv C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe 16:36:34.0425 5824 AQFileRestoreSrv - ok 16:36:34.0441 5824 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 16:36:34.0441 5824 arc - ok 16:36:34.0472 5824 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:36:34.0472 5824 arcsas - ok 16:36:34.0566 5824 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:36:34.0613 5824 aspnet_state - ok 16:36:34.0644 5824 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 16:36:34.0659 5824 aswFsBlk - ok 16:36:34.0722 5824 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 16:36:34.0722 5824 aswMonFlt - ok 16:36:34.0753 5824 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys 16:36:34.0753 5824 aswRdr - ok 16:36:34.0815 5824 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 16:36:34.0815 5824 aswSnx - ok 16:36:34.0862 5824 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys 16:36:34.0862 5824 aswSP - ok 16:36:34.0878 5824 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 16:36:34.0878 5824 aswTdi - ok 16:36:34.0909 5824 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 16:36:34.0909 5824 AsyncMac - ok 16:36:34.0925 5824 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 16:36:34.0940 5824 atapi - ok 16:36:34.0987 5824 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 16:36:35.0003 5824 AtiHDAudioService - ok 16:36:35.0034 5824 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 16:36:35.0049 5824 AudioEndpointBuilder - ok 16:36:35.0049 5824 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 16:36:35.0065 5824 AudioSrv - ok 16:36:35.0174 5824 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 16:36:35.0174 5824 avast! Antivirus - ok 16:36:35.0190 5824 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 16:36:35.0190 5824 AxInstSV - ok 16:36:35.0237 5824 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 16:36:35.0252 5824 b06bdrv - ok 16:36:35.0315 5824 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 16:36:35.0315 5824 b57nd60a - ok 16:36:35.0330 5824 [ AC4E2D84DE54CD3A013AEFF0CC56095C ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys 16:36:35.0346 5824 BCM42RLY - ok 16:36:35.0424 5824 [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 16:36:35.0439 5824 BCM43XX - ok 16:36:35.0439 5824 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 16:36:35.0455 5824 BDESVC - ok 16:36:35.0455 5824 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 16:36:35.0471 5824 Beep - ok 16:36:35.0502 5824 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 16:36:35.0517 5824 BFE - ok 16:36:35.0549 5824 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 16:36:35.0595 5824 BITS - ok 16:36:35.0627 5824 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 16:36:35.0627 5824 blbdrive - ok 16:36:35.0658 5824 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:36:35.0658 5824 bowser - ok 16:36:35.0658 5824 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 16:36:35.0673 5824 BrFiltLo - ok 16:36:35.0673 5824 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 16:36:35.0673 5824 BrFiltUp - ok 16:36:35.0705 5824 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 16:36:35.0720 5824 BridgeMP - ok 16:36:35.0767 5824 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 16:36:35.0767 5824 Browser - ok 16:36:35.0783 5824 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 16:36:35.0783 5824 Brserid - ok 16:36:35.0783 5824 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 16:36:35.0798 5824 BrSerWdm - ok 16:36:35.0798 5824 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 16:36:35.0798 5824 BrUsbMdm - ok 16:36:35.0798 5824 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 16:36:35.0814 5824 BrUsbSer - ok 16:36:35.0814 5824 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 16:36:35.0814 5824 BTHMODEM - ok 16:36:35.0829 5824 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 16:36:35.0829 5824 bthserv - ok 16:36:35.0892 5824 catchme - ok 16:36:35.0892 5824 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:36:35.0907 5824 cdfs - ok 16:36:35.0923 5824 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 16:36:35.0923 5824 cdrom - ok 16:36:35.0939 5824 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 16:36:35.0954 5824 CertPropSvc - ok 16:36:35.0954 5824 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 16:36:35.0954 5824 circlass - ok 16:36:35.0970 5824 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 16:36:35.0985 5824 CLFS - ok 16:36:36.0032 5824 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:36:36.0048 5824 clr_optimization_v2.0.50727_32 - ok 16:36:36.0095 5824 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:36:36.0095 5824 clr_optimization_v2.0.50727_64 - ok 16:36:36.0173 5824 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:36:36.0235 5824 clr_optimization_v4.0.30319_32 - ok 16:36:36.0251 5824 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:36:36.0266 5824 clr_optimization_v4.0.30319_64 - ok 16:36:36.0266 5824 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 16:36:36.0266 5824 CmBatt - ok 16:36:36.0266 5824 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 16:36:36.0282 5824 cmdide - ok 16:36:36.0297 5824 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 16:36:36.0313 5824 CNG - ok 16:36:36.0313 5824 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 16:36:36.0313 5824 Compbatt - ok 16:36:36.0344 5824 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 16:36:36.0344 5824 CompositeBus - ok 16:36:36.0360 5824 COMSysApp - ok 16:36:36.0547 5824 cpuz134 - ok 16:36:36.0563 5824 cpuz135 - ok 16:36:36.0563 5824 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 16:36:36.0578 5824 crcdisk - ok 16:36:36.0609 5824 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:36:36.0609 5824 CryptSvc - ok 16:36:36.0641 5824 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 16:36:36.0687 5824 DcomLaunch - ok 16:36:36.0719 5824 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 16:36:36.0734 5824 defragsvc - ok 16:36:36.0750 5824 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 16:36:36.0750 5824 DfsC - ok 16:36:36.0781 5824 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 16:36:36.0797 5824 Dhcp - ok 16:36:36.0797 5824 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 16:36:36.0812 5824 discache - ok 16:36:36.0812 5824 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 16:36:36.0828 5824 Disk - ok 16:36:36.0859 5824 [ 599864BDC6D2D769E5FF53E960C6B3BD ] DNE C:\Windows\system32\DRIVERS\dnelwf64.sys 16:36:36.0859 5824 DNE - ok 16:36:36.0890 5824 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:36:36.0906 5824 Dnscache - ok 16:36:36.0921 5824 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 16:36:36.0937 5824 dot3svc - ok 16:36:36.0953 5824 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 16:36:36.0968 5824 DPS - ok 16:36:36.0984 5824 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:36:36.0984 5824 drmkaud - ok 16:36:37.0015 5824 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:36:37.0031 5824 DXGKrnl - ok 16:36:37.0062 5824 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 16:36:37.0077 5824 EapHost - ok 16:36:37.0155 5824 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 16:36:37.0233 5824 ebdrv - ok 16:36:37.0280 5824 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 16:36:37.0296 5824 EFS - ok 16:36:37.0358 5824 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 16:36:37.0374 5824 ehRecvr - ok 16:36:37.0389 5824 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 16:36:37.0389 5824 ehSched - ok 16:36:37.0452 5824 [ 627350A11295D82BF78D155B12FFD0EF ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys 16:36:37.0452 5824 ElRawDisk - ok 16:36:37.0467 5824 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 16:36:37.0483 5824 elxstor - ok 16:36:37.0483 5824 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 16:36:37.0483 5824 ErrDev - ok 16:36:37.0545 5824 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 16:36:37.0577 5824 EventSystem - ok 16:36:37.0592 5824 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 16:36:37.0608 5824 exfat - ok 16:36:37.0623 5824 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:36:37.0623 5824 fastfat - ok 16:36:37.0655 5824 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 16:36:37.0670 5824 Fax - ok 16:36:37.0670 5824 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 16:36:37.0686 5824 fdc - ok 16:36:37.0701 5824 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 16:36:37.0717 5824 fdPHost - ok 16:36:37.0733 5824 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 16:36:37.0748 5824 FDResPub - ok 16:36:37.0764 5824 FileDisk - ok 16:36:37.0779 5824 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:36:37.0779 5824 FileInfo - ok 16:36:37.0795 5824 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:36:37.0795 5824 Filetrace - ok 16:36:37.0857 5824 Fix-It Task Manager - ok 16:36:37.0904 5824 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 16:36:37.0920 5824 FLEXnet Licensing Service - ok 16:36:37.0920 5824 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 16:36:37.0935 5824 flpydisk - ok 16:36:37.0951 5824 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:36:37.0951 5824 FltMgr - ok 16:36:37.0982 5824 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 16:36:38.0013 5824 FontCache - ok 16:36:38.0060 5824 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:36:38.0060 5824 FontCache3.0.0.0 - ok 16:36:38.0060 5824 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 16:36:38.0076 5824 FsDepends - ok 16:36:38.0107 5824 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 16:36:38.0107 5824 fssfltr - ok 16:36:38.0169 5824 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 16:36:38.0201 5824 fsssvc - ok 16:36:38.0247 5824 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:36:38.0247 5824 Fs_Rec - ok 16:36:38.0263 5824 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 16:36:38.0263 5824 fvevol - ok 16:36:38.0279 5824 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:36:38.0279 5824 gagp30kx - ok 16:36:38.0310 5824 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 16:36:38.0341 5824 gpsvc - ok 16:36:38.0341 5824 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 16:36:38.0341 5824 hcw85cir - ok 16:36:38.0419 5824 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 16:36:38.0419 5824 HdAudAddService - ok 16:36:38.0450 5824 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 16:36:38.0450 5824 HDAudBus - ok 16:36:38.0450 5824 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 16:36:38.0466 5824 HidBatt - ok 16:36:38.0466 5824 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 16:36:38.0466 5824 HidBth - ok 16:36:38.0481 5824 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 16:36:38.0481 5824 HidIr - ok 16:36:38.0497 5824 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 16:36:38.0513 5824 hidserv - ok 16:36:38.0528 5824 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 16:36:38.0528 5824 HidUsb - ok 16:36:38.0544 5824 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 16:36:38.0575 5824 hkmsvc - ok 16:36:38.0591 5824 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 16:36:38.0622 5824 HomeGroupListener - ok 16:36:38.0653 5824 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 16:36:38.0684 5824 HomeGroupProvider - ok 16:36:38.0700 5824 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 16:36:38.0700 5824 HpSAMD - ok 16:36:38.0715 5824 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:36:38.0731 5824 HTTP - ok 16:36:38.0731 5824 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 16:36:38.0731 5824 hwpolicy - ok 16:36:38.0747 5824 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 16:36:38.0747 5824 i8042prt - ok 16:36:38.0778 5824 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys 16:36:38.0778 5824 iaStor - ok 16:36:38.0856 5824 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 16:36:38.0856 5824 IAStorDataMgrSvc - ok 16:36:38.0871 5824 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 16:36:38.0887 5824 iaStorV - ok 16:36:38.0934 5824 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:36:38.0949 5824 idsvc - ok 16:36:38.0949 5824 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 16:36:38.0965 5824 iirsp - ok 16:36:38.0981 5824 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 16:36:39.0012 5824 IKEEXT - ok 16:36:39.0043 5824 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys 16:36:39.0059 5824 Impcd - ok 16:36:39.0074 5824 IntcAzAudAddService - ok 16:36:39.0121 5824 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 16:36:39.0121 5824 IntcDAud - ok 16:36:39.0137 5824 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 16:36:39.0137 5824 intelide - ok 16:36:39.0152 5824 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 16:36:39.0152 5824 intelppm - ok 16:36:39.0215 5824 [ 4C279F23F88E0854CE94731E55BF6E77 ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe 16:36:39.0215 5824 ioloSystemService - ok 16:36:39.0246 5824 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 16:36:39.0246 5824 IPBusEnum - ok 16:36:39.0261 5824 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:36:39.0277 5824 IpFilterDriver - ok 16:36:39.0308 5824 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:36:39.0308 5824 iphlpsvc - ok 16:36:39.0324 5824 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 16:36:39.0324 5824 IPMIDRV - ok 16:36:39.0324 5824 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 16:36:39.0324 5824 IPNAT - ok 16:36:39.0339 5824 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:36:39.0355 5824 IRENUM - ok 16:36:39.0355 5824 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:36:39.0355 5824 isapnp - ok 16:36:39.0386 5824 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 16:36:39.0402 5824 iScsiPrt - ok 16:36:39.0449 5824 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 16:36:39.0464 5824 k57nd60a - ok 16:36:39.0464 5824 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 16:36:39.0464 5824 kbdclass - ok 16:36:39.0480 5824 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 16:36:39.0480 5824 kbdhid - ok 16:36:39.0511 5824 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 16:36:39.0527 5824 KeyIso - ok 16:36:39.0558 5824 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:36:39.0558 5824 KSecDD - ok 16:36:39.0589 5824 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 16:36:39.0589 5824 KSecPkg - ok 16:36:39.0605 5824 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:36:39.0605 5824 ksthunk - ok 16:36:39.0636 5824 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 16:36:39.0667 5824 KtmRm - ok 16:36:39.0714 5824 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 16:36:39.0761 5824 LanmanServer - ok 16:36:39.0776 5824 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:36:39.0839 5824 LanmanWorkstation - ok 16:36:39.0917 5824 [ 95EC0CB52692894E050CFC3573ABC3B2 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 16:36:39.0917 5824 LBTServ - ok 16:36:39.0932 5824 [ 4838EA42D5BBE1CA6BEE9BBA35E8D2E5 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys 16:36:39.0932 5824 LEqdUsb - ok 16:36:39.0948 5824 [ 6F63F8A7FF6D4671973619BCF821B2F5 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys 16:36:39.0948 5824 LHidEqd - ok 16:36:39.0979 5824 [ E536A1D8502D0CA79B928CAB9EAEB807 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 16:36:39.0979 5824 LHidFilt - ok 16:36:40.0026 5824 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:36:40.0026 5824 lltdio - ok 16:36:40.0057 5824 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:36:40.0088 5824 lltdsvc - ok 16:36:40.0104 5824 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 16:36:40.0135 5824 lmhosts - ok 16:36:40.0182 5824 [ 7109163D8027076D2680CFC4E80E2A28 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe 16:36:40.0197 5824 LMIGuardianSvc - ok 16:36:40.0213 5824 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 16:36:40.0213 5824 LMIInfo - ok 16:36:40.0244 5824 [ 8054CE1FC8B417691960D00F931516A7 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe 16:36:40.0244 5824 LMIMaint - ok 16:36:40.0275 5824 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys 16:36:40.0291 5824 lmimirr - ok 16:36:40.0307 5824 LMIRfsClientNP - ok 16:36:40.0322 5824 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys 16:36:40.0322 5824 LMIRfsDriver - ok 16:36:40.0338 5824 [ 2E6D0110DACC769AE478ADE6C2572E37 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 16:36:40.0353 5824 LMouFilt - ok 16:36:40.0369 5824 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe 16:36:40.0369 5824 LogMeIn - ok 16:36:40.0416 5824 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 16:36:40.0431 5824 LSI_FC - ok 16:36:40.0447 5824 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:36:40.0463 5824 LSI_SAS - ok 16:36:40.0463 5824 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 16:36:40.0463 5824 LSI_SAS2 - ok 16:36:40.0478 5824 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 16:36:40.0478 5824 LSI_SCSI - ok 16:36:40.0494 5824 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 16:36:40.0494 5824 luafv - ok 16:36:40.0541 5824 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 16:36:40.0541 5824 MBAMProtector - ok 16:36:40.0587 5824 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 16:36:40.0587 5824 MBAMScheduler - ok 16:36:40.0619 5824 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 16:36:40.0634 5824 MBAMService - ok 16:36:40.0650 5824 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 16:36:40.0681 5824 Mcx2Svc - ok 16:36:40.0681 5824 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 16:36:40.0697 5824 megasas - ok 16:36:40.0712 5824 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 16:36:40.0728 5824 MegaSR - ok 16:36:40.0759 5824 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 16:36:40.0759 5824 MEIx64 - ok 16:36:40.0775 5824 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 16:36:40.0806 5824 MMCSS - ok 16:36:40.0821 5824 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 16:36:40.0837 5824 Modem - ok 16:36:40.0853 5824 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 16:36:40.0853 5824 monitor - ok 16:36:40.0868 5824 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 16:36:40.0868 5824 mouclass - ok 16:36:40.0884 5824 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 16:36:40.0884 5824 mouhid - ok 16:36:40.0899 5824 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 16:36:40.0915 5824 mountmgr - ok 16:36:40.0977 5824 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:36:40.0993 5824 MozillaMaintenance - ok 16:36:40.0993 5824 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 16:36:40.0993 5824 mpio - ok 16:36:41.0024 5824 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:36:41.0024 5824 mpsdrv - ok 16:36:41.0055 5824 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 16:36:41.0087 5824 MpsSvc - ok 16:36:41.0102 5824 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 16:36:41.0102 5824 MRxDAV - ok 16:36:41.0133 5824 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:36:41.0133 5824 mrxsmb - ok 16:36:41.0149 5824 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:36:41.0149 5824 mrxsmb10 - ok 16:36:41.0165 5824 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:36:41.0180 5824 mrxsmb20 - ok 16:36:41.0196 5824 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 16:36:41.0196 5824 msahci - ok 16:36:41.0211 5824 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 16:36:41.0211 5824 msdsm - ok 16:36:41.0227 5824 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 16:36:41.0258 5824 MSDTC - ok 16:36:41.0274 5824 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:36:41.0274 5824 Msfs - ok 16:36:41.0289 5824 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 16:36:41.0305 5824 mshidkmdf - ok 16:36:41.0305 5824 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:36:41.0305 5824 msisadrv - ok 16:36:41.0352 5824 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:36:41.0367 5824 MSiSCSI - ok 16:36:41.0367 5824 msiserver - ok 16:36:41.0399 5824 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:36:41.0414 5824 MSKSSRV - ok 16:36:41.0430 5824 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:36:41.0430 5824 MSPCLOCK - ok 16:36:41.0430 5824 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:36:41.0445 5824 MSPQM - ok 16:36:41.0523 5824 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:36:41.0539 5824 MsRPC - ok 16:36:41.0586 5824 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 16:36:41.0586 5824 mssmbios - ok 16:36:41.0586 5824 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:36:41.0601 5824 MSTEE - ok 16:36:41.0601 5824 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 16:36:41.0601 5824 MTConfig - ok 16:36:41.0633 5824 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 16:36:41.0633 5824 Mup - ok 16:36:41.0664 5824 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 16:36:41.0711 5824 napagent - ok 16:36:41.0742 5824 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:36:41.0742 5824 NativeWifiP - ok 16:36:41.0773 5824 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 16:36:41.0789 5824 NDIS - ok 16:36:41.0804 5824 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 16:36:41.0820 5824 NdisCap - ok 16:36:41.0835 5824 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:36:41.0835 5824 NdisTapi - ok 16:36:41.0851 5824 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:36:41.0851 5824 Ndisuio - ok 16:36:41.0867 5824 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:36:41.0867 5824 NdisWan - ok 16:36:41.0867 5824 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:36:41.0867 5824 NDProxy - ok 16:36:41.0882 5824 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:36:41.0882 5824 NetBIOS - ok 16:36:41.0898 5824 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 16:36:41.0913 5824 NetBT - ok 16:36:41.0913 5824 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 16:36:41.0929 5824 Netlogon - ok 16:36:41.0991 5824 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 16:36:42.0023 5824 Netman - ok 16:36:42.0272 5824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:36:42.0303 5824 NetMsmqActivator - ok 16:36:42.0303 5824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:36:42.0319 5824 NetPipeActivator - ok 16:36:42.0335 5824 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 16:36:42.0381 5824 netprofm - ok 16:36:42.0381 5824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:36:42.0397 5824 NetTcpActivator - ok 16:36:42.0397 5824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:36:42.0397 5824 NetTcpPortSharing - ok 16:36:42.0506 5824 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 16:36:42.0506 5824 nfrd960 - ok 16:36:42.0537 5824 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 16:36:42.0569 5824 NlaSvc - ok 16:36:43.0052 5824 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe 16:36:43.0115 5824 NOBU - ok 16:36:43.0146 5824 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:36:43.0146 5824 Npfs - ok 16:36:43.0177 5824 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 16:36:43.0208 5824 nsi - ok 16:36:43.0224 5824 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:36:43.0224 5824 nsiproxy - ok 16:36:43.0286 5824 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:36:43.0349 5824 Ntfs - ok 16:36:43.0380 5824 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 16:36:43.0380 5824 Null - ok 16:36:43.0458 5824 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:36:43.0458 5824 nvraid - ok 16:36:43.0458 5824 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:36:43.0473 5824 nvstor - ok 16:36:43.0520 5824 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:36:43.0536 5824 nv_agp - ok 16:36:43.0536 5824 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 16:36:43.0551 5824 ohci1394 - ok 16:36:43.0629 5824 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:36:43.0629 5824 ose - ok 16:36:44.0363 5824 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 16:36:44.0394 5824 osppsvc - ok 16:36:44.0425 5824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 16:36:44.0456 5824 p2pimsvc - ok 16:36:44.0503 5824 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 16:36:44.0534 5824 p2psvc - ok 16:36:44.0534 5824 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 16:36:44.0550 5824 Parport - ok 16:36:44.0581 5824 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:36:44.0581 5824 partmgr - ok 16:36:44.0643 5824 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 16:36:44.0675 5824 PcaSvc - ok 16:36:45.0595 5824 PcdrNdisuio - ok 16:36:45.0860 5824 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms 16:36:45.0876 5824 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok 16:36:45.0923 5824 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 16:36:45.0938 5824 pci - ok 16:36:45.0954 5824 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 16:36:45.0954 5824 pciide - ok 16:36:46.0016 5824 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:36:46.0063 5824 pcmcia - ok 16:36:46.0094 5824 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 16:36:46.0094 5824 pcw - ok 16:36:46.0281 5824 [ 8570C04D9DBFDDD2CCF655DEB4D84715 ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys 16:36:46.0281 5824 PDFsFilter - ok 16:36:46.0422 5824 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:36:46.0453 5824 PEAUTH - ok 16:36:46.0547 5824 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:36:46.0578 5824 PerfHost - ok 16:36:46.0718 5824 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 16:36:46.0812 5824 pla - ok 16:36:46.0921 5824 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:36:47.0015 5824 PlugPlay - ok 16:36:47.0217 5824 [ CBCEC2C45E7D672EC6E46CBFF23BDF8E ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe 16:36:47.0373 5824 PMBDeviceInfoProvider - ok 16:36:47.0451 5824 [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys 16:36:47.0467 5824 pmxdrv - ok 16:36:47.0483 5824 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 16:36:47.0514 5824 PNRPAutoReg - ok 16:36:47.0545 5824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 16:36:47.0576 5824 PNRPsvc - ok 16:36:47.0654 5824 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:36:47.0685 5824 PolicyAgent - ok 16:36:47.0717 5824 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 16:36:47.0763 5824 Power - ok 16:36:47.0795 5824 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 16:36:47.0810 5824 PptpMiniport - ok 16:36:47.0826 5824 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 16:36:47.0841 5824 Processor - ok 16:36:47.0888 5824 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 16:36:47.0935 5824 ProfSvc - ok 16:36:47.0951 5824 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 16:36:47.0982 5824 ProtectedStorage - ok 16:36:48.0044 5824 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 16:36:48.0044 5824 Psched - ok 16:36:48.0075 5824 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys 16:36:48.0091 5824 PSI - ok 16:36:48.0122 5824 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 16:36:48.0153 5824 PSI_SVC_2 - ok 16:36:48.0185 5824 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 16:36:48.0185 5824 PxHlpa64 - ok 16:36:48.0465 5824 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 16:36:48.0559 5824 ql2300 - ok 16:36:48.0590 5824 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 16:36:48.0606 5824 ql40xx - ok 16:36:48.0653 5824 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 16:36:48.0699 5824 QWAVE - ok 16:36:48.0715 5824 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:36:48.0731 5824 QWAVEdrv - ok 16:36:48.0871 5824 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 16:36:48.0871 5824 RapiMgr - ok 16:36:48.0887 5824 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:36:48.0902 5824 RasAcd - ok 16:36:48.0980 5824 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 16:36:48.0980 5824 RasAgileVpn - ok 16:36:48.0996 5824 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 16:36:49.0027 5824 RasAuto - ok 16:36:49.0058 5824 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 16:36:49.0058 5824 Rasl2tp - ok 16:36:49.0105 5824 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 16:36:49.0152 5824 RasMan - ok 16:36:49.0183 5824 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:36:49.0199 5824 RasPppoe - ok 16:36:49.0214 5824 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 16:36:49.0214 5824 RasSstp - ok 16:36:49.0261 5824 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:36:49.0277 5824 rdbss - ok 16:36:49.0308 5824 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 16:36:49.0308 5824 rdpbus - ok 16:36:49.0339 5824 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 16:36:49.0339 5824 RDPCDD - ok 16:36:49.0355 5824 [ BDF2DB2F19945AFAF102A2C03062EFB1 ] RDPDISPM C:\Windows\system32\DRIVERS\rdpdispm.sys 16:36:49.0370 5824 RDPDISPM - ok 16:36:49.0386 5824 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 16:36:49.0401 5824 RDPENCDD - ok 16:36:49.0417 5824 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 16:36:49.0433 5824 RDPREFMP - ok 16:36:49.0495 5824 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 16:36:49.0495 5824 RdpVideoMiniport - ok 16:36:49.0542 5824 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 16:36:49.0557 5824 RDPWD - ok 16:36:49.0604 5824 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 16:36:49.0620 5824 rdyboost - ok 16:36:49.0651 5824 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:36:49.0682 5824 RemoteAccess - ok 16:36:49.0698 5824 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:36:49.0729 5824 RemoteRegistry - ok 16:36:50.0010 5824 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 16:36:50.0119 5824 RoxMediaDB12OEM - ok 16:36:50.0197 5824 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 16:36:50.0228 5824 RoxWatch12 - ok 16:36:50.0244 5824 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 16:36:50.0291 5824 RpcEptMapper - ok 16:36:50.0306 5824 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 16:36:50.0322 5824 RpcLocator - ok 16:36:50.0384 5824 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 16:36:50.0415 5824 RpcSs - ok 16:36:50.0431 5824 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:36:50.0447 5824 rspndr - ok 16:36:50.0462 5824 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 16:36:50.0478 5824 SamSs - ok 16:36:50.0540 5824 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:36:50.0540 5824 sbp2port - ok 16:36:50.0618 5824 [ 7E07D2A5B910C71D6474E9AA0EAA1825 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys 16:36:50.0618 5824 SBRE - ok 16:36:50.0681 5824 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:36:50.0712 5824 SCardSvr - ok 16:36:50.0743 5824 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 16:36:50.0743 5824 scfilter - ok 16:36:50.0868 5824 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 16:36:50.0915 5824 Schedule - ok 16:36:50.0961 5824 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 16:36:50.0961 5824 SCPolicySvc - ok 16:36:51.0008 5824 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 16:36:51.0055 5824 SDRSVC - ok 16:36:51.0117 5824 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:36:51.0117 5824 secdrv - ok 16:36:51.0117 5824 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 16:36:51.0149 5824 seclogon - ok 16:36:51.0367 5824 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe 16:36:51.0367 5824 Secunia PSI Agent - ok 16:36:51.0398 5824 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 16:36:51.0445 5824 SENS - ok 16:36:51.0445 5824 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 16:36:51.0492 5824 SensrSvc - ok 16:36:51.0570 5824 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 16:36:51.0570 5824 Serenum - ok 16:36:51.0632 5824 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 16:36:51.0632 5824 Serial - ok 16:36:51.0663 5824 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 16:36:51.0679 5824 sermouse - ok 16:36:51.0710 5824 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 16:36:51.0741 5824 SessionEnv - ok 16:36:51.0741 5824 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 16:36:51.0757 5824 sffdisk - ok 16:36:51.0757 5824 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 16:36:51.0757 5824 sffp_mmc - ok 16:36:51.0757 5824 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 16:36:51.0773 5824 sffp_sd - ok 16:36:51.0773 5824 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 16:36:51.0773 5824 sfloppy - ok 16:36:52.0147 5824 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 16:36:52.0225 5824 SftService - ok 16:36:52.0319 5824 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:36:52.0350 5824 SharedAccess - ok 16:36:52.0443 5824 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:36:52.0506 5824 ShellHWDetection - ok 16:36:52.0521 5824 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 16:36:52.0521 5824 SiSRaid2 - ok 16:36:52.0537 5824 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:36:52.0537 5824 SiSRaid4 - ok 16:36:53.0021 5824 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 16:36:53.0130 5824 Skype C2C Service - ok 16:36:53.0255 5824 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 16:36:53.0255 5824 SkypeUpdate - ok 16:36:53.0301 5824 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 16:36:53.0301 5824 Smb - ok 16:36:53.0333 5824 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:36:53.0379 5824 SNMPTRAP - ok 16:36:53.0395 5824 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 16:36:53.0395 5824 spldr - ok 16:36:53.0504 5824 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 16:36:53.0535 5824 Spooler - ok 16:36:54.0003 5824 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 16:36:54.0113 5824 sppsvc - ok 16:36:54.0144 5824 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 16:36:54.0159 5824 sppuinotify - ok 16:36:54.0222 5824 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 16:36:54.0237 5824 srv - ok 16:36:54.0315 5824 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:36:54.0331 5824 srv2 - ok 16:36:54.0378 5824 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:36:54.0378 5824 srvnet - ok 16:36:54.0518 5824 [ 2BD486E7A2EB225E9E8E3DD1C016461B ] SSCBFS3 C:\Windows\system32\DRIVERS\sscbfs3.sys 16:36:54.0534 5824 SSCBFS3 - ok 16:36:54.0612 5824 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:36:54.0659 5824 SSDPSRV - ok 16:36:54.0690 5824 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:36:54.0737 5824 SstpSvc - ok 16:36:54.0783 5824 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 16:36:54.0783 5824 stexstor - ok 16:36:54.0846 5824 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 16:36:54.0846 5824 StillCam - ok 16:36:54.0924 5824 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 16:36:54.0971 5824 stisvc - ok 16:36:55.0064 5824 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 16:36:55.0064 5824 stllssvr - ok 16:36:55.0080 5824 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 16:36:55.0095 5824 swenum - ok 16:36:55.0236 5824 [ 18AA39F3229D033D83C40E2B86F86757 ] SWGVCSvc C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe 16:36:55.0236 5824 SWGVCSvc - ok 16:36:55.0283 5824 [ 62EAC9FB03C327654608070FA78BA84D ] SWIPsec C:\Windows\system32\Drivers\SWIPsec.sys 16:36:55.0298 5824 SWIPsec - ok 16:36:55.0345 5824 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 16:36:55.0392 5824 swprv - ok 16:36:55.0407 5824 [ DCF11E08A8524B19EC47515C22BE492E ] SWVNIC C:\Windows\system32\DRIVERS\swvnic.sys 16:36:55.0407 5824 SWVNIC - ok 16:36:55.0501 5824 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 16:36:55.0595 5824 SysMain - ok 16:36:55.0610 5824 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 16:36:55.0657 5824 TabletInputService - ok 16:36:55.0688 5824 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 16:36:55.0735 5824 TapiSrv - ok 16:36:55.0766 5824 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 16:36:55.0797 5824 TBS - ok 16:36:55.0985 5824 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:36:56.0031 5824 Tcpip - ok 16:36:56.0219 5824 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 16:36:56.0234 5824 TCPIP6 - ok 16:36:56.0250 5824 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:36:56.0250 5824 tcpipreg - ok 16:36:56.0281 5824 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 16:36:56.0297 5824 TDPIPE - ok 16:36:56.0328 5824 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 16:36:56.0328 5824 TDTCP - ok 16:36:56.0359 5824 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:36:56.0359 5824 tdx - ok 16:36:56.0406 5824 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 16:36:56.0406 5824 TermDD - ok 16:36:56.0499 5824 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 16:36:56.0562 5824 TermService - ok 16:36:56.0562 5824 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 16:36:56.0609 5824 Themes - ok 16:36:56.0624 5824 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 16:36:56.0655 5824 THREADORDER - ok 16:36:56.0687 5824 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 16:36:56.0718 5824 TrkWks - ok 16:36:56.0765 5824 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:36:56.0765 5824 TrustedInstaller - ok 16:36:56.0780 5824 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 16:36:56.0780 5824 tssecsrv - ok 16:36:56.0796 5824 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 16:36:56.0811 5824 TsUsbFlt - ok 16:36:56.0843 5824 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 16:36:56.0843 5824 TsUsbGD - ok 16:36:56.0874 5824 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:36:56.0874 5824 tunnel - ok 16:36:56.0889 5824 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:36:56.0889 5824 uagp35 - ok 16:36:56.0905 5824 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:36:56.0905 5824 udfs - ok 16:36:56.0921 5824 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:36:56.0936 5824 UI0Detect - ok 16:36:56.0983 5824 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:36:56.0999 5824 uliagpkx - ok 16:36:57.0014 5824 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 16:36:57.0014 5824 umbus - ok 16:36:57.0030 5824 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 16:36:57.0045 5824 UmPass - ok 16:36:57.0077 5824 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 16:36:57.0123 5824 upnphost - ok 16:36:57.0155 5824 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 16:36:57.0155 5824 usbccgp - ok 16:36:57.0170 5824 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 16:36:57.0170 5824 usbcir - ok 16:36:57.0186 5824 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 16:36:57.0201 5824 usbehci - ok 16:36:57.0233 5824 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 16:36:57.0248 5824 usbhub - ok 16:36:57.0248 5824 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 16:36:57.0264 5824 usbohci - ok 16:36:57.0279 5824 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 16:36:57.0279 5824 usbprint - ok 16:36:57.0311 5824 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 16:36:57.0326 5824 usbscan - ok 16:36:57.0342 5824 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:36:57.0357 5824 USBSTOR - ok 16:36:57.0389 5824 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 16:36:57.0389 5824 usbuhci - ok 16:36:57.0482 5824 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 16:36:57.0482 5824 usbvideo - ok 16:36:57.0498 5824 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 16:36:57.0560 5824 UxSms - ok 16:36:57.0591 5824 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 16:36:57.0607 5824 VaultSvc - ok 16:36:57.0654 5824 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 16:36:57.0654 5824 vdrvroot - ok 16:36:57.0685 5824 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 16:36:57.0747 5824 vds - ok 16:36:57.0810 5824 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 16:36:57.0825 5824 vga - ok 16:36:57.0825 5824 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 16:36:57.0841 5824 VgaSave - ok 16:36:57.0841 5824 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 16:36:57.0857 5824 vhdmp - ok 16:36:57.0857 5824 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 16:36:57.0857 5824 viaide - ok 16:36:57.0903 5824 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:36:57.0903 5824 volmgr - ok 16:36:57.0966 5824 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:36:58.0387 5824 volmgrx - ok 16:36:58.0418 5824 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:36:58.0418 5824 volsnap - ok 16:36:58.0434 5824 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:36:58.0434 5824 vsmraid - ok 16:36:58.0465 5824 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 16:36:58.0496 5824 VSS - ok 16:36:58.0512 5824 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 16:36:58.0527 5824 vwifibus - ok 16:36:58.0559 5824 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 16:36:58.0559 5824 vwififlt - ok 16:36:58.0590 5824 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 16:36:58.0605 5824 vwifimp - ok 16:36:58.0637 5824 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 16:36:58.0683 5824 W32Time - ok 16:36:58.0699 5824 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 16:36:58.0699 5824 WacomPen - ok 16:36:58.0746 5824 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 16:36:58.0746 5824 WANARP - ok 16:36:58.0761 5824 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 16:36:58.0761 5824 Wanarpv6 - ok 16:36:58.0886 5824 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 16:36:58.0902 5824 WatAdminSvc - ok 16:36:58.0933 5824 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 16:36:58.0980 5824 wbengine - ok 16:36:59.0027 5824 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 16:36:59.0073 5824 WbioSrvc - ok 16:36:59.0120 5824 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 16:36:59.0120 5824 WcesComm - ok 16:36:59.0120 5824 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:36:59.0151 5824 wcncsvc - ok 16:36:59.0183 5824 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:36:59.0214 5824 WcsPlugInService - ok 16:36:59.0261 5824 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 16:36:59.0261 5824 Wd - ok 16:36:59.0354 5824 [ 96C4C98FE4866C16FC64E4578A0AA975 ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe 16:36:59.0370 5824 WDBackup - ok 16:36:59.0401 5824 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys 16:36:59.0401 5824 WDC_SAM - ok 16:36:59.0448 5824 [ 80F8944EA183004D6EDCBBDCEC166404 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe 16:36:59.0448 5824 WDDriveService - ok 16:36:59.0557 5824 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:36:59.0604 5824 Wdf01000 - ok 16:36:59.0619 5824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 16:36:59.0682 5824 WdiServiceHost - ok 16:36:59.0682 5824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 16:36:59.0697 5824 WdiSystemHost - ok 16:36:59.0900 5824 [ FD2D1C60CDBDFAB63EF182539D8FFC2D ] WDRulesService C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe 16:36:59.0947 5824 WDRulesService - ok 16:37:00.0009 5824 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 16:37:00.0087 5824 WebClient - ok 16:37:00.0165 5824 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:37:00.0212 5824 Wecsvc - ok 16:37:00.0228 5824 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:37:00.0259 5824 wercplsupport - ok 16:37:00.0337 5824 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 16:37:00.0399 5824 WerSvc - ok 16:37:00.0493 5824 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 16:37:00.0509 5824 WfpLwf - ok 16:37:00.0587 5824 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 16:37:00.0587 5824 WimFltr - ok 16:37:00.0618 5824 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 16:37:00.0618 5824 WIMMount - ok 16:37:00.0633 5824 WinDefend - ok 16:37:00.0649 5824 WinHttpAutoProxySvc - ok 16:37:00.0727 5824 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:37:00.0727 5824 Winmgmt - ok 16:37:00.0883 5824 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll 16:37:00.0977 5824 WinRM - ok 16:37:00.0992 5824 [ FE88B288356E7B47B74B13372ADD906D ] winusb C:\Windows\system32\DRIVERS\winusb.sys 16:37:00.0992 5824 winusb - ok 16:37:01.0023 5824 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 16:37:01.0055 5824 Wlansvc - ok 16:37:01.0351 5824 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:37:01.0367 5824 wlidsvc - ok 16:37:01.0445 5824 [ DE816A0624D54D68E1FB8A9028DCF81A ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 16:37:01.0445 5824 wltrysvc - ok 16:37:01.0476 5824 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 16:37:01.0476 5824 WmiAcpi - ok 16:37:01.0554 5824 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:37:01.0554 5824 wmiApSrv - ok 16:37:01.0616 5824 WMPNetworkSvc - ok 16:37:01.0663 5824 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe 16:37:01.0679 5824 WMZuneComm - ok 16:37:01.0679 5824 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:37:01.0710 5824 WPCSvc - ok 16:37:01.0741 5824 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:37:01.0772 5824 WPDBusEnum - ok 16:37:01.0819 5824 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:37:01.0819 5824 ws2ifsl - ok 16:37:01.0850 5824 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 16:37:01.0866 5824 wscsvc - ok 16:37:01.0866 5824 WSearch - ok 16:37:01.0928 5824 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 16:37:02.0069 5824 wuauserv - ok 16:37:02.0084 5824 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:37:02.0100 5824 WudfPf - ok 16:37:02.0115 5824 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 16:37:02.0131 5824 WUDFRd - ok 16:37:02.0131 5824 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:37:02.0162 5824 wudfsvc - ok 16:37:02.0178 5824 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 16:37:02.0209 5824 WwanSvc - ok 16:37:02.0350 5824 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe 16:37:02.0381 5824 ZuneNetworkSvc - ok 16:37:02.0428 5824 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe 16:37:02.0428 5824 ZuneWlanCfgSvc - ok 16:37:02.0459 5824 ================ Scan global =============================== 16:37:02.0490 5824 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 16:37:02.0521 5824 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll 16:37:02.0552 5824 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll 16:37:02.0599 5824 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 16:37:02.0646 5824 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 16:37:02.0662 5824 [Global] - ok 16:37:02.0662 5824 ================ Scan MBR ================================== 16:37:02.0677 5824 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 16:37:02.0927 5824 \Device\Harddisk0\DR0 - ok 16:37:02.0927 5824 ================ Scan VBR ================================== 16:37:02.0927 5824 [ FB4CAC549C51FA7695BB39A2A7AFE1AD ] \Device\Harddisk0\DR0\Partition1 16:37:02.0942 5824 \Device\Harddisk0\DR0\Partition1 - ok 16:37:02.0942 5824 [ BDE66353B93E562E376BCBF940CF228E ] \Device\Harddisk0\DR0\Partition2 16:37:02.0958 5824 \Device\Harddisk0\DR0\Partition2 - ok 16:37:02.0958 5824 ============================================================ 16:37:02.0958 5824 Scan finished 16:37:02.0958 5824 ============================================================ 16:37:02.0958 5252 Detected object count: 0 16:37:02.0958 5252 Actual detected object count: 0

After the RogueKiller prescan finished nothing was found in Registry tab nor in any of the other tabs. I asume that you meant after the RogueKiller prescan finished you wanted me to run the Scan. Again nothing was found in the Registry tab. Here's the report. RogueKiller V8.4.3 [Jan 21 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : RAM DELL 8300 [Admin rights] Mode : Scan -- Date : 01/23/2013 16:20:20 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 1 ¤¤¤ [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer ( ) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST31500341AS +++++ --- User --- [MBR] 61bcec13bbf84fc8c851e3925591bf41 [bSP] 21ba840a00dd2a6c9d7e5d6b81872e6d : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 1417192 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[7]_S_01232013_02d1620.txt >> RKreport[1]_S_01192013_02d0747.txt ; RKreport[2]_D_01192013_02d0750.txt ; RKreport[3]_S_01192013_02d0751.txt ; RKreport[4]_S_01232013_02d1146.txt ; RKreport[5]_S_01232013_02d1148.txt ; RKreport[6]_S_01232013_02d1614.txt ; RKreport[7]_S_01232013_02d1620.txt

I had trouble finding Folder Options with your directions. I just found it by a Start Menu Search of "Folder Options" and performed the requested changes. So I'm repeating prior steps. AdwCleaner log.txt # AdwCleaner v2.107 - Logfile created 01/23/2013 at 11:43:43 # Updated 21/01/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : RAM DELL 8300 - RAMDELL8300-PC # Boot Mode : Normal # Running from : C:\Users\RAM DELL 8300\Downloads\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml Folder Found : C:\Program Files (x86)\AVG Secure Search Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found : C:\ProgramData\AVG Secure Search Folder Found : C:\Users\RAM DELL 8300\AppData\Local\AVG Secure Search Folder Found : C:\Users\RAM DELL 8300\AppData\LocalLow\AVG Secure Search ***** [Registry] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Registry is clean. -\\ Mozilla Firefox v18.0.1 (en-US) File : C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Firefox\Profiles\r22rk5lc.default\prefs.js [OK] File is clean. ************************* AdwCleaner[R1].txt - [1995 octets] - [23/01/2013 11:07:49] AdwCleaner[R2].txt - [1930 octets] - [23/01/2013 11:43:43] ########## EOF - C:\AdwCleaner[R2].txt - [1990 octets] ########## TDSSKiller No threats found RogueKiller Report RogueKiller V8.4.3 [Jan 21 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : RAM DELL 8300 [Admin rights] Mode : Scan -- Date : 01/23/2013 11:48:06 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 1 ¤¤¤ [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer ( ) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST31500341AS +++++ --- User --- [MBR] 61bcec13bbf84fc8c851e3925591bf41 [bSP] 21ba840a00dd2a6c9d7e5d6b81872e6d : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 1417192 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[5]_S_01232013_02d1148.txt >> RKreport[1]_S_01192013_02d0747.txt ; RKreport[2]_D_01192013_02d0750.txt ; RKreport[3]_S_01192013_02d0751.txt ; RKreport[4]_S_01232013_02d1146.txt ; RKreport[5]_S_01232013_02d1148.txt

Hi Maurice I've deleted Java and will reinstall it if any programs require it. I've installed ERUNT. Here's the AdwCleaner log # AdwCleaner v2.107 - Logfile created 01/23/2013 at 11:07:49 # Updated 21/01/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : RAM DELL 8300 - RAMDELL8300-PC # Boot Mode : Normal # Running from : C:\Users\RAM DELL 8300\Downloads\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml Folder Found : C:\Program Files (x86)\AVG Secure Search Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found : C:\ProgramData\AVG Secure Search Folder Found : C:\Users\RAM DELL 8300\AppData\Local\AVG Secure Search Folder Found : C:\Users\RAM DELL 8300\AppData\LocalLow\AVG Secure Search ***** [Registry] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Registry is clean. -\\ Mozilla Firefox v18.0.1 (en-US) File : C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Firefox\Profiles\r22rk5lc.default\prefs.js [OK] File is clean. ************************* AdwCleaner[R1].txt - [1870 octets] - [23/01/2013 11:07:49] ########## EOF - C:\AdwCleaner[R1].txt - [1930 octets] ##########

I ran avast boot scan and it noted viruses and I moved them to my chest. I'm unable to post the log. Because of the virus I then started running the programs that TheDarkKnight suggested in the previous topic. I got to ESET and it found a virus still present not being detected. That's when I reactivated the topic. I am not getting help elsewhere and I am quite pleased with the support that is provided by all of you. I'll delete old Java programs and install the newest version. I'm pretty sure that some of my programs have requested it. How can I be sure? I'll run the other programs tonight. Thanks Newbie111

Here's the dds scan DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2 Run by RAM DELL 8300 at 5:59:09 on 2013-01-22 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12270.9516 [GMT -8:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Users\RAM DELL 8300\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Windows\SSDriver\fi5110\SsWiaChecker.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe C:\Windows\System32\wiawow64.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\splwow64.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\notepad.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/advanced_search?hl=en uProxyServer = BHO: AutorunsDisabled - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [skyDrive] "C:\Users\RAM DELL 8300\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" uRunOnce: [RunCanonMsetUp] C:\Program Files (x86)\Canon\IJ_MSetup4\MCDCHK2.EXE mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [browserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONVER~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANSN~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\CARDMI~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\ieSpell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\ieSpell.dll/SPELLOPTION.HTM . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab DPF: {319B9BA1-E335-4F8D-96CA-A89A1DFE778D} - hxxps://ikm07.usoncology.com/downloads/ikmSoundPlayer.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {9A0F2B30-FEFF-42C8-9C56-F4FE3215C00C} - hxxps://ikm07.usoncology.com/downloads/ikmPrinter.cab DPF: {BB609657-8E59-4175-9E74-86BD28208880} - hxxps://ikm07.usoncology.com/downloads/ieWrapper.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928 TCP: NameServer = 192.168.1.254 TCP: Interfaces\{6147CE2E-EAC1-41B6-812B-8A0D0AD079D2} : DHCPNameServer = 172.20.2.1 64.60.0.17 8.8.4.4 TCP: Interfaces\{AB7ECB17-50BB-41A8-888D-4835287ADBE0} : DHCPNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: AutorunsDisabled - <Clsid value has no data> Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll x64-mStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070320 x64-BHO: AutorunsDisabled - <orphaned> x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64 x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: AutorunsDisabled - <Clsid value has no data> x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> x64-SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll x64-STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Firefox\Profiles\r22rk5lc.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/advanced_search?hl=en FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2012-12-02 07:42; {8D150B8F-EFE8-45a3-A4A3-053020F48FAC}; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt FF - ExtSQL: 2013-01-08 09:41; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-1-8 984144] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-1-8 370288] R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-11-23 30752] R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2012-11-3 49752] R2 AQFileRestoreSrv;AQFileRestoreSrv;C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe [2012-9-18 81328] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-1-8 25232] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-8 71600] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-8 44808] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-26 13336] R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-12-8 1053184] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-4-2 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-5-20 72216] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-11 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-27 682344] R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-11-23 82160] R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-13 994360] R3 AQFileRestore;AQFileRestore;C:\Windows\System32\drivers\AQFileRestore.sys [2012-11-3 21120] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-13 96896] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-26 317440] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-10-26 406056] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2012-9-18 78648] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2012-9-18 15160] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-27 24176] R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976] R3 SSCBFS3;SugarSync CallBack File System driver v3;C:\Windows\System32\drivers\sscbfs3.sys [2012-11-21 347456] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-9-19 1157056] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-11-28 57856] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-10-26 158976] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-13 25072] S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-9-20 31152] S3 RDPDISPM;RDPDISPM;C:\Windows\System32\drivers\rdpdispm.sys [2010-8-31 10752] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-25 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-25 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-27 1255736] S4 .AVQWindowsMonitorService;Fix-It Utilities Process Monitor;C:\Program Files (x86)\Avanquest\Fix-It\AVQWinMonEngine.exe [2012-9-18 311032] S4 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 Licensing Service;C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [2009-4-27 759048] S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-27 239616] S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-5-11 375728] S4 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-11-27 479840] S4 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-10-26 55856] S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-10-26 1692480] S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944] S4 SWGVCSvc;SonicWALL Global VPN Client Service;C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe [2011-1-14 286504] S4 SWIPsec;SonicWALL IPsec Driver;C:\Windows\System32\drivers\SWIPsec.sys [2012-1-5 100128] S4 SWVNIC;SonicWALL Virtual Miniport;C:\Windows\System32\drivers\SWVNIC.sys [2010-1-23 24600] S4 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248] S4 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-9-19 1177536] . =============== Created Last 30 ================ . 2013-01-22 06:56:39 366080 ----a-w- C:\Windows\SysWow64\CNMNPPM.DLL 2013-01-22 06:56:39 252416 ----a-w- C:\Windows\System32\CNMN6PPM.DLL 2013-01-22 06:56:39 152064 ----a-w- C:\Windows\System32\CNMN6UI.DLL 2013-01-22 04:34:23 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2013-01-22 04:34:06 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2013-01-22 04:33:39 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2013-01-19 08:58:18 -------- d-sh--w- C:\$RECYCLE.BIN 2013-01-19 08:26:41 -------- d-----w- C:\ComboFix 2013-01-18 20:17:34 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F05636A-269D-4FC2-B799-C24D19C864D6}\mpengine.dll 2013-01-17 02:26:51 -------- d-----w- C:\Users\RAM DELL 8300\AppData\Local\SugarSync 2013-01-13 16:58:52 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll 2013-01-09 06:30:57 51712 ----a-w- C:\Windows\SysWow64\esrb.rs 2013-01-09 06:30:57 51712 ----a-w- C:\Windows\System32\esrb.rs 2013-01-09 06:30:57 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2013-01-09 06:30:55 23552 ----a-w- C:\Windows\System32\oflc.rs 2013-01-09 06:30:54 55296 ----a-w- C:\Windows\SysWow64\cero.rs 2013-01-09 06:30:54 55296 ----a-w- C:\Windows\System32\cero.rs 2013-01-09 06:30:54 23552 ----a-w- C:\Windows\SysWow64\oflc.rs 2013-01-09 06:30:54 20480 ----a-w- C:\Windows\SysWow64\pegi-fi.rs 2013-01-08 17:41:04 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-01-08 17:41:03 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-01-08 17:41:03 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-01-08 17:40:51 41224 ----a-w- C:\Windows\avastSS.scr 2013-01-08 17:37:23 -------- d-----w- C:\Users\RAM DELL 8300\AppData\Local\Avg2013 2013-01-05 03:06:56 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL 2013-01-05 03:06:56 -------- d-----w- C:\Program Files (x86)\SpywareBlaster 2013-01-02 15:02:22 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2013-01-01 21:13:56 -------- d-----w- C:\Program Files (x86)\ESET 2012-12-30 14:47:51 98816 ----a-w- C:\Windows\sed.exe 2012-12-30 14:47:51 256000 ----a-w- C:\Windows\PEV.exe 2012-12-30 14:47:51 208896 ----a-w- C:\Windows\MBR.exe 2012-12-30 14:14:36 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-30 14:14:36 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-30 14:14:36 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-30 14:14:35 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-28 11:53:25 -------- d-----w- C:\Users\RAM DELL 8300\AppData\Local\Programs . ==================== Find3M ==================== . 2013-01-13 18:30:17 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-13 18:30:17 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-12-15 00:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-09 20:09:42 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 10:46:42 43520 ----a-w- C:\Windows\SysWow64\csrr.rs 2012-12-07 10:46:42 30720 ----a-w- C:\Windows\SysWow64\usk.rs 2012-12-07 10:46:41 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs 2012-12-07 10:46:41 44544 ----a-w- C:\Windows\SysWow64\pegibbfc.rs 2012-12-07 10:46:41 20480 ----a-w- C:\Windows\SysWow64\pegi-pt.rs 2012-12-07 10:46:39 46592 ----a-w- C:\Windows\SysWow64\fpb.rs 2012-12-07 10:46:39 20480 ----a-w- C:\Windows\SysWow64\pegi.rs 2012-12-07 10:46:38 21504 ----a-w- C:\Windows\SysWow64\grb.rs 2012-12-07 10:46:37 40960 ----a-w- C:\Windows\SysWow64\cob-au.rs 2012-12-07 10:46:37 15360 ----a-w- C:\Windows\SysWow64\djctq.rs 2012-12-07 07:58:00 57144 ----a-w- C:\Windows\System32\iolobtdfg.exe 2012-12-07 07:57:52 25744 ----a-w- C:\Windows\System32\smrgdf.exe 2012-12-07 07:42:56 2155248 ----a-w- C:\Windows\System32\Incinerator64.dll 2012-12-07 07:42:54 2097032 ----a-w- C:\Windows\SysWow64\Incinerator32.dll 2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-24 05:21:39 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat 2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe 2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll 2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll 2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-11-08 19:29:12 1402312 ----a-w- C:\Windows\SysWow64\msxml4.dll 2012-11-06 16:52:54 88008 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2012-11-06 16:52:54 83880 ----a-w- C:\Windows\System32\LMIinit.dll 2012-11-06 16:52:54 35240 ----a-w- C:\Windows\System32\LMIport.dll 2012-11-02 16:52:29 544240 ----a-w- C:\Windows\System32\npdeployJava1.dll 2012-11-02 16:52:29 525808 ----a-w- C:\Windows\System32\deployJava1.dll 2012-11-02 16:49:18 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-02 16:49:18 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-11-02 16:49:18 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll 2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll 2012-11-01 17:59:08 82160 ----a-w- C:\Windows\System32\drivers\PDFsFilter.sys 2012-11-01 17:59:08 69000 ----a-w- C:\Windows\System32\offreg.dll 2012-11-01 17:59:08 56200 ----a-w- C:\Windows\SysWow64\offreg.dll 2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll 2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll 2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-10-31 01:49:22 142656 ----a-w- C:\Windows\System32\SSCbFsNetRdr3.dll 2012-10-31 01:49:18 224576 ----a-w- C:\Windows\SysWow64\SSCbFsNetRdr3.dll 2012-10-31 01:49:14 191808 ----a-w- C:\Windows\System32\SSCbFsMntNtf3.dll 2012-10-31 01:49:04 159040 ----a-w- C:\Windows\SysWow64\SSCbFsMntNtf3.dll 2012-10-31 01:48:48 347456 ----a-w- C:\Windows\System32\drivers\sscbfs3.sys 2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll 2012-10-25 11:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2012-10-25 11:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts . ============= FINISH: 5:59:30.40 =============== Second dds scan . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 12/26/2011 9:08:42 PM System Uptime: 1/21/2013 11:00:45 PM (6 hours ago) . Motherboard: Dell Inc. | | 0Y2MRG Processor: Intel® Core i7-2600 CPU @ 3.40GHz | CPU 1 | 2176/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1384 GiB total, 1269.83 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable I: is Removable J: is Removable K: is FIXED (NTFS) - 2048 GiB total, 1191.503 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: SonicWALL Virtual NIC Device ID: ROOT\SWVNIC\0000 Manufacturer: SonicWALL Name: SonicWALL Virtual NIC PNP Device ID: ROOT\SWVNIC\0000 Service: SWVNIC . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: Canon MX860 ser Network Device ID: ROOT\CANON_IJ_NETWORK\0001 Manufacturer: Canon Name: Canon MX860 ser Network PNP Device ID: ROOT\CANON_IJ_NETWORK\0001 Service: StillCam . ==== System Restore Points =================== . RP266: 1/21/2013 9:09:08 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . 7-Zip 9.20 (x64 edition) ABBYY FineReader for ScanSnap 4.1 ABBYY PDF Transformer 3.0 Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Acrobat 9.5.3 - CPSID_83708 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.5) Adobe Setup Adobe Update Manager CS4 AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders ATI AVIVO64 Codecs avast! Free Antivirus Broken Shortcut Fixer Canon Easy-PhotoPrint EX Canon IJ Network Scan Utility Canon IJ Network Tool Canon MP Navigator EX 2.1 Canon MX860 series MP Drivers Canon Utilities My Printer Canon Utilities Solution Menu CardMinder CardMinder V4.1 Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module ClubWPT Common Consumer In-Home Service Agreement Contents Corel VideoStudio Pro X4 Cozi D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Driver Download Manager Dell Edoc Viewer Dell Getting Started Guide Dell MusicStage Dell PhotoStage Dell Product Registration Dell Stage Dell Support Center Dell VideoStage DeviceIO DHTML Editing Component DirectX 9 Runtime Driver Genius Professional Edition DVD Architect Studio 5.0 DW WLAN Card Utility eBay eReg ESET Online Scanner v3 Fix-It Free Window Registry Repair Geekbench 2.4 GoToMeeting 5.1.0.880 ICA iKnowMed Support Applications Intel® Rapid Storage Technology Interactive Excel menu to ribbon guide Interactive OneNote menu to ribbon guide Interactive Outlook menu to ribbon guide Interactive PowerPoint menu to ribbon guide Interactive Publisher menu to ribbon guide Interactive Word menu to ribbon guide iolo technologies' System Mechanic Professional IPM_VS_Pro ISCOM Java 7 Update 9 Java Auto Updater Java 6 Update 37 Java 6 Update 37 (64-bit) Junk Mail filter update Logitech SetPoint 6.51 LogMeIn Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework 2.0 Core Components (x64) ENU Microsoft Sync Framework 2.0 Provider Services (x64) ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Maker Mozilla Firefox 18.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT Redists MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) Multimedia Card Reader Photo Common Photo Gallery PhotoImpact Pro PhotoShowExpress PlayMemories Home PokerStars.net Professor Answers Professor Teaches Access 2007 Professor Teaches Excel 2007 Professor Teaches Excel 2007 Advanced Professor Teaches Internet Explorer 8 Professor Teaches Outlook 2007 Professor Teaches PowerPoint 2007 Professor Teaches PowerPoint 2007 Advanced Professor Teaches Publisher 2007 Professor Teaches Windows 7 Professor Teaches Windows 7 Advanced Professor Teaches Word 2007 Professor Teaches Word Advanced 2007 PureHD QuickTime Rack2-Filer Rack2-Viewer (This application may be deleted by deleting Rack2-Filer) RBVirtualFolder64Inst Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Roxio File Backup ScanSnap ScanSnap Manager ScanSnap Organizer Secunia PSI (2.0.0.4003) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Setup Share Share64 Skype Click to Call Skype™ 5.10 SlideShow Expressions SmartSound Common Data SmartSound Quicktracks 5 Sonic CinePlayer Decoder Pack SonicWALL Global VPN Client SpywareBlaster 4.6 StuffIt Expander 2011 SugarSync SugarSync for Outlook SyncToy 2.1 (x64) THX TruStudio PC Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Vegas Movie Studio HD Platinum 11.0 VIO Visual Studio 2010 x64 Redistributables VSClassic VSPro WD SmartWare Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Center Windows Mobile Device Updater Component Wondershare Video Converter Ultimate(Build 6.0.1.0) Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) . ==== Event Viewer Messages From Past Week ======== . 1/21/2013 9:45:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service WDBackup with arguments "" in order to run the server: {81213AB4-5937-4340-88CD-66B4BC80DF73} 1/21/2013 6:37:35 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 1/21/2013 11:02:19 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 1/21/2013 11:01:49 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 1/21/2013 11:01:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: FileDisk 1/21/2013 11:01:40 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173. 1/21/2013 11:01:13 PM, Error: Service Control Manager [7001] - The WD Backup service depends on the WD Rules service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 1/21/2013 11:00:15 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 1/19/2013 7:45:34 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.69. The computer with the IP address 192.168.1.72 did not allow the name to be claimed by this computer. 1/19/2013 12:33:22 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 1/18/2013 1:36:57 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user RAMDELL8300-PC\RAM DELL 8300 SID (S-1-5-21-2318283601-2005693285-733407191-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 1/16/2013 1:24:57 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user RAMDELL8300-PC\RAM DELL 8300 SID (S-1-5-21-2318283601-2005693285-733407191-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================

I'm up and working again. Here's the MBAM log. Malwarebytes Anti-Malware (PRO) 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.22.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 RAM DELL 8300 :: RAMDELL8300-PC [administrator] Protection: Enabled 1/22/2013 5:54:55 AM mbam-log-2013-01-22 (05-54-55).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 302950 Time elapsed: 1 minute(s), 41 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

I'm happy with the assistance that I've been given here. I thought that you suggested that I contact the help desk anyways. Below is a copy of the email that I sent to TheDarkKnight before my computer went offline. You assisted me previously. http://forums.malwar...pic=120112&st=0 My IE8 was loading hesitatently and I ran malwarebytes CCcleaner and avast no virus was found. I then ran ESET Online Scanner ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=8 # iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255) # OnlineScanner.ocx=1.0.0.6889 # api_version=3.0.2 # EOSSerial=c208452e80e84048b342a982eee8b9ad # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2013-01-19 04:53:19 # local_time=2013-01-19 08:53:19 (-0800, Pacific Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=774 16777213 100 91 0 134402671 0 0 # compatibility_mode=5893 16776573 100 94 0 110157849 0 0 # compatibility_mode=7425 16777213 50 71 2719553 2830641 0 0 # scanned=407033 # found=2 # cleaned=0 # scan_time=3474 C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\39EIPlug.dll Win32/Toolbar.MyWebSearch application 208755B486C38330B15BAFB1C753FE341E792FE1 I C:\Users\RAM DELL 8300\Desktop\Mallware Repair\7zip_installer_d162802.exe probably a variant of Win32/InstallIQ application 4E8E690AC2FD3437C4AFC3B597D4CFCB037F20EA I and indicated that I have a virus. If I remember right, this was previously found when you assisted me. Please help again. Except when necessary I will switch to Mozilla. Thanks Newbie111

Hi Maurice Nagger Currently my printer isn't responding despite connecting via cable. I'm pretty sure that my router is compromised. I'm hoping that it will be replaced tonight. After I up again I'll report all requested. I do have Malwarebytes Pro and will contact the help desk after I'm on line or if it isn't corrected after AT&T comes out tonight. Thanks Newbie111