Jump to content

Virus present


Recommended Posts

Hi again TheDarkNight

I appear to have a virus again. Unfortunately, my Internet connection is down. This appears to be an ISP provider problem as my wireless isn't functioning properly. I'm responding from a second computer. AT&T is coming out to fix my problem tonight. I'll add more after the Internet is functioning.

Newbie111

Link to post
Share on other sites

Hello newbie111.

Very sad to see that you have a problem so soon.

DO connect your system directly {via cable connection} to your router or modem.

Do count (for now) on a wireless connection.

Let me suggest, if you're an MBAM customer, you contact the consumer help desk here.

If you are in an organization or a corporate customer, contact Corporate Support for assistance.

Otherwise, Please print out, read and follow the directions here, skipping any steps you are unable to complete.

IF you want help here, you must generate and then Copy & Paste the contents of DDS.txt & Attach.txt within your reply.

Do NOT use the attach option to put reports.

Always Copy & Paste.

Link to post
Share on other sites

Hi Maurice Nagger

Currently my printer isn't responding despite connecting via cable. I'm pretty sure that my router is compromised. I'm hoping that it will be replaced tonight. After I up again I'll report all requested. I do have Malwarebytes Pro and will contact the help desk after I'm on line or if it isn't corrected after AT&T comes out tonight.

Thanks

Newbie111

Link to post
Share on other sites

I'm happy with the assistance that I've been given here. I thought that you suggested that I contact the help desk anyways.

Below is a copy of the email that I sent to TheDarkKnight before my computer went offline.

You assisted me previously. http://forums.malwar...pic=120112&st=0

My IE8 was loading hesitatently and I ran malwarebytes CCcleaner and avast no virus was found. I then ran ESET Online Scanner

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=8

# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)

# OnlineScanner.ocx=1.0.0.6889

# api_version=3.0.2

# EOSSerial=c208452e80e84048b342a982eee8b9ad

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-01-19 04:53:19

# local_time=2013-01-19 08:53:19 (-0800, Pacific Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=774 16777213 100 91 0 134402671 0 0

# compatibility_mode=5893 16776573 100 94 0 110157849 0 0

# compatibility_mode=7425 16777213 50 71 2719553 2830641 0 0

# scanned=407033

# found=2

# cleaned=0

# scan_time=3474

C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\39EIPlug.dll Win32/Toolbar.MyWebSearch application 208755B486C38330B15BAFB1C753FE341E792FE1 I

C:\Users\RAM DELL 8300\Desktop\Mallware Repair\7zip_installer_d162802.exe probably a variant of Win32/InstallIQ application 4E8E690AC2FD3437C4AFC3B597D4CFCB037F20EA I

and indicated that I have a virus. If I remember right, this was previously found when you assisted me.

Please help again.

Except when necessary I will switch to Mozilla.

Thanks

Newbie111

Link to post
Share on other sites

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

I'm up and working again.

Here's the MBAM log.

Malwarebytes Anti-Malware (PRO) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.22.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 8.0.7601.17514

RAM DELL 8300 :: RAMDELL8300-PC [administrator]

Protection: Enabled

1/22/2013 5:54:55 AM

mbam-log-2013-01-22 (05-54-55).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 302950

Time elapsed: 1 minute(s), 41 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Here's the dds scan

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2

Run by RAM DELL 8300 at 5:59:09 on 2013-01-22

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12270.9516 [GMT -8:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Secunia\PSI\PSIA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Users\RAM DELL 8300\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

C:\Windows\SSDriver\fi5110\SsWiaChecker.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe

C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe

C:\Windows\System32\wiawow64.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\splwow64.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\notepad.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/advanced_search?hl=en

uProxyServer =

BHO: AutorunsDisabled - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [skyDrive] "C:\Users\RAM DELL 8300\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

uRunOnce: [RunCanonMsetUp] C:\Program Files (x86)\Canon\IJ_MSetup4\MCDCHK2.EXE

mRun: [updReg] C:\Windows\UpdReg.EXE

mRun: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe

mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [browserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONVER~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANSN~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\CARDMI~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\ieSpell.dll/SPELLCHECK.HTM

IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\ieSpell.dll/SPELLOPTION.HTM

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: {319B9BA1-E335-4F8D-96CA-A89A1DFE778D} - hxxps://ikm07.usoncology.com/downloads/ikmSoundPlayer.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

DPF: {9A0F2B30-FEFF-42C8-9C56-F4FE3215C00C} - hxxps://ikm07.usoncology.com/downloads/ikmPrinter.cab

DPF: {BB609657-8E59-4175-9E74-86BD28208880} - hxxps://ikm07.usoncology.com/downloads/ieWrapper.cab

DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{6147CE2E-EAC1-41B6-812B-8A0D0AD079D2} : DHCPNameServer = 172.20.2.1 64.60.0.17 8.8.4.4

TCP: Interfaces\{AB7ECB17-50BB-41A8-888D-4835287ADBE0} : DHCPNameServer = 192.168.1.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: AutorunsDisabled - <Clsid value has no data>

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll

STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll

x64-mStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070320

x64-BHO: AutorunsDisabled - <orphaned>

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"

x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe

x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64

x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64

x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon

x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: AutorunsDisabled - <Clsid value has no data>

x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

x64-SSODL: WebCheck - <orphaned>

x64-SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll

x64-STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Firefox\Profiles\r22rk5lc.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/advanced_search?hl=en

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2012-12-02 07:42; {8D150B8F-EFE8-45a3-A4A3-053020F48FAC}; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt

FF - ExtSQL: 2013-01-08 09:41; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-1-8 984144]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-1-8 370288]

R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-11-23 30752]

R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2012-11-3 49752]

R2 AQFileRestoreSrv;AQFileRestoreSrv;C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe [2012-9-18 81328]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-1-8 25232]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-8 71600]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-8 44808]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-26 13336]

R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-12-8 1053184]

R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-4-2 15928]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-5-20 72216]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-11 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-27 682344]

R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-11-23 82160]

R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-13 994360]

R3 AQFileRestore;AQFileRestore;C:\Windows\System32\drivers\AQFileRestore.sys [2012-11-3 21120]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-13 96896]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-26 317440]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-10-26 406056]

R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2012-9-18 78648]

R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2012-9-18 15160]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-27 24176]

R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]

R3 SSCBFS3;SugarSync CallBack File System driver v3;C:\Windows\System32\drivers\sscbfs3.sys [2012-11-21 347456]

R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-9-19 1157056]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-11-28 57856]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]

S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-10-26 158976]

S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-13 25072]

S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-9-20 31152]

S3 RDPDISPM;RDPDISPM;C:\Windows\System32\drivers\rdpdispm.sys [2010-8-31 10752]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-25 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-25 30208]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-27 1255736]

S4 .AVQWindowsMonitorService;Fix-It Utilities Process Monitor;C:\Program Files (x86)\Avanquest\Fix-It\AVQWinMonEngine.exe [2012-9-18 311032]

S4 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 Licensing Service;C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [2009-4-27 759048]

S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-27 239616]

S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-5-11 375728]

S4 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-11-27 479840]

S4 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-10-26 55856]

S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-10-26 1692480]

S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]

S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]

S4 SWGVCSvc;SonicWALL Global VPN Client Service;C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe [2011-1-14 286504]

S4 SWIPsec;SonicWALL IPsec Driver;C:\Windows\System32\drivers\SWIPsec.sys [2012-1-5 100128]

S4 SWVNIC;SonicWALL Virtual Miniport;C:\Windows\System32\drivers\SWVNIC.sys [2010-1-23 24600]

S4 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248]

S4 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-9-19 1177536]

.

=============== Created Last 30 ================

.

2013-01-22 06:56:39 366080 ----a-w- C:\Windows\SysWow64\CNMNPPM.DLL

2013-01-22 06:56:39 252416 ----a-w- C:\Windows\System32\CNMN6PPM.DLL

2013-01-22 06:56:39 152064 ----a-w- C:\Windows\System32\CNMN6UI.DLL

2013-01-22 04:34:23 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2013-01-22 04:34:06 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2013-01-22 04:33:39 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2013-01-19 08:58:18 -------- d-sh--w- C:\$RECYCLE.BIN

2013-01-19 08:26:41 -------- d-----w- C:\ComboFix

2013-01-18 20:17:34 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F05636A-269D-4FC2-B799-C24D19C864D6}\mpengine.dll

2013-01-17 02:26:51 -------- d-----w- C:\Users\RAM DELL 8300\AppData\Local\SugarSync

2013-01-13 16:58:52 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll

2013-01-09 06:30:57 51712 ----a-w- C:\Windows\SysWow64\esrb.rs

2013-01-09 06:30:57 51712 ----a-w- C:\Windows\System32\esrb.rs

2013-01-09 06:30:57 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

2013-01-09 06:30:55 23552 ----a-w- C:\Windows\System32\oflc.rs

2013-01-09 06:30:54 55296 ----a-w- C:\Windows\SysWow64\cero.rs

2013-01-09 06:30:54 55296 ----a-w- C:\Windows\System32\cero.rs

2013-01-09 06:30:54 23552 ----a-w- C:\Windows\SysWow64\oflc.rs

2013-01-09 06:30:54 20480 ----a-w- C:\Windows\SysWow64\pegi-fi.rs

2013-01-08 17:41:04 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-01-08 17:41:03 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-01-08 17:41:03 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-01-08 17:40:51 41224 ----a-w- C:\Windows\avastSS.scr

2013-01-08 17:37:23 -------- d-----w- C:\Users\RAM DELL 8300\AppData\Local\Avg2013

2013-01-05 03:06:56 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL

2013-01-05 03:06:56 -------- d-----w- C:\Program Files (x86)\SpywareBlaster

2013-01-02 15:02:22 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2013-01-01 21:13:56 -------- d-----w- C:\Program Files (x86)\ESET

2012-12-30 14:47:51 98816 ----a-w- C:\Windows\sed.exe

2012-12-30 14:47:51 256000 ----a-w- C:\Windows\PEV.exe

2012-12-30 14:47:51 208896 ----a-w- C:\Windows\MBR.exe

2012-12-30 14:14:36 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-30 14:14:36 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-30 14:14:36 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-30 14:14:35 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-28 11:53:25 -------- d-----w- C:\Users\RAM DELL 8300\AppData\Local\Programs

.

==================== Find3M ====================

.

2013-01-13 18:30:17 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-13 18:30:17 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-12-15 00:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-12-09 20:09:42 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys

2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

2012-12-07 10:46:42 43520 ----a-w- C:\Windows\SysWow64\csrr.rs

2012-12-07 10:46:42 30720 ----a-w- C:\Windows\SysWow64\usk.rs

2012-12-07 10:46:41 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs

2012-12-07 10:46:41 44544 ----a-w- C:\Windows\SysWow64\pegibbfc.rs

2012-12-07 10:46:41 20480 ----a-w- C:\Windows\SysWow64\pegi-pt.rs

2012-12-07 10:46:39 46592 ----a-w- C:\Windows\SysWow64\fpb.rs

2012-12-07 10:46:39 20480 ----a-w- C:\Windows\SysWow64\pegi.rs

2012-12-07 10:46:38 21504 ----a-w- C:\Windows\SysWow64\grb.rs

2012-12-07 10:46:37 40960 ----a-w- C:\Windows\SysWow64\cob-au.rs

2012-12-07 10:46:37 15360 ----a-w- C:\Windows\SysWow64\djctq.rs

2012-12-07 07:58:00 57144 ----a-w- C:\Windows\System32\iolobtdfg.exe

2012-12-07 07:57:52 25744 ----a-w- C:\Windows\System32\smrgdf.exe

2012-12-07 07:42:56 2155248 ----a-w- C:\Windows\System32\Incinerator64.dll

2012-12-07 07:42:54 2097032 ----a-w- C:\Windows\SysWow64\Incinerator32.dll

2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-11-24 05:21:39 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat

2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe

2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll

2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll

2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-11-08 19:29:12 1402312 ----a-w- C:\Windows\SysWow64\msxml4.dll

2012-11-06 16:52:54 88008 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll

2012-11-06 16:52:54 83880 ----a-w- C:\Windows\System32\LMIinit.dll

2012-11-06 16:52:54 35240 ----a-w- C:\Windows\System32\LMIport.dll

2012-11-02 16:52:29 544240 ----a-w- C:\Windows\System32\npdeployJava1.dll

2012-11-02 16:52:29 525808 ----a-w- C:\Windows\System32\deployJava1.dll

2012-11-02 16:49:18 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-02 16:49:18 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2012-11-02 16:49:18 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll

2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

2012-11-01 17:59:08 82160 ----a-w- C:\Windows\System32\drivers\PDFsFilter.sys

2012-11-01 17:59:08 69000 ----a-w- C:\Windows\System32\offreg.dll

2012-11-01 17:59:08 56200 ----a-w- C:\Windows\SysWow64\offreg.dll

2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll

2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll

2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-10-31 01:49:22 142656 ----a-w- C:\Windows\System32\SSCbFsNetRdr3.dll

2012-10-31 01:49:18 224576 ----a-w- C:\Windows\SysWow64\SSCbFsNetRdr3.dll

2012-10-31 01:49:14 191808 ----a-w- C:\Windows\System32\SSCbFsMntNtf3.dll

2012-10-31 01:49:04 159040 ----a-w- C:\Windows\SysWow64\SSCbFsMntNtf3.dll

2012-10-31 01:48:48 347456 ----a-w- C:\Windows\System32\drivers\sscbfs3.sys

2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll

2012-10-25 11:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2012-10-25 11:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

.

============= FINISH: 5:59:30.40 ===============

Second dds scan

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 12/26/2011 9:08:42 PM

System Uptime: 1/21/2013 11:00:45 PM (6 hours ago)

.

Motherboard: Dell Inc. | | 0Y2MRG

Processor: Intel® Core i7-2600 CPU @ 3.40GHz | CPU 1 | 2176/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 1384 GiB total, 1269.83 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is Removable

K: is FIXED (NTFS) - 2048 GiB total, 1191.503 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: SonicWALL Virtual NIC

Device ID: ROOT\SWVNIC\0000

Manufacturer: SonicWALL

Name: SonicWALL Virtual NIC

PNP Device ID: ROOT\SWVNIC\0000

Service: SWVNIC

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Canon MX860 ser Network

Device ID: ROOT\CANON_IJ_NETWORK\0001

Manufacturer: Canon

Name: Canon MX860 ser Network

PNP Device ID: ROOT\CANON_IJ_NETWORK\0001

Service: StillCam

.

==== System Restore Points ===================

.

RP266: 1/21/2013 9:09:08 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

7-Zip 9.20 (x64 edition)

ABBYY FineReader for ScanSnap 4.1

ABBYY PDF Transformer 3.0

Adobe Acrobat 9 Standard - English, Français, Deutsch

Adobe Acrobat 9.5.3 - CPSID_83708

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.5)

Adobe Setup

Adobe Update Manager CS4

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

ATI AVIVO64 Codecs

avast! Free Antivirus

Broken Shortcut Fixer

Canon Easy-PhotoPrint EX

Canon IJ Network Scan Utility

Canon IJ Network Tool

Canon MP Navigator EX 2.1

Canon MX860 series MP Drivers

Canon Utilities My Printer

Canon Utilities Solution Menu

CardMinder

CardMinder V4.1

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

ClubWPT

Common

Consumer In-Home Service Agreement

Contents

Corel VideoStudio Pro X4

Cozi

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Driver Download Manager

Dell Edoc Viewer

Dell Getting Started Guide

Dell MusicStage

Dell PhotoStage

Dell Product Registration

Dell Stage

Dell Support Center

Dell VideoStage

DeviceIO

DHTML Editing Component

DirectX 9 Runtime

Driver Genius Professional Edition

DVD Architect Studio 5.0

DW WLAN Card Utility

eBay

eReg

ESET Online Scanner v3

Fix-It

Free Window Registry Repair

Geekbench 2.4

GoToMeeting 5.1.0.880

ICA

iKnowMed Support Applications

Intel® Rapid Storage Technology

Interactive Excel menu to ribbon guide

Interactive OneNote menu to ribbon guide

Interactive Outlook menu to ribbon guide

Interactive PowerPoint menu to ribbon guide

Interactive Publisher menu to ribbon guide

Interactive Word menu to ribbon guide

iolo technologies' System Mechanic Professional

IPM_VS_Pro

ISCOM

Java 7 Update 9

Java Auto Updater

Java 6 Update 37

Java 6 Update 37 (64-bit)

Junk Mail filter update

Logitech SetPoint 6.51

LogMeIn

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework 2.0 Core Components (x64) ENU

Microsoft Sync Framework 2.0 Provider Services (x64) ENU

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Movie Maker

Mozilla Firefox 18.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT Redists

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

Multimedia Card Reader

Photo Common

Photo Gallery

PhotoImpact Pro

PhotoShowExpress

PlayMemories Home

PokerStars.net

Professor Answers

Professor Teaches Access 2007

Professor Teaches Excel 2007

Professor Teaches Excel 2007 Advanced

Professor Teaches Internet Explorer 8

Professor Teaches Outlook 2007

Professor Teaches PowerPoint 2007

Professor Teaches PowerPoint 2007 Advanced

Professor Teaches Publisher 2007

Professor Teaches Windows 7

Professor Teaches Windows 7 Advanced

Professor Teaches Word 2007

Professor Teaches Word Advanced 2007

PureHD

QuickTime

Rack2-Filer

Rack2-Viewer (This application may be deleted by deleting Rack2-Filer)

RBVirtualFolder64Inst

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Roxio File Backup

ScanSnap

ScanSnap Manager

ScanSnap Organizer

Secunia PSI (2.0.0.4003)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Setup

Share

Share64

Skype Click to Call

Skype™ 5.10

SlideShow Expressions

SmartSound Common Data

SmartSound Quicktracks 5

Sonic CinePlayer Decoder Pack

SonicWALL Global VPN Client

SpywareBlaster 4.6

StuffIt Expander 2011

SugarSync

SugarSync for Outlook

SyncToy 2.1 (x64)

THX TruStudio PC

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Vegas Movie Studio HD Platinum 11.0

VIO

Visual Studio 2010 x64 Redistributables

VSClassic

VSPro

WD SmartWare

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Mobile Device Center

Windows Mobile Device Updater Component

Wondershare Video Converter Ultimate(Build 6.0.1.0)

Zune

Zune Language Pack (CHS)

Zune Language Pack (CHT)

Zune Language Pack (CSY)

Zune Language Pack (DAN)

Zune Language Pack (DEU)

Zune Language Pack (ELL)

Zune Language Pack (ESP)

Zune Language Pack (FIN)

Zune Language Pack (FRA)

Zune Language Pack (HUN)

Zune Language Pack (IND)

Zune Language Pack (ITA)

Zune Language Pack (JPN)

Zune Language Pack (KOR)

Zune Language Pack (MSL)

Zune Language Pack (NLD)

Zune Language Pack (NOR)

Zune Language Pack (PLK)

Zune Language Pack (PTB)

Zune Language Pack (PTG)

Zune Language Pack (RUS)

Zune Language Pack (SVE)

.

==== Event Viewer Messages From Past Week ========

.

1/21/2013 9:45:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service WDBackup with arguments "" in order to run the server: {81213AB4-5937-4340-88CD-66B4BC80DF73}

1/21/2013 6:37:35 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

1/21/2013 11:02:19 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.

1/21/2013 11:01:49 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

1/21/2013 11:01:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: FileDisk

1/21/2013 11:01:40 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.

1/21/2013 11:01:13 PM, Error: Service Control Manager [7001] - The WD Backup service depends on the WD Rules service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

1/21/2013 11:00:15 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

1/19/2013 7:45:34 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.69. The computer with the IP address 192.168.1.72 did not allow the name to be claimed by this computer.

1/19/2013 12:33:22 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

1/18/2013 1:36:57 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user RAMDELL8300-PC\RAM DELL 8300 SID (S-1-5-21-2318283601-2005693285-733407191-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

1/16/2013 1:24:57 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user RAMDELL8300-PC\RAM DELL 8300 SID (S-1-5-21-2318283601-2005693285-733407191-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

.

==== End Of File ===========================

Link to post
Share on other sites

Did you run Combofix on your own?

Or are you getting help elsewhere? or self-medicating ?

Older versions of Java pose a security risk.

And if you do not need Java for the programs that you use, keep Java off your system .

How to disable Java in various browsers : http://blog.eset.com/2012/08/29/disabling-java-a-safer-way-to-browse

Also see No, Seriously, Just Disable Java in Your Browser Right Now

If you do need Java on your system, see Oracle releases new Java update to close security holes

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Step 4

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. excl.png

Then copy/paste the following into your post (in order):

  • the contents of C:\AdwCleaner[R1].txt;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

I ran avast boot scan and it noted viruses and I moved them to my chest. I'm unable to post the log. Because of the virus I then started running the programs that TheDarkKnight suggested in the previous topic. I got to ESET and it found a virus still present not being detected. That's when I reactivated the topic. I am not getting help elsewhere and I am quite pleased with the support that is provided by all of you.

I'll delete old Java programs and install the newest version. I'm pretty sure that some of my programs have requested it. How can I be sure?

I'll run the other programs tonight.

Thanks

Newbie111

Link to post
Share on other sites

OK. But irregardless of any past issues, while I am helping you, do not run any tools that I do not directly ask for.

Finish the other steps, as you have time, and post 'em

On Java, it goes back to your having to be intimately familiar with what programs -you- have installed.

It is rare programs, perhaps like Open Office that require that you install Java runtime.

Link to post
Share on other sites

Hi Maurice

I've deleted Java and will reinstall it if any programs require it.

I've installed ERUNT.

Here's the AdwCleaner log

# AdwCleaner v2.107 - Logfile created 01/23/2013 at 11:07:49

# Updated 21/01/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : RAM DELL 8300 - RAMDELL8300-PC

# Boot Mode : Normal

# Running from : C:\Users\RAM DELL 8300\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

Folder Found : C:\Program Files (x86)\AVG Secure Search

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found : C:\ProgramData\AVG Secure Search

Folder Found : C:\Users\RAM DELL 8300\AppData\Local\AVG Secure Search

Folder Found : C:\Users\RAM DELL 8300\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Firefox\Profiles\r22rk5lc.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1870 octets] - [23/01/2013 11:07:49]

########## EOF - C:\AdwCleaner[R1].txt - [1930 octets] ##########

Link to post
Share on other sites

I had trouble finding Folder Options with your directions. I just found it by a Start Menu Search of "Folder Options" and performed the requested changes. So I'm repeating prior steps.

AdwCleaner log.txt

# AdwCleaner v2.107 - Logfile created 01/23/2013 at 11:43:43

# Updated 21/01/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : RAM DELL 8300 - RAMDELL8300-PC

# Boot Mode : Normal

# Running from : C:\Users\RAM DELL 8300\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

Folder Found : C:\Program Files (x86)\AVG Secure Search

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found : C:\ProgramData\AVG Secure Search

Folder Found : C:\Users\RAM DELL 8300\AppData\Local\AVG Secure Search

Folder Found : C:\Users\RAM DELL 8300\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Firefox\Profiles\r22rk5lc.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1995 octets] - [23/01/2013 11:07:49]

AdwCleaner[R2].txt - [1930 octets] - [23/01/2013 11:43:43]

########## EOF - C:\AdwCleaner[R2].txt - [1990 octets] ##########

TDSSKiller No threats found

RogueKiller Report

RogueKiller V8.4.3 [Jan 21 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : RAM DELL 8300 [Admin rights]

Mode : Scan -- Date : 01/23/2013 11:48:06

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer ( ) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31500341AS +++++

--- User ---

[MBR] 61bcec13bbf84fc8c851e3925591bf41

[bSP] 21ba840a00dd2a6c9d7e5d6b81872e6d : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 1417192 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[5]_S_01232013_02d1148.txt >>

RKreport[1]_S_01192013_02d0747.txt ; RKreport[2]_D_01192013_02d0750.txt ; RKreport[3]_S_01192013_02d0751.txt ; RKreport[4]_S_01232013_02d1146.txt ; RKreport[5]_S_01232013_02d1148.txt

Link to post
Share on other sites

  • Disable your AVAST anti-virus program so that it doens not interfere
    Right Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox.
  • OK
    Right click on the Avast Ball and select Avast! Shields Control
  • and Disable Until Computer is Restarted

  • Please disconnect any USB or external drives from the computer before you run this scan!

  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes.
  • On the RogueKiller console, click the Registry tab.
    Put a check next to all of these and uncheck the rest: (if found)
    [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer ( ) -> FOUND
  • Then click on Delete on the right hand column under Options.
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Step 2

I do not think you had done this part before ....

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 3

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

  • Close all open windows on the Task Bar. Click the otlDesktopIcon.png icon (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  • Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
  • It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
  • Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
  • Exit OTL by clicking the X at top right.

Download Security Check by screen317 and save it to your Desktop: here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Then copy/paste the following into your post (in order):

  • the contents of OTL.txt;
  • the contents of Extras.txt ; and
  • the contents of checkup.txt

Be sure to do a Preview prior to pressing Add Reply because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

AND, also, Tell me if yur issue with the internet connection is resolved. Did your ISP come out & fix ?

Link to post
Share on other sites

After the RogueKiller prescan finished nothing was found in Registry tab nor in any of the other tabs. I asume that you meant after the RogueKiller prescan finished you wanted me to run the Scan. Again nothing was found in the Registry tab. Here's the report.

RogueKiller V8.4.3 [Jan 21 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : RAM DELL 8300 [Admin rights]

Mode : Scan -- Date : 01/23/2013 16:20:20

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer ( ) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31500341AS +++++

--- User ---

[MBR] 61bcec13bbf84fc8c851e3925591bf41

[bSP] 21ba840a00dd2a6c9d7e5d6b81872e6d : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 1417192 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[7]_S_01232013_02d1620.txt >>

RKreport[1]_S_01192013_02d0747.txt ; RKreport[2]_D_01192013_02d0750.txt ; RKreport[3]_S_01192013_02d0751.txt ; RKreport[4]_S_01232013_02d1146.txt ; RKreport[5]_S_01232013_02d1148.txt ;

RKreport[6]_S_01232013_02d1614.txt ; RKreport[7]_S_01232013_02d1620.txt

Link to post
Share on other sites

Here's the TDSSKiller report. No threats were found.

16:36:17.0406 5396 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

16:36:17.0843 5396 ============================================================

16:36:17.0843 5396 Current date / time: 2013/01/23 16:36:17.0843

16:36:17.0843 5396 SystemInfo:

16:36:17.0843 5396

16:36:17.0843 5396 OS Version: 6.1.7601 ServicePack: 1.0

16:36:17.0843 5396 Product type: Workstation

16:36:17.0843 5396 ComputerName: RAMDELL8300-PC

16:36:17.0843 5396 UserName: RAM DELL 8300

16:36:17.0843 5396 Windows directory: C:\Windows

16:36:17.0843 5396 System windows directory: C:\Windows

16:36:17.0843 5396 Running under WOW64

16:36:17.0843 5396 Processor architecture: Intel x64

16:36:17.0843 5396 Number of processors: 8

16:36:17.0843 5396 Page size: 0x1000

16:36:17.0843 5396 Boot type: Normal boot

16:36:17.0843 5396 ============================================================

16:36:18.0326 5396 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:36:18.0373 5396 ============================================================

16:36:18.0373 5396 \Device\Harddisk0\DR0:

16:36:18.0373 5396 MBR partitions:

16:36:18.0373 5396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000

16:36:18.0373 5396 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0xACFF4000

16:36:18.0373 5396 ============================================================

16:36:18.0404 5396 C: <-> \Device\Harddisk0\DR0\Partition2

16:36:18.0404 5396 ============================================================

16:36:18.0404 5396 Initialize success

16:36:18.0404 5396 ============================================================

16:36:31.0633 5824 ============================================================

16:36:31.0633 5824 Scan started

16:36:31.0633 5824 Mode: Manual;

16:36:31.0633 5824 ============================================================

16:36:32.0522 5824 ================ Scan system memory ========================

16:36:32.0522 5824 System memory - ok

16:36:32.0522 5824 ================ Scan services =============================

16:36:32.0647 5824 [ 84F86D9D58D9CCDB8B83C0614D01090D ] .AVQWindowsMonitorService C:\Program Files (x86)\Avanquest\Fix-It\AVQWinMonEngine.exe

16:36:32.0678 5824 .AVQWindowsMonitorService - ok

16:36:33.0115 5824 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

16:36:33.0131 5824 1394ohci - ok

16:36:33.0209 5824 [ E4BA653119103D51744A8D7C89C10E03 ] ABBYY.Licensing.PDFTransformer.Classic.3.0 C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe

16:36:33.0287 5824 ABBYY.Licensing.PDFTransformer.Classic.3.0 - ok

16:36:33.0333 5824 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

16:36:33.0333 5824 ACPI - ok

16:36:33.0349 5824 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

16:36:33.0349 5824 AcpiPmi - ok

16:36:33.0427 5824 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:36:33.0427 5824 AdobeARMservice - ok

16:36:33.0521 5824 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:36:33.0536 5824 AdobeFlashPlayerUpdateSvc - ok

16:36:33.0552 5824 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

16:36:33.0552 5824 adp94xx - ok

16:36:33.0567 5824 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

16:36:33.0583 5824 adpahci - ok

16:36:33.0583 5824 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

16:36:33.0599 5824 adpu320 - ok

16:36:33.0614 5824 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

16:36:33.0630 5824 AeLookupSvc - ok

16:36:33.0661 5824 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys

16:36:33.0661 5824 Afc - ok

16:36:33.0708 5824 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

16:36:33.0708 5824 AFD - ok

16:36:33.0739 5824 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

16:36:33.0739 5824 agp440 - ok

16:36:33.0770 5824 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

16:36:33.0770 5824 ALG - ok

16:36:33.0770 5824 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

16:36:33.0770 5824 aliide - ok

16:36:33.0817 5824 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

16:36:33.0817 5824 AMD External Events Utility - ok

16:36:33.0817 5824 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

16:36:33.0817 5824 amdide - ok

16:36:33.0833 5824 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

16:36:33.0833 5824 AmdK8 - ok

16:36:33.0989 5824 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

16:36:34.0145 5824 amdkmdag - ok

16:36:34.0176 5824 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

16:36:34.0176 5824 amdkmdap - ok

16:36:34.0176 5824 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

16:36:34.0176 5824 AmdPPM - ok

16:36:34.0207 5824 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

16:36:34.0207 5824 amdsata - ok

16:36:34.0223 5824 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

16:36:34.0223 5824 amdsbs - ok

16:36:34.0254 5824 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

16:36:34.0254 5824 amdxata - ok

16:36:34.0285 5824 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

16:36:34.0285 5824 AppID - ok

16:36:34.0316 5824 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

16:36:34.0316 5824 AppIDSvc - ok

16:36:34.0316 5824 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

16:36:34.0332 5824 Appinfo - ok

16:36:34.0394 5824 [ 5E5233137FEEA6055DB8412C8728B39F ] AQFileRestore C:\Windows\system32\DRIVERS\AQFileRestore.sys

16:36:34.0394 5824 AQFileRestore - ok

16:36:34.0425 5824 [ 84AD82ED5B623529B536775E2E1960D2 ] AQFileRestoreSrv C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe

16:36:34.0425 5824 AQFileRestoreSrv - ok

16:36:34.0441 5824 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

16:36:34.0441 5824 arc - ok

16:36:34.0472 5824 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

16:36:34.0472 5824 arcsas - ok

16:36:34.0566 5824 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

16:36:34.0613 5824 aspnet_state - ok

16:36:34.0644 5824 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

16:36:34.0659 5824 aswFsBlk - ok

16:36:34.0722 5824 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

16:36:34.0722 5824 aswMonFlt - ok

16:36:34.0753 5824 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

16:36:34.0753 5824 aswRdr - ok

16:36:34.0815 5824 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

16:36:34.0815 5824 aswSnx - ok

16:36:34.0862 5824 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys

16:36:34.0862 5824 aswSP - ok

16:36:34.0878 5824 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

16:36:34.0878 5824 aswTdi - ok

16:36:34.0909 5824 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

16:36:34.0909 5824 AsyncMac - ok

16:36:34.0925 5824 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

16:36:34.0940 5824 atapi - ok

16:36:34.0987 5824 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

16:36:35.0003 5824 AtiHDAudioService - ok

16:36:35.0034 5824 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

16:36:35.0049 5824 AudioEndpointBuilder - ok

16:36:35.0049 5824 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

16:36:35.0065 5824 AudioSrv - ok

16:36:35.0174 5824 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

16:36:35.0174 5824 avast! Antivirus - ok

16:36:35.0190 5824 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

16:36:35.0190 5824 AxInstSV - ok

16:36:35.0237 5824 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

16:36:35.0252 5824 b06bdrv - ok

16:36:35.0315 5824 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

16:36:35.0315 5824 b57nd60a - ok

16:36:35.0330 5824 [ AC4E2D84DE54CD3A013AEFF0CC56095C ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys

16:36:35.0346 5824 BCM42RLY - ok

16:36:35.0424 5824 [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

16:36:35.0439 5824 BCM43XX - ok

16:36:35.0439 5824 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

16:36:35.0455 5824 BDESVC - ok

16:36:35.0455 5824 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

16:36:35.0471 5824 Beep - ok

16:36:35.0502 5824 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

16:36:35.0517 5824 BFE - ok

16:36:35.0549 5824 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

16:36:35.0595 5824 BITS - ok

16:36:35.0627 5824 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

16:36:35.0627 5824 blbdrive - ok

16:36:35.0658 5824 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

16:36:35.0658 5824 bowser - ok

16:36:35.0658 5824 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

16:36:35.0673 5824 BrFiltLo - ok

16:36:35.0673 5824 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

16:36:35.0673 5824 BrFiltUp - ok

16:36:35.0705 5824 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

16:36:35.0720 5824 BridgeMP - ok

16:36:35.0767 5824 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

16:36:35.0767 5824 Browser - ok

16:36:35.0783 5824 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

16:36:35.0783 5824 Brserid - ok

16:36:35.0783 5824 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

16:36:35.0798 5824 BrSerWdm - ok

16:36:35.0798 5824 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

16:36:35.0798 5824 BrUsbMdm - ok

16:36:35.0798 5824 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

16:36:35.0814 5824 BrUsbSer - ok

16:36:35.0814 5824 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

16:36:35.0814 5824 BTHMODEM - ok

16:36:35.0829 5824 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

16:36:35.0829 5824 bthserv - ok

16:36:35.0892 5824 catchme - ok

16:36:35.0892 5824 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

16:36:35.0907 5824 cdfs - ok

16:36:35.0923 5824 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

16:36:35.0923 5824 cdrom - ok

16:36:35.0939 5824 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

16:36:35.0954 5824 CertPropSvc - ok

16:36:35.0954 5824 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

16:36:35.0954 5824 circlass - ok

16:36:35.0970 5824 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

16:36:35.0985 5824 CLFS - ok

16:36:36.0032 5824 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:36:36.0048 5824 clr_optimization_v2.0.50727_32 - ok

16:36:36.0095 5824 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:36:36.0095 5824 clr_optimization_v2.0.50727_64 - ok

16:36:36.0173 5824 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:36:36.0235 5824 clr_optimization_v4.0.30319_32 - ok

16:36:36.0251 5824 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:36:36.0266 5824 clr_optimization_v4.0.30319_64 - ok

16:36:36.0266 5824 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

16:36:36.0266 5824 CmBatt - ok

16:36:36.0266 5824 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

16:36:36.0282 5824 cmdide - ok

16:36:36.0297 5824 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys

16:36:36.0313 5824 CNG - ok

16:36:36.0313 5824 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

16:36:36.0313 5824 Compbatt - ok

16:36:36.0344 5824 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

16:36:36.0344 5824 CompositeBus - ok

16:36:36.0360 5824 COMSysApp - ok

16:36:36.0547 5824 cpuz134 - ok

16:36:36.0563 5824 cpuz135 - ok

16:36:36.0563 5824 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

16:36:36.0578 5824 crcdisk - ok

16:36:36.0609 5824 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

16:36:36.0609 5824 CryptSvc - ok

16:36:36.0641 5824 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

16:36:36.0687 5824 DcomLaunch - ok

16:36:36.0719 5824 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

16:36:36.0734 5824 defragsvc - ok

16:36:36.0750 5824 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

16:36:36.0750 5824 DfsC - ok

16:36:36.0781 5824 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

16:36:36.0797 5824 Dhcp - ok

16:36:36.0797 5824 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

16:36:36.0812 5824 discache - ok

16:36:36.0812 5824 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

16:36:36.0828 5824 Disk - ok

16:36:36.0859 5824 [ 599864BDC6D2D769E5FF53E960C6B3BD ] DNE C:\Windows\system32\DRIVERS\dnelwf64.sys

16:36:36.0859 5824 DNE - ok

16:36:36.0890 5824 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

16:36:36.0906 5824 Dnscache - ok

16:36:36.0921 5824 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

16:36:36.0937 5824 dot3svc - ok

16:36:36.0953 5824 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

16:36:36.0968 5824 DPS - ok

16:36:36.0984 5824 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

16:36:36.0984 5824 drmkaud - ok

16:36:37.0015 5824 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

16:36:37.0031 5824 DXGKrnl - ok

16:36:37.0062 5824 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

16:36:37.0077 5824 EapHost - ok

16:36:37.0155 5824 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

16:36:37.0233 5824 ebdrv - ok

16:36:37.0280 5824 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

16:36:37.0296 5824 EFS - ok

16:36:37.0358 5824 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

16:36:37.0374 5824 ehRecvr - ok

16:36:37.0389 5824 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

16:36:37.0389 5824 ehSched - ok

16:36:37.0452 5824 [ 627350A11295D82BF78D155B12FFD0EF ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys

16:36:37.0452 5824 ElRawDisk - ok

16:36:37.0467 5824 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

16:36:37.0483 5824 elxstor - ok

16:36:37.0483 5824 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

16:36:37.0483 5824 ErrDev - ok

16:36:37.0545 5824 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

16:36:37.0577 5824 EventSystem - ok

16:36:37.0592 5824 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

16:36:37.0608 5824 exfat - ok

16:36:37.0623 5824 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

16:36:37.0623 5824 fastfat - ok

16:36:37.0655 5824 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

16:36:37.0670 5824 Fax - ok

16:36:37.0670 5824 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

16:36:37.0686 5824 fdc - ok

16:36:37.0701 5824 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

16:36:37.0717 5824 fdPHost - ok

16:36:37.0733 5824 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

16:36:37.0748 5824 FDResPub - ok

16:36:37.0764 5824 FileDisk - ok

16:36:37.0779 5824 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

16:36:37.0779 5824 FileInfo - ok

16:36:37.0795 5824 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

16:36:37.0795 5824 Filetrace - ok

16:36:37.0857 5824 Fix-It Task Manager - ok

16:36:37.0904 5824 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

16:36:37.0920 5824 FLEXnet Licensing Service - ok

16:36:37.0920 5824 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

16:36:37.0935 5824 flpydisk - ok

16:36:37.0951 5824 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

16:36:37.0951 5824 FltMgr - ok

16:36:37.0982 5824 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

16:36:38.0013 5824 FontCache - ok

16:36:38.0060 5824 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:36:38.0060 5824 FontCache3.0.0.0 - ok

16:36:38.0060 5824 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

16:36:38.0076 5824 FsDepends - ok

16:36:38.0107 5824 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

16:36:38.0107 5824 fssfltr - ok

16:36:38.0169 5824 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

16:36:38.0201 5824 fsssvc - ok

16:36:38.0247 5824 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

16:36:38.0247 5824 Fs_Rec - ok

16:36:38.0263 5824 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

16:36:38.0263 5824 fvevol - ok

16:36:38.0279 5824 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

16:36:38.0279 5824 gagp30kx - ok

16:36:38.0310 5824 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

16:36:38.0341 5824 gpsvc - ok

16:36:38.0341 5824 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

16:36:38.0341 5824 hcw85cir - ok

16:36:38.0419 5824 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

16:36:38.0419 5824 HdAudAddService - ok

16:36:38.0450 5824 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

16:36:38.0450 5824 HDAudBus - ok

16:36:38.0450 5824 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

16:36:38.0466 5824 HidBatt - ok

16:36:38.0466 5824 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

16:36:38.0466 5824 HidBth - ok

16:36:38.0481 5824 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

16:36:38.0481 5824 HidIr - ok

16:36:38.0497 5824 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

16:36:38.0513 5824 hidserv - ok

16:36:38.0528 5824 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

16:36:38.0528 5824 HidUsb - ok

16:36:38.0544 5824 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

16:36:38.0575 5824 hkmsvc - ok

16:36:38.0591 5824 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

16:36:38.0622 5824 HomeGroupListener - ok

16:36:38.0653 5824 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

16:36:38.0684 5824 HomeGroupProvider - ok

16:36:38.0700 5824 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

16:36:38.0700 5824 HpSAMD - ok

16:36:38.0715 5824 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

16:36:38.0731 5824 HTTP - ok

16:36:38.0731 5824 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

16:36:38.0731 5824 hwpolicy - ok

16:36:38.0747 5824 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

16:36:38.0747 5824 i8042prt - ok

16:36:38.0778 5824 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys

16:36:38.0778 5824 iaStor - ok

16:36:38.0856 5824 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

16:36:38.0856 5824 IAStorDataMgrSvc - ok

16:36:38.0871 5824 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

16:36:38.0887 5824 iaStorV - ok

16:36:38.0934 5824 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:36:38.0949 5824 idsvc - ok

16:36:38.0949 5824 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

16:36:38.0965 5824 iirsp - ok

16:36:38.0981 5824 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

16:36:39.0012 5824 IKEEXT - ok

16:36:39.0043 5824 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys

16:36:39.0059 5824 Impcd - ok

16:36:39.0074 5824 IntcAzAudAddService - ok

16:36:39.0121 5824 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

16:36:39.0121 5824 IntcDAud - ok

16:36:39.0137 5824 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

16:36:39.0137 5824 intelide - ok

16:36:39.0152 5824 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

16:36:39.0152 5824 intelppm - ok

16:36:39.0215 5824 [ 4C279F23F88E0854CE94731E55BF6E77 ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

16:36:39.0215 5824 ioloSystemService - ok

16:36:39.0246 5824 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

16:36:39.0246 5824 IPBusEnum - ok

16:36:39.0261 5824 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:36:39.0277 5824 IpFilterDriver - ok

16:36:39.0308 5824 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

16:36:39.0308 5824 iphlpsvc - ok

16:36:39.0324 5824 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

16:36:39.0324 5824 IPMIDRV - ok

16:36:39.0324 5824 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

16:36:39.0324 5824 IPNAT - ok

16:36:39.0339 5824 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

16:36:39.0355 5824 IRENUM - ok

16:36:39.0355 5824 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

16:36:39.0355 5824 isapnp - ok

16:36:39.0386 5824 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

16:36:39.0402 5824 iScsiPrt - ok

16:36:39.0449 5824 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys

16:36:39.0464 5824 k57nd60a - ok

16:36:39.0464 5824 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

16:36:39.0464 5824 kbdclass - ok

16:36:39.0480 5824 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

16:36:39.0480 5824 kbdhid - ok

16:36:39.0511 5824 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

16:36:39.0527 5824 KeyIso - ok

16:36:39.0558 5824 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

16:36:39.0558 5824 KSecDD - ok

16:36:39.0589 5824 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

16:36:39.0589 5824 KSecPkg - ok

16:36:39.0605 5824 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

16:36:39.0605 5824 ksthunk - ok

16:36:39.0636 5824 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

16:36:39.0667 5824 KtmRm - ok

16:36:39.0714 5824 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

16:36:39.0761 5824 LanmanServer - ok

16:36:39.0776 5824 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

16:36:39.0839 5824 LanmanWorkstation - ok

16:36:39.0917 5824 [ 95EC0CB52692894E050CFC3573ABC3B2 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

16:36:39.0917 5824 LBTServ - ok

16:36:39.0932 5824 [ 4838EA42D5BBE1CA6BEE9BBA35E8D2E5 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys

16:36:39.0932 5824 LEqdUsb - ok

16:36:39.0948 5824 [ 6F63F8A7FF6D4671973619BCF821B2F5 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys

16:36:39.0948 5824 LHidEqd - ok

16:36:39.0979 5824 [ E536A1D8502D0CA79B928CAB9EAEB807 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys

16:36:39.0979 5824 LHidFilt - ok

16:36:40.0026 5824 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

16:36:40.0026 5824 lltdio - ok

16:36:40.0057 5824 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

16:36:40.0088 5824 lltdsvc - ok

16:36:40.0104 5824 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

16:36:40.0135 5824 lmhosts - ok

16:36:40.0182 5824 [ 7109163D8027076D2680CFC4E80E2A28 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

16:36:40.0197 5824 LMIGuardianSvc - ok

16:36:40.0213 5824 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys

16:36:40.0213 5824 LMIInfo - ok

16:36:40.0244 5824 [ 8054CE1FC8B417691960D00F931516A7 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

16:36:40.0244 5824 LMIMaint - ok

16:36:40.0275 5824 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys

16:36:40.0291 5824 lmimirr - ok

16:36:40.0307 5824 LMIRfsClientNP - ok

16:36:40.0322 5824 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys

16:36:40.0322 5824 LMIRfsDriver - ok

16:36:40.0338 5824 [ 2E6D0110DACC769AE478ADE6C2572E37 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys

16:36:40.0353 5824 LMouFilt - ok

16:36:40.0369 5824 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

16:36:40.0369 5824 LogMeIn - ok

16:36:40.0416 5824 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

16:36:40.0431 5824 LSI_FC - ok

16:36:40.0447 5824 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

16:36:40.0463 5824 LSI_SAS - ok

16:36:40.0463 5824 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

16:36:40.0463 5824 LSI_SAS2 - ok

16:36:40.0478 5824 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

16:36:40.0478 5824 LSI_SCSI - ok

16:36:40.0494 5824 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

16:36:40.0494 5824 luafv - ok

16:36:40.0541 5824 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

16:36:40.0541 5824 MBAMProtector - ok

16:36:40.0587 5824 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

16:36:40.0587 5824 MBAMScheduler - ok

16:36:40.0619 5824 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

16:36:40.0634 5824 MBAMService - ok

16:36:40.0650 5824 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

16:36:40.0681 5824 Mcx2Svc - ok

16:36:40.0681 5824 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

16:36:40.0697 5824 megasas - ok

16:36:40.0712 5824 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

16:36:40.0728 5824 MegaSR - ok

16:36:40.0759 5824 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

16:36:40.0759 5824 MEIx64 - ok

16:36:40.0775 5824 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

16:36:40.0806 5824 MMCSS - ok

16:36:40.0821 5824 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

16:36:40.0837 5824 Modem - ok

16:36:40.0853 5824 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

16:36:40.0853 5824 monitor - ok

16:36:40.0868 5824 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

16:36:40.0868 5824 mouclass - ok

16:36:40.0884 5824 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

16:36:40.0884 5824 mouhid - ok

16:36:40.0899 5824 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

16:36:40.0915 5824 mountmgr - ok

16:36:40.0977 5824 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

16:36:40.0993 5824 MozillaMaintenance - ok

16:36:40.0993 5824 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

16:36:40.0993 5824 mpio - ok

16:36:41.0024 5824 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

16:36:41.0024 5824 mpsdrv - ok

16:36:41.0055 5824 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

16:36:41.0087 5824 MpsSvc - ok

16:36:41.0102 5824 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

16:36:41.0102 5824 MRxDAV - ok

16:36:41.0133 5824 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

16:36:41.0133 5824 mrxsmb - ok

16:36:41.0149 5824 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:36:41.0149 5824 mrxsmb10 - ok

16:36:41.0165 5824 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:36:41.0180 5824 mrxsmb20 - ok

16:36:41.0196 5824 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

16:36:41.0196 5824 msahci - ok

16:36:41.0211 5824 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

16:36:41.0211 5824 msdsm - ok

16:36:41.0227 5824 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

16:36:41.0258 5824 MSDTC - ok

16:36:41.0274 5824 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

16:36:41.0274 5824 Msfs - ok

16:36:41.0289 5824 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

16:36:41.0305 5824 mshidkmdf - ok

16:36:41.0305 5824 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

16:36:41.0305 5824 msisadrv - ok

16:36:41.0352 5824 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

16:36:41.0367 5824 MSiSCSI - ok

16:36:41.0367 5824 msiserver - ok

16:36:41.0399 5824 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

16:36:41.0414 5824 MSKSSRV - ok

16:36:41.0430 5824 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

16:36:41.0430 5824 MSPCLOCK - ok

16:36:41.0430 5824 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

16:36:41.0445 5824 MSPQM - ok

16:36:41.0523 5824 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

16:36:41.0539 5824 MsRPC - ok

16:36:41.0586 5824 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

16:36:41.0586 5824 mssmbios - ok

16:36:41.0586 5824 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

16:36:41.0601 5824 MSTEE - ok

16:36:41.0601 5824 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

16:36:41.0601 5824 MTConfig - ok

16:36:41.0633 5824 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

16:36:41.0633 5824 Mup - ok

16:36:41.0664 5824 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

16:36:41.0711 5824 napagent - ok

16:36:41.0742 5824 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

16:36:41.0742 5824 NativeWifiP - ok

16:36:41.0773 5824 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

16:36:41.0789 5824 NDIS - ok

16:36:41.0804 5824 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

16:36:41.0820 5824 NdisCap - ok

16:36:41.0835 5824 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

16:36:41.0835 5824 NdisTapi - ok

16:36:41.0851 5824 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

16:36:41.0851 5824 Ndisuio - ok

16:36:41.0867 5824 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

16:36:41.0867 5824 NdisWan - ok

16:36:41.0867 5824 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

16:36:41.0867 5824 NDProxy - ok

16:36:41.0882 5824 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

16:36:41.0882 5824 NetBIOS - ok

16:36:41.0898 5824 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

16:36:41.0913 5824 NetBT - ok

16:36:41.0913 5824 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

16:36:41.0929 5824 Netlogon - ok

16:36:41.0991 5824 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

16:36:42.0023 5824 Netman - ok

16:36:42.0272 5824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:36:42.0303 5824 NetMsmqActivator - ok

16:36:42.0303 5824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:36:42.0319 5824 NetPipeActivator - ok

16:36:42.0335 5824 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

16:36:42.0381 5824 netprofm - ok

16:36:42.0381 5824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:36:42.0397 5824 NetTcpActivator - ok

16:36:42.0397 5824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:36:42.0397 5824 NetTcpPortSharing - ok

16:36:42.0506 5824 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

16:36:42.0506 5824 nfrd960 - ok

16:36:42.0537 5824 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

16:36:42.0569 5824 NlaSvc - ok

16:36:43.0052 5824 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

16:36:43.0115 5824 NOBU - ok

16:36:43.0146 5824 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

16:36:43.0146 5824 Npfs - ok

16:36:43.0177 5824 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

16:36:43.0208 5824 nsi - ok

16:36:43.0224 5824 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

16:36:43.0224 5824 nsiproxy - ok

16:36:43.0286 5824 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

16:36:43.0349 5824 Ntfs - ok

16:36:43.0380 5824 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

16:36:43.0380 5824 Null - ok

16:36:43.0458 5824 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

16:36:43.0458 5824 nvraid - ok

16:36:43.0458 5824 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

16:36:43.0473 5824 nvstor - ok

16:36:43.0520 5824 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

16:36:43.0536 5824 nv_agp - ok

16:36:43.0536 5824 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

16:36:43.0551 5824 ohci1394 - ok

16:36:43.0629 5824 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:36:43.0629 5824 ose - ok

16:36:44.0363 5824 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:36:44.0394 5824 osppsvc - ok

16:36:44.0425 5824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

16:36:44.0456 5824 p2pimsvc - ok

16:36:44.0503 5824 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

16:36:44.0534 5824 p2psvc - ok

16:36:44.0534 5824 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

16:36:44.0550 5824 Parport - ok

16:36:44.0581 5824 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

16:36:44.0581 5824 partmgr - ok

16:36:44.0643 5824 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

16:36:44.0675 5824 PcaSvc - ok

16:36:45.0595 5824 PcdrNdisuio - ok

16:36:45.0860 5824 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms

16:36:45.0876 5824 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok

16:36:45.0923 5824 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

16:36:45.0938 5824 pci - ok

16:36:45.0954 5824 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

16:36:45.0954 5824 pciide - ok

16:36:46.0016 5824 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

16:36:46.0063 5824 pcmcia - ok

16:36:46.0094 5824 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

16:36:46.0094 5824 pcw - ok

16:36:46.0281 5824 [ 8570C04D9DBFDDD2CCF655DEB4D84715 ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys

16:36:46.0281 5824 PDFsFilter - ok

16:36:46.0422 5824 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

16:36:46.0453 5824 PEAUTH - ok

16:36:46.0547 5824 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

16:36:46.0578 5824 PerfHost - ok

16:36:46.0718 5824 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

16:36:46.0812 5824 pla - ok

16:36:46.0921 5824 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

16:36:47.0015 5824 PlugPlay - ok

16:36:47.0217 5824 [ CBCEC2C45E7D672EC6E46CBFF23BDF8E ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

16:36:47.0373 5824 PMBDeviceInfoProvider - ok

16:36:47.0451 5824 [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys

16:36:47.0467 5824 pmxdrv - ok

16:36:47.0483 5824 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

16:36:47.0514 5824 PNRPAutoReg - ok

16:36:47.0545 5824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

16:36:47.0576 5824 PNRPsvc - ok

16:36:47.0654 5824 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

16:36:47.0685 5824 PolicyAgent - ok

16:36:47.0717 5824 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

16:36:47.0763 5824 Power - ok

16:36:47.0795 5824 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

16:36:47.0810 5824 PptpMiniport - ok

16:36:47.0826 5824 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

16:36:47.0841 5824 Processor - ok

16:36:47.0888 5824 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

16:36:47.0935 5824 ProfSvc - ok

16:36:47.0951 5824 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

16:36:47.0982 5824 ProtectedStorage - ok

16:36:48.0044 5824 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

16:36:48.0044 5824 Psched - ok

16:36:48.0075 5824 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys

16:36:48.0091 5824 PSI - ok

16:36:48.0122 5824 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

16:36:48.0153 5824 PSI_SVC_2 - ok

16:36:48.0185 5824 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

16:36:48.0185 5824 PxHlpa64 - ok

16:36:48.0465 5824 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

16:36:48.0559 5824 ql2300 - ok

16:36:48.0590 5824 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

16:36:48.0606 5824 ql40xx - ok

16:36:48.0653 5824 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

16:36:48.0699 5824 QWAVE - ok

16:36:48.0715 5824 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

16:36:48.0731 5824 QWAVEdrv - ok

16:36:48.0871 5824 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll

16:36:48.0871 5824 RapiMgr - ok

16:36:48.0887 5824 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

16:36:48.0902 5824 RasAcd - ok

16:36:48.0980 5824 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

16:36:48.0980 5824 RasAgileVpn - ok

16:36:48.0996 5824 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

16:36:49.0027 5824 RasAuto - ok

16:36:49.0058 5824 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

16:36:49.0058 5824 Rasl2tp - ok

16:36:49.0105 5824 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

16:36:49.0152 5824 RasMan - ok

16:36:49.0183 5824 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

16:36:49.0199 5824 RasPppoe - ok

16:36:49.0214 5824 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

16:36:49.0214 5824 RasSstp - ok

16:36:49.0261 5824 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

16:36:49.0277 5824 rdbss - ok

16:36:49.0308 5824 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

16:36:49.0308 5824 rdpbus - ok

16:36:49.0339 5824 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

16:36:49.0339 5824 RDPCDD - ok

16:36:49.0355 5824 [ BDF2DB2F19945AFAF102A2C03062EFB1 ] RDPDISPM C:\Windows\system32\DRIVERS\rdpdispm.sys

16:36:49.0370 5824 RDPDISPM - ok

16:36:49.0386 5824 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

16:36:49.0401 5824 RDPENCDD - ok

16:36:49.0417 5824 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

16:36:49.0433 5824 RDPREFMP - ok

16:36:49.0495 5824 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

16:36:49.0495 5824 RdpVideoMiniport - ok

16:36:49.0542 5824 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

16:36:49.0557 5824 RDPWD - ok

16:36:49.0604 5824 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

16:36:49.0620 5824 rdyboost - ok

16:36:49.0651 5824 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

16:36:49.0682 5824 RemoteAccess - ok

16:36:49.0698 5824 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

16:36:49.0729 5824 RemoteRegistry - ok

16:36:50.0010 5824 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

16:36:50.0119 5824 RoxMediaDB12OEM - ok

16:36:50.0197 5824 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

16:36:50.0228 5824 RoxWatch12 - ok

16:36:50.0244 5824 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

16:36:50.0291 5824 RpcEptMapper - ok

16:36:50.0306 5824 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

16:36:50.0322 5824 RpcLocator - ok

16:36:50.0384 5824 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

16:36:50.0415 5824 RpcSs - ok

16:36:50.0431 5824 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

16:36:50.0447 5824 rspndr - ok

16:36:50.0462 5824 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

16:36:50.0478 5824 SamSs - ok

16:36:50.0540 5824 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

16:36:50.0540 5824 sbp2port - ok

16:36:50.0618 5824 [ 7E07D2A5B910C71D6474E9AA0EAA1825 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys

16:36:50.0618 5824 SBRE - ok

16:36:50.0681 5824 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

16:36:50.0712 5824 SCardSvr - ok

16:36:50.0743 5824 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

16:36:50.0743 5824 scfilter - ok

16:36:50.0868 5824 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

16:36:50.0915 5824 Schedule - ok

16:36:50.0961 5824 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

16:36:50.0961 5824 SCPolicySvc - ok

16:36:51.0008 5824 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

16:36:51.0055 5824 SDRSVC - ok

16:36:51.0117 5824 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

16:36:51.0117 5824 secdrv - ok

16:36:51.0117 5824 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

16:36:51.0149 5824 seclogon - ok

16:36:51.0367 5824 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe

16:36:51.0367 5824 Secunia PSI Agent - ok

16:36:51.0398 5824 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

16:36:51.0445 5824 SENS - ok

16:36:51.0445 5824 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

16:36:51.0492 5824 SensrSvc - ok

16:36:51.0570 5824 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

16:36:51.0570 5824 Serenum - ok

16:36:51.0632 5824 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

16:36:51.0632 5824 Serial - ok

16:36:51.0663 5824 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

16:36:51.0679 5824 sermouse - ok

16:36:51.0710 5824 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

16:36:51.0741 5824 SessionEnv - ok

16:36:51.0741 5824 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

16:36:51.0757 5824 sffdisk - ok

16:36:51.0757 5824 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

16:36:51.0757 5824 sffp_mmc - ok

16:36:51.0757 5824 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

16:36:51.0773 5824 sffp_sd - ok

16:36:51.0773 5824 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

16:36:51.0773 5824 sfloppy - ok

16:36:52.0147 5824 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

16:36:52.0225 5824 SftService - ok

16:36:52.0319 5824 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

16:36:52.0350 5824 SharedAccess - ok

16:36:52.0443 5824 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

16:36:52.0506 5824 ShellHWDetection - ok

16:36:52.0521 5824 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

16:36:52.0521 5824 SiSRaid2 - ok

16:36:52.0537 5824 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

16:36:52.0537 5824 SiSRaid4 - ok

16:36:53.0021 5824 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

16:36:53.0130 5824 Skype C2C Service - ok

16:36:53.0255 5824 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

16:36:53.0255 5824 SkypeUpdate - ok

16:36:53.0301 5824 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

16:36:53.0301 5824 Smb - ok

16:36:53.0333 5824 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

16:36:53.0379 5824 SNMPTRAP - ok

16:36:53.0395 5824 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

16:36:53.0395 5824 spldr - ok

16:36:53.0504 5824 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

16:36:53.0535 5824 Spooler - ok

16:36:54.0003 5824 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

16:36:54.0113 5824 sppsvc - ok

16:36:54.0144 5824 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

16:36:54.0159 5824 sppuinotify - ok

16:36:54.0222 5824 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

16:36:54.0237 5824 srv - ok

16:36:54.0315 5824 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

16:36:54.0331 5824 srv2 - ok

16:36:54.0378 5824 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

16:36:54.0378 5824 srvnet - ok

16:36:54.0518 5824 [ 2BD486E7A2EB225E9E8E3DD1C016461B ] SSCBFS3 C:\Windows\system32\DRIVERS\sscbfs3.sys

16:36:54.0534 5824 SSCBFS3 - ok

16:36:54.0612 5824 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

16:36:54.0659 5824 SSDPSRV - ok

16:36:54.0690 5824 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

16:36:54.0737 5824 SstpSvc - ok

16:36:54.0783 5824 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

16:36:54.0783 5824 stexstor - ok

16:36:54.0846 5824 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

16:36:54.0846 5824 StillCam - ok

16:36:54.0924 5824 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

16:36:54.0971 5824 stisvc - ok

16:36:55.0064 5824 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

16:36:55.0064 5824 stllssvr - ok

16:36:55.0080 5824 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

16:36:55.0095 5824 swenum - ok

16:36:55.0236 5824 [ 18AA39F3229D033D83C40E2B86F86757 ] SWGVCSvc C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe

16:36:55.0236 5824 SWGVCSvc - ok

16:36:55.0283 5824 [ 62EAC9FB03C327654608070FA78BA84D ] SWIPsec C:\Windows\system32\Drivers\SWIPsec.sys

16:36:55.0298 5824 SWIPsec - ok

16:36:55.0345 5824 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

16:36:55.0392 5824 swprv - ok

16:36:55.0407 5824 [ DCF11E08A8524B19EC47515C22BE492E ] SWVNIC C:\Windows\system32\DRIVERS\swvnic.sys

16:36:55.0407 5824 SWVNIC - ok

16:36:55.0501 5824 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

16:36:55.0595 5824 SysMain - ok

16:36:55.0610 5824 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

16:36:55.0657 5824 TabletInputService - ok

16:36:55.0688 5824 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

16:36:55.0735 5824 TapiSrv - ok

16:36:55.0766 5824 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

16:36:55.0797 5824 TBS - ok

16:36:55.0985 5824 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

16:36:56.0031 5824 Tcpip - ok

16:36:56.0219 5824 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

16:36:56.0234 5824 TCPIP6 - ok

16:36:56.0250 5824 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

16:36:56.0250 5824 tcpipreg - ok

16:36:56.0281 5824 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

16:36:56.0297 5824 TDPIPE - ok

16:36:56.0328 5824 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

16:36:56.0328 5824 TDTCP - ok

16:36:56.0359 5824 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

16:36:56.0359 5824 tdx - ok

16:36:56.0406 5824 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

16:36:56.0406 5824 TermDD - ok

16:36:56.0499 5824 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

16:36:56.0562 5824 TermService - ok

16:36:56.0562 5824 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

16:36:56.0609 5824 Themes - ok

16:36:56.0624 5824 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

16:36:56.0655 5824 THREADORDER - ok

16:36:56.0687 5824 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

16:36:56.0718 5824 TrkWks - ok

16:36:56.0765 5824 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

16:36:56.0765 5824 TrustedInstaller - ok

16:36:56.0780 5824 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

16:36:56.0780 5824 tssecsrv - ok

16:36:56.0796 5824 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

16:36:56.0811 5824 TsUsbFlt - ok

16:36:56.0843 5824 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

16:36:56.0843 5824 TsUsbGD - ok

16:36:56.0874 5824 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

16:36:56.0874 5824 tunnel - ok

16:36:56.0889 5824 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

16:36:56.0889 5824 uagp35 - ok

16:36:56.0905 5824 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

16:36:56.0905 5824 udfs - ok

16:36:56.0921 5824 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

16:36:56.0936 5824 UI0Detect - ok

16:36:56.0983 5824 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

16:36:56.0999 5824 uliagpkx - ok

16:36:57.0014 5824 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

16:36:57.0014 5824 umbus - ok

16:36:57.0030 5824 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

16:36:57.0045 5824 UmPass - ok

16:36:57.0077 5824 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

16:36:57.0123 5824 upnphost - ok

16:36:57.0155 5824 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

16:36:57.0155 5824 usbccgp - ok

16:36:57.0170 5824 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

16:36:57.0170 5824 usbcir - ok

16:36:57.0186 5824 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

16:36:57.0201 5824 usbehci - ok

16:36:57.0233 5824 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

16:36:57.0248 5824 usbhub - ok

16:36:57.0248 5824 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

16:36:57.0264 5824 usbohci - ok

16:36:57.0279 5824 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

16:36:57.0279 5824 usbprint - ok

16:36:57.0311 5824 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

16:36:57.0326 5824 usbscan - ok

16:36:57.0342 5824 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:36:57.0357 5824 USBSTOR - ok

16:36:57.0389 5824 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

16:36:57.0389 5824 usbuhci - ok

16:36:57.0482 5824 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

16:36:57.0482 5824 usbvideo - ok

16:36:57.0498 5824 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

16:36:57.0560 5824 UxSms - ok

16:36:57.0591 5824 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

16:36:57.0607 5824 VaultSvc - ok

16:36:57.0654 5824 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

16:36:57.0654 5824 vdrvroot - ok

16:36:57.0685 5824 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

16:36:57.0747 5824 vds - ok

16:36:57.0810 5824 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

16:36:57.0825 5824 vga - ok

16:36:57.0825 5824 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

16:36:57.0841 5824 VgaSave - ok

16:36:57.0841 5824 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

16:36:57.0857 5824 vhdmp - ok

16:36:57.0857 5824 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

16:36:57.0857 5824 viaide - ok

16:36:57.0903 5824 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

16:36:57.0903 5824 volmgr - ok

16:36:57.0966 5824 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

16:36:58.0387 5824 volmgrx - ok

16:36:58.0418 5824 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

16:36:58.0418 5824 volsnap - ok

16:36:58.0434 5824 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

16:36:58.0434 5824 vsmraid - ok

16:36:58.0465 5824 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

16:36:58.0496 5824 VSS - ok

16:36:58.0512 5824 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

16:36:58.0527 5824 vwifibus - ok

16:36:58.0559 5824 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

16:36:58.0559 5824 vwififlt - ok

16:36:58.0590 5824 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

16:36:58.0605 5824 vwifimp - ok

16:36:58.0637 5824 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

16:36:58.0683 5824 W32Time - ok

16:36:58.0699 5824 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

16:36:58.0699 5824 WacomPen - ok

16:36:58.0746 5824 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

16:36:58.0746 5824 WANARP - ok

16:36:58.0761 5824 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

16:36:58.0761 5824 Wanarpv6 - ok

16:36:58.0886 5824 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

16:36:58.0902 5824 WatAdminSvc - ok

16:36:58.0933 5824 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

16:36:58.0980 5824 wbengine - ok

16:36:59.0027 5824 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

16:36:59.0073 5824 WbioSrvc - ok

16:36:59.0120 5824 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll

16:36:59.0120 5824 WcesComm - ok

16:36:59.0120 5824 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

16:36:59.0151 5824 wcncsvc - ok

16:36:59.0183 5824 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

16:36:59.0214 5824 WcsPlugInService - ok

16:36:59.0261 5824 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

16:36:59.0261 5824 Wd - ok

16:36:59.0354 5824 [ 96C4C98FE4866C16FC64E4578A0AA975 ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

16:36:59.0370 5824 WDBackup - ok

16:36:59.0401 5824 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

16:36:59.0401 5824 WDC_SAM - ok

16:36:59.0448 5824 [ 80F8944EA183004D6EDCBBDCEC166404 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

16:36:59.0448 5824 WDDriveService - ok

16:36:59.0557 5824 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

16:36:59.0604 5824 Wdf01000 - ok

16:36:59.0619 5824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

16:36:59.0682 5824 WdiServiceHost - ok

16:36:59.0682 5824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

16:36:59.0697 5824 WdiSystemHost - ok

16:36:59.0900 5824 [ FD2D1C60CDBDFAB63EF182539D8FFC2D ] WDRulesService C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe

16:36:59.0947 5824 WDRulesService - ok

16:37:00.0009 5824 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

16:37:00.0087 5824 WebClient - ok

16:37:00.0165 5824 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll

16:37:00.0212 5824 Wecsvc - ok

16:37:00.0228 5824 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

16:37:00.0259 5824 wercplsupport - ok

16:37:00.0337 5824 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

16:37:00.0399 5824 WerSvc - ok

16:37:00.0493 5824 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

16:37:00.0509 5824 WfpLwf - ok

16:37:00.0587 5824 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

16:37:00.0587 5824 WimFltr - ok

16:37:00.0618 5824 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

16:37:00.0618 5824 WIMMount - ok

16:37:00.0633 5824 WinDefend - ok

16:37:00.0649 5824 WinHttpAutoProxySvc - ok

16:37:00.0727 5824 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

16:37:00.0727 5824 Winmgmt - ok

16:37:00.0883 5824 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll

16:37:00.0977 5824 WinRM - ok

16:37:00.0992 5824 [ FE88B288356E7B47B74B13372ADD906D ] winusb C:\Windows\system32\DRIVERS\winusb.sys

16:37:00.0992 5824 winusb - ok

16:37:01.0023 5824 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

16:37:01.0055 5824 Wlansvc - ok

16:37:01.0351 5824 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

16:37:01.0367 5824 wlidsvc - ok

16:37:01.0445 5824 [ DE816A0624D54D68E1FB8A9028DCF81A ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

16:37:01.0445 5824 wltrysvc - ok

16:37:01.0476 5824 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

16:37:01.0476 5824 WmiAcpi - ok

16:37:01.0554 5824 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

16:37:01.0554 5824 wmiApSrv - ok

16:37:01.0616 5824 WMPNetworkSvc - ok

16:37:01.0663 5824 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe

16:37:01.0679 5824 WMZuneComm - ok

16:37:01.0679 5824 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

16:37:01.0710 5824 WPCSvc - ok

16:37:01.0741 5824 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

16:37:01.0772 5824 WPDBusEnum - ok

16:37:01.0819 5824 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

16:37:01.0819 5824 ws2ifsl - ok

16:37:01.0850 5824 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

16:37:01.0866 5824 wscsvc - ok

16:37:01.0866 5824 WSearch - ok

16:37:01.0928 5824 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

16:37:02.0069 5824 wuauserv - ok

16:37:02.0084 5824 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

16:37:02.0100 5824 WudfPf - ok

16:37:02.0115 5824 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

16:37:02.0131 5824 WUDFRd - ok

16:37:02.0131 5824 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

16:37:02.0162 5824 wudfsvc - ok

16:37:02.0178 5824 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

16:37:02.0209 5824 WwanSvc - ok

16:37:02.0350 5824 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe

16:37:02.0381 5824 ZuneNetworkSvc - ok

16:37:02.0428 5824 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe

16:37:02.0428 5824 ZuneWlanCfgSvc - ok

16:37:02.0459 5824 ================ Scan global ===============================

16:37:02.0490 5824 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

16:37:02.0521 5824 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll

16:37:02.0552 5824 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll

16:37:02.0599 5824 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

16:37:02.0646 5824 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

16:37:02.0662 5824 [Global] - ok

16:37:02.0662 5824 ================ Scan MBR ==================================

16:37:02.0677 5824 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

16:37:02.0927 5824 \Device\Harddisk0\DR0 - ok

16:37:02.0927 5824 ================ Scan VBR ==================================

16:37:02.0927 5824 [ FB4CAC549C51FA7695BB39A2A7AFE1AD ] \Device\Harddisk0\DR0\Partition1

16:37:02.0942 5824 \Device\Harddisk0\DR0\Partition1 - ok

16:37:02.0942 5824 [ BDE66353B93E562E376BCBF940CF228E ] \Device\Harddisk0\DR0\Partition2

16:37:02.0958 5824 \Device\Harddisk0\DR0\Partition2 - ok

16:37:02.0958 5824 ============================================================

16:37:02.0958 5824 Scan finished

16:37:02.0958 5824 ============================================================

16:37:02.0958 5252 Detected object count: 0

16:37:02.0958 5252 Actual detected object count: 0

Link to post
Share on other sites

OTL

OTL logfile created on: 1/23/2013 4:49:18 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\RAM DELL 8300\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 9.83 Gb Available Physical Memory | 82.07% Memory free

23.96 Gb Paging File | 21.68 Gb Available in Paging File | 90.48% Paging File free

Paging file location(s): Reg Error: Value error.

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 1383.98 Gb Total Space | 1268.32 Gb Free Space | 91.64% Space Free | Partition Type: NTFS

Computer Name: RAMDELL8300-PC | User Name: RAM DELL 8300 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/23 16:43:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\RAM DELL 8300\Downloads\OTL.exe

PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012/12/06 23:40:38 | 001,053,184 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

PRC - [2012/11/28 23:20:48 | 000,255,992 | ---- | M] (Microsoft Corporation) -- C:\Users\RAM DELL 8300\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2012/09/18 12:08:58 | 000,081,328 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe

PRC - [2012/05/28 12:33:06 | 001,097,728 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe

PRC - [2012/02/01 10:36:22 | 000,634,880 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe

PRC - [2011/10/13 22:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe

PRC - [2011/10/13 22:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

PRC - [2010/09/13 15:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010/09/13 15:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

PRC - [2010/01/18 21:43:00 | 000,124,256 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

PRC - [2009/09/30 10:07:34 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\SSDriver\fi5110\SsWiaChecker.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/09 00:26:44 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll

MOD - [2013/01/09 00:26:44 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll

MOD - [2013/01/08 22:55:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll

MOD - [2013/01/08 22:54:55 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll

MOD - [2013/01/08 22:54:51 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll

MOD - [2013/01/08 22:54:42 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll

MOD - [2013/01/08 22:54:38 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll

MOD - [2013/01/08 22:54:36 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll

MOD - [2013/01/08 22:54:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll

MOD - [2013/01/08 22:54:31 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll

MOD - [2012/01/18 15:35:18 | 000,385,024 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll

MOD - [2011/12/14 20:49:20 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll

MOD - [2010/08/24 16:56:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll

MOD - [2003/04/21 14:19:42 | 000,851,968 | ---- | M] () -- C:\Windows\SSDriver\fi5110\fjiplA6.dll

MOD - [2003/04/21 14:19:40 | 000,020,480 | ---- | M] () -- C:\Windows\SSDriver\fi5110\fjipl.dll

MOD - [2003/03/26 18:46:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2012/09/30 23:22:52 | 000,359,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV:64bit: - [2012/09/27 17:38:16 | 000,239,616 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2011/12/27 08:53:01 | 000,048,128 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)

SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)

SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)

SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)

SRV:64bit: - [2011/01/14 16:07:08 | 000,286,504 | ---- | M] (SonicWALL, Inc.) [Disabled | Stopped] -- C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe -- (SWGVCSvc)

SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2013/01/20 06:35:23 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/01/13 10:30:17 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012/12/06 23:40:38 | 001,053,184 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)

SRV - [2012/11/27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)

SRV - [2012/11/06 08:53:00 | 000,147,888 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)

SRV - [2012/11/06 08:52:53 | 000,375,728 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)

SRV - [2012/09/19 21:10:10 | 001,177,536 | R--- | M] (Western Digital ) [Disabled | Stopped] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)

SRV - [2012/09/19 21:10:06 | 001,157,056 | R--- | M] (Western Digital ) [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)

SRV - [2012/09/19 21:02:48 | 000,248,248 | R--- | M] (Western Digital) [Disabled | Stopped] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)

SRV - [2012/09/18 12:09:15 | 000,311,032 | ---- | M] (Avanquest Software) [Disabled | Stopped] -- C:\Program Files (x86)\Avanquest\Fix-It\AVQWinMonEngine.exe -- (.AVQWindowsMonitorService)

SRV - [2012/09/18 12:09:13 | 000,537,608 | ---- | M] (Avanquest Software) [Disabled | Stopped] -- C:\Program Files (x86)\Avanquest\Fix-It\MXTask.exe -- (Fix-It Task Manager)

SRV - [2012/09/18 12:08:58 | 000,081,328 | ---- | M] (Avanquest Software) [Auto | Running] -- C:\Program Files (x86)\Avanquest\Fix-It\AQFileRestoreSrv.exe -- (AQFileRestoreSrv)

SRV - [2012/08/13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012/07/03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/04/02 11:17:40 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)

SRV - [2011/10/26 09:31:02 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2011/10/13 22:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)

SRV - [2011/08/18 08:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)

SRV - [2010/11/25 02:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)

SRV - [2010/11/25 02:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)

SRV - [2010/09/13 15:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2010/08/25 17:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/04/27 02:17:14 | 000,759,048 | ---- | M] (ABBYY) [Disabled | Stopped] -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)

SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/11/06 08:52:54 | 000,088,008 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)

DRV:64bit: - [2012/11/01 09:59:08 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)

DRV:64bit: - [2012/10/30 17:48:48 | 000,347,456 | ---- | M] (EldoS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sscbfs3.sys -- (SSCBFS3)

DRV:64bit: - [2012/10/30 15:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2012/10/30 15:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2012/10/30 15:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2012/10/30 15:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012/10/30 15:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012/10/15 08:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012/09/27 18:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2012/09/27 17:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2012/09/20 09:20:07 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)

DRV:64bit: - [2012/09/18 01:32:32 | 000,078,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)

DRV:64bit: - [2012/09/18 01:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2012/09/18 01:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2012/09/18 01:32:32 | 000,015,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)

DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/07/26 10:01:26 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)

DRV:64bit: - [2012/06/08 09:32:48 | 000,021,120 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\AQFileRestore.sys -- (AQFileRestore)

DRV:64bit: - [2012/05/13 22:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2012/04/02 11:17:40 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)

DRV:64bit: - [2012/04/02 11:17:18 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)

DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/12/27 08:53:01 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)

DRV:64bit: - [2011/12/13 17:19:10 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)

DRV:64bit: - [2011/10/26 11:00:18 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/10/26 11:00:18 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/01/14 16:08:20 | 000,100,128 | ---- | M] (SonicWALL, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SWIPsec.sys -- (SWIPsec)

DRV:64bit: - [2010/12/06 09:46:24 | 000,131,672 | ---- | M] (Deterministic Networks, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dnelwf64.sys -- (DNE)

DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2010/10/15 17:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [2010/09/14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/09/01 00:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)

DRV:64bit: - [2010/08/31 09:32:44 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdispm.sys -- (RDPDISPM)

DRV:64bit: - [2010/06/08 04:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)

DRV:64bit: - [2010/05/20 15:42:44 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2010/03/22 12:11:12 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)

DRV:64bit: - [2010/03/19 00:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010/02/27 07:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010/01/23 11:55:28 | 000,024,600 | ---- | M] (SonicWALL, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SWVNIC.sys -- (SWVNIC)

DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)

DRV:64bit: - [2006/11/01 09:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2012/09/18 12:09:15 | 000,021,120 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AQFileRestore.sys -- (AQFileRestore)

DRV - [2012/04/02 11:17:40 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)

DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.dell.com/support/in [binary data over 200 bytes]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://support.dell.com/support/in [binary data over 200 bytes]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070320

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/advanced_search?hl=en

IE - HKCU\..\SearchScopes,DefaultScope = {FCCF8EC8-3088-4707-89B5-DF97DAEB5F03}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{FCCF8EC8-3088-4707-89B5-DF97DAEB5F03}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/advanced_search?hl=en"

FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@ei.MapsGalaxy_39.com/Plugin: File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012/11/21 07:02:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2012/12/02 07:42:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/01/08 09:40:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/20 06:35:23 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/20 06:35:23 | 000,000,000 | ---D | M]

[2012/09/19 05:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Extensions

[2012/09/21 08:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RAM DELL 8300\AppData\Roaming\Mozilla\Firefox\Profiles\r22rk5lc.default\extensions

[2013/01/22 09:49:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012/11/21 07:02:25 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT

[2013/01/20 06:35:23 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/10/29 07:23:29 | 000,003,544 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

[2012/11/19 22:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/11/19 22:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/12/30 06:55:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found.

O2 - BHO: (Wondershare Video Converter Ultimate) - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)

O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)

O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)

O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)

O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [browserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe (Wondershare Software)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)

O4 - HKLM..\Run: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED)

O4 - HKLM..\Run: [updReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)

O4 - HKCU..\Run: [skyDrive] C:\Users\RAM DELL 8300\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)

O4 - Startup: C:\Users\RAM DELL 8300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\ieSpell.dll (Red Egg Software)

O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\ieSpell.dll (Red Egg Software)

O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\ieSpell.dll (Red Egg Software)

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: advisor.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O15 - HKCU\..Trusted Domains: iknowmed.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: usoncology.com ([]* in Trusted sites)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (Reg Error: Key error.)

O16 - DPF: {319B9BA1-E335-4F8D-96CA-A89A1DFE778D} https://ikm07.usoncology.com/downloads/ikmSoundPlayer.cab (Reg Error: Key error.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {9A0F2B30-FEFF-42C8-9C56-F4FE3215C00C} https://ikm07.usoncology.com/downloads/ikmPrinter.cab (Reg Error: Key error.)

O16 - DPF: {BB609657-8E59-4175-9E74-86BD28208880} https://ikm07.usoncology.com/downloads/ieWrapper.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=928 (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6147CE2E-EAC1-41B6-812B-8A0D0AD079D2}: DhcpNameServer = 172.20.2.1 64.60.0.17 8.8.4.4

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB7ECB17-50BB-41A8-888D-4835287ADBE0}: DhcpNameServer = 192.168.1.254

O18:64bit: - Protocol\Handler\AutorunsDisabled - No CLSID value found

O18:64bit: - Protocol\Handler\AutorunsDisabled\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Handler\cozi - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found

O18 - Protocol\Handler\AutorunsDisabled\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)

O18 - Protocol\Handler\gopher - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O21:64bit: - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysNative\SSCbFsMntNtf3.dll (EldoS Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O22:64bit: - SharedTaskScheduler: {C28617FD-4FE7-4043-AD51-C8132CE90106} - Virtual Storage Mount Notification - C:\Windows\SysNative\SSCbFsMntNtf3.dll (EldoS Corporation)

O22 - SharedTaskScheduler: {C28617FD-4FE7-4043-AD51-C8132CE90106} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation)

O32 - HKLM CDRom: AutoRun - 1

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/23 02:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

[2013/01/23 02:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT

[2013/01/22 05:52:42 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\Desktop\01-22-2013

[2013/01/21 23:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX860 series

[2013/01/21 22:56:39 | 000,366,080 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNMNPPM.DLL

[2013/01/21 22:56:39 | 000,252,416 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6PPM.DLL

[2013/01/21 22:56:39 | 000,152,064 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6UI.DLL

[2013/01/20 06:35:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2013/01/19 07:46:21 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\Desktop\RK_Quarantine

[2013/01/19 00:58:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013/01/19 00:26:41 | 000,000,000 | ---D | C] -- C:\ComboFix

[2013/01/16 18:26:51 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\AppData\Local\SugarSync

[2013/01/13 08:58:52 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll

[2013/01/08 22:31:35 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2013/01/08 22:31:35 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2013/01/08 22:31:14 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll

[2013/01/08 22:31:13 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll

[2013/01/08 22:31:02 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs

[2013/01/08 22:31:02 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs

[2013/01/08 22:31:02 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs

[2013/01/08 22:31:02 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs

[2013/01/08 22:31:02 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs

[2013/01/08 22:31:02 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs

[2013/01/08 22:31:02 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs

[2013/01/08 22:31:01 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs

[2013/01/08 22:31:01 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs

[2013/01/08 22:31:01 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs

[2013/01/08 22:31:01 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs

[2013/01/08 22:31:01 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs

[2013/01/08 22:31:01 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs

[2013/01/08 22:31:01 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs

[2013/01/08 22:31:01 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs

[2013/01/08 22:31:01 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs

[2013/01/08 22:31:01 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs

[2013/01/08 22:31:01 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs

[2013/01/08 22:31:00 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll

[2013/01/08 22:31:00 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll

[2013/01/08 22:31:00 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll

[2013/01/08 22:31:00 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll

[2013/01/08 22:31:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs

[2013/01/08 22:31:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs

[2013/01/08 22:30:57 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs

[2013/01/08 22:30:57 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs

[2013/01/08 22:30:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs

[2013/01/08 22:30:55 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs

[2013/01/08 22:30:54 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs

[2013/01/08 22:30:54 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs

[2013/01/08 22:30:54 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs

[2013/01/08 22:30:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs

[2013/01/08 22:29:57 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2013/01/08 22:29:56 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2013/01/08 22:29:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2013/01/08 22:29:56 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2013/01/08 22:29:56 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2013/01/08 22:29:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2013/01/08 22:29:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2013/01/08 22:29:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2013/01/08 22:29:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2013/01/08 22:29:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2013/01/08 22:29:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2013/01/08 22:29:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2013/01/08 22:29:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2013/01/08 22:29:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2013/01/08 22:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2013/01/08 22:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2013/01/08 22:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2013/01/08 22:29:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2013/01/08 22:29:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2013/01/08 22:29:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2013/01/08 22:29:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2013/01/08 22:29:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2013/01/08 22:29:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2013/01/08 22:29:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2013/01/08 22:29:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2013/01/08 22:29:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2013/01/08 22:29:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2013/01/08 22:29:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2013/01/08 22:29:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2013/01/08 22:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2013/01/08 22:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2013/01/08 22:29:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2013/01/08 22:29:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2013/01/08 22:29:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2013/01/08 22:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2013/01/08 22:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2013/01/08 22:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2013/01/08 22:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2013/01/08 22:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2013/01/08 22:29:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2013/01/08 22:29:33 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe

[2013/01/08 09:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

[2013/01/08 09:41:06 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2013/01/08 09:41:05 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2013/01/08 09:41:04 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2013/01/08 09:41:04 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

[2013/01/08 09:41:03 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2013/01/08 09:41:03 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2013/01/08 09:40:51 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2013/01/08 09:40:51 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

[2013/01/08 09:37:23 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\AppData\Local\Avg2013

[2013/01/07 07:14:06 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\Desktop\Mallware Repair

[2013/01/04 19:06:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL

[2013/01/04 19:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

[2013/01/04 19:06:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster

[2013/01/02 07:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2013/01/01 13:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012/12/30 06:47:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2012/12/30 06:47:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2012/12/30 06:47:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2012/12/30 06:47:46 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012/12/30 06:47:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2012/12/30 06:14:36 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2012/12/30 06:14:36 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2012/12/30 06:14:36 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2012/12/30 06:14:35 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2012/12/28 03:53:25 | 000,000,000 | ---D | C] -- C:\Users\RAM DELL 8300\AppData\Local\Programs

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/23 16:44:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/01/23 16:40:56 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/01/23 16:40:56 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/01/23 16:32:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/01/23 16:32:40 | 1059,934,206 | -HS- | M] () -- C:\hiberfil.sys

[2013/01/23 16:04:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2013/01/23 11:56:42 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job

[2013/01/23 11:42:56 | 000,001,106 | ---- | M] () -- C:\Users\RAM DELL 8300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

[2013/01/23 11:42:53 | 000,000,926 | ---- | M] () -- C:\Users\RAM DELL 8300\Desktop\NTREGOPT.lnk

[2013/01/23 11:42:53 | 000,000,907 | ---- | M] () -- C:\Users\RAM DELL 8300\Desktop\ERUNT.lnk

[2013/01/22 10:17:28 | 001,081,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll

[2013/01/22 10:17:28 | 000,960,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll

[2013/01/21 23:02:54 | 000,002,011 | ---- | M] () -- C:\Users\Public\Desktop\Canon IJ Network Tool.lnk

[2013/01/21 22:53:00 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/01/21 22:53:00 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/01/21 22:53:00 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/01/13 10:30:17 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013/01/13 10:30:17 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013/01/08 22:50:27 | 000,509,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/01/08 22:45:16 | 000,772,558 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013/01/08 09:41:08 | 000,001,920 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2013/01/02 07:02:39 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013/01/01 04:31:07 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

[2012/12/30 06:55:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2012/12/30 06:31:05 | 000,000,162 | ---- | M] () -- C:\Windows\reimage.ini

[2012/12/28 03:53:52 | 000,001,135 | ---- | M] () -- C:\Users\RAM DELL 8300\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/23 11:42:56 | 000,001,106 | ---- | C] () -- C:\Users\RAM DELL 8300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

[2013/01/23 02:31:40 | 000,000,926 | ---- | C] () -- C:\Users\RAM DELL 8300\Desktop\NTREGOPT.lnk

[2013/01/23 02:31:40 | 000,000,907 | ---- | C] () -- C:\Users\RAM DELL 8300\Desktop\ERUNT.lnk

[2013/01/08 09:41:08 | 000,001,920 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2013/01/02 07:02:23 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013/01/02 07:02:22 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012/12/30 06:47:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012/12/30 06:47:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012/12/30 06:47:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012/12/30 06:47:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012/12/30 06:47:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012/12/30 06:30:10 | 000,000,162 | ---- | C] () -- C:\Windows\reimage.ini

[2012/12/02 07:42:53 | 000,727,952 | ---- | C] () -- C:\Windows\SysWow64\WSCM64.dll

[2012/12/02 07:42:53 | 000,159,120 | ---- | C] () -- C:\Windows\SysWow64\WSCM32.dll

[2012/11/29 10:06:42 | 000,038,400 | ---- | C] () -- C:\Users\RAM DELL 8300\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/11/23 21:21:39 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat

[2012/09/18 12:08:48 | 000,021,120 | ---- | C] () -- C:\Windows\SysWow64\drivers\AQFileRestore.sys

[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

[2012/02/14 18:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2012/02/14 18:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2012/01/08 12:39:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011/12/29 06:24:28 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI

[2011/12/27 18:28:11 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2011/12/27 11:13:15 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat

[2011/12/27 11:13:15 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat

[2011/10/26 11:05:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011/10/26 09:31:26 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2011/10/26 09:31:26 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2011/10/26 09:31:26 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini

[2011/10/26 09:31:26 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini

[2011/10/26 09:31:26 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini

[2011/09/12 15:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2011/05/16 12:31:44 | 000,008,592 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

[2011/02/10 08:10:51 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 05:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 05:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 05:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/05/12 08:10:09 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Ad-Aware Antivirus

[2012/11/03 10:03:07 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Avanquest

[2012/02/27 22:06:04 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Canon

[2012/12/05 11:25:04 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Catalina Marketing Corp

[2011/12/26 21:13:07 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Fingertapps

[2011/12/29 08:15:58 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Fujitsu

[2011/12/29 13:40:33 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Individual Software

[2012/12/06 08:25:01 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\iolo

[2011/12/26 21:12:57 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Leadertech

[2011/12/27 17:04:51 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\PCDr

[2011/12/29 22:30:11 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\PFU

[2011/12/29 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Publish Providers

[2012/11/28 12:37:34 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Sony

[2011/12/29 23:10:07 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Sony Creative Software Inc

[2012/09/16 12:23:27 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\TuneUp Software

[2012/11/28 15:17:56 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Ulead Systems

[2012/02/05 09:37:43 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Windows Live Writer

[2012/12/02 07:45:09 | 000,000,000 | ---D | M] -- C:\Users\RAM DELL 8300\AppData\Roaming\Wondershare Video Converter Ultimate

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >

Link to post
Share on other sites

OTL Extras.txt

OTL Extras logfile created on: 1/23/2013 4:49:18 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\RAM DELL 8300\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 9.83 Gb Available Physical Memory | 82.07% Memory free

23.96 Gb Paging File | 21.68 Gb Available in Paging File | 90.48% Paging File free

Paging file location(s): Reg Error: Value error.

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 1383.98 Gb Total Space | 1268.32 Gb Free Space | 91.64% Space Free | Partition Type: NTFS

Computer Name: RAMDELL8300-PC | User Name: RAM DELL 8300 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{082DADF3-D67F-4BAD-AF67-92FAF85F6D00}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |

"{08FDC0B2-36F0-4A7B-BCC2-E1CDD761E44A}" = lport=138 | protocol=17 | dir=in | app=system |

"{0A4BACEC-EF19-4B6C-8362-B6476877553C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{0C0DDBD1-5629-496C-A150-67B95A151BF5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2111DDF5-0F4E-4100-8651-7AE5BA207F20}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{2D5E1135-B966-4C1C-B0EB-E7697C9092CA}" = rport=445 | protocol=6 | dir=out | app=system |

"{3011D663-760A-4EC7-AAD0-8413F9CBEB5B}" = lport=7000 | protocol=6 | dir=in | name=windows easy transfer tcp port |

"{3166E3C9-E100-449C-9108-9DD0D3619386}" = rport=10243 | protocol=6 | dir=out | app=system |

"{43B13E01-0CAE-40CE-B525-1F6A9CF5C4DF}" = lport=137 | protocol=17 | dir=in | app=system |

"{4928A908-9D3F-4CAA-B1D8-90C944BCE222}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{4C73A881-FC95-40BA-B342-7934674A2FF0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{4D5B098D-9135-4F0C-BDA1-ACECBA74C52B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{52558B9C-0D0A-42D5-9DBA-AA3BBE3F336D}" = lport=2869 | protocol=6 | dir=in | app=system |

"{533B3ED4-4A6A-412E-9A1B-D1B19CCE9A51}" = lport=2869 | protocol=6 | dir=in | app=system |

"{54E18212-F145-4C89-BEB1-E5D7DD605640}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{5D521883-B2D2-4E2B-8C50-7852A353EBE6}" = lport=1900 | protocol=17 | dir=in | app=%programfiles%\zune\zune.exe |

"{68546E2C-FE20-408E-BF0D-23CF099322C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{692A46FA-3F25-4875-89F7-78A45EB5EE6E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{6D9BB085-5DFA-4207-9107-BF68CC2F1C8C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{6F4AC622-75C8-4E4F-8F68-A57BA35C476B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{7C197D4F-135F-4D13-9C6E-8392EF8890A3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{7E9C4317-F228-42D2-ADAD-48FB3425895B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{83C8160F-FEB8-4279-AD0F-2C7CD181C20D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{99B63BE8-106C-4C3C-A45F-11954D89A218}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{9A3EE8CB-0EBC-41E9-92FD-E5E5EC48E687}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{A1E20796-88C5-4FF6-BB11-2270C1804C12}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{A41DEC5F-90BD-41EE-871B-495B58E6A1ED}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{A96318CE-A963-4BE1-8B3B-D46F45B20F64}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{AED20C65-76FE-441B-BAFA-DBB16D78E3A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{B1048AAD-0057-48A0-8385-5ABC97E90286}" = lport=2869 | protocol=6 | dir=in | app=system |

"{B732AC15-99C5-48FD-915E-33DF6F7913A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{B82011BF-4156-4EE3-87C3-D015EBFEB091}" = rport=138 | protocol=17 | dir=out | app=system |

"{B9ADAF00-B84E-4F65-9D2B-BC13A248D787}" = lport=139 | protocol=6 | dir=in | app=system |

"{C8478B54-DA3A-48D0-B8C7-10C7E992FBA5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{CC3A2395-210A-4868-B2EB-FB8CA15E8E5C}" = rport=137 | protocol=17 | dir=out | app=system |

"{CD08C78A-FEB5-4190-8835-54D77FC7BD08}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{D6F78DC7-B3BD-4366-A6A2-8104F4197A09}" = lport=445 | protocol=6 | dir=in | app=system |

"{DAFCBB89-D471-41AD-B722-B087FEC41FFD}" = lport=10243 | protocol=6 | dir=in | app=system |

"{DCEBA485-C228-442E-87C6-DF2672D8BD05}" = lport=7000 | protocol=17 | dir=in | name=windows easy transfer udp port |

"{F3BA5A9C-17FC-4128-9C7C-6D50314770BA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{FE87756E-98F1-4372-BA55-9C12653211F2}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{05A98089-4984-4FA6-83AB-9B7BDA463DD3}" = dir=in | app=c:\users\ram dell 8300\appdata\local\microsoft\skydrive\skydrive.exe |

"{0DDE17CA-9EBB-4D0D-87E2-E9CD5719F553}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |

"{13425713-3FA0-4E7A-98FA-CBE9F99C09FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{1B3DF015-AF11-4445-84E2-EDEF032895C3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{20EEBCDB-7720-4315-9DB2-396435103733}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{22172EC3-DF5F-469B-8F6C-F3F2E0DD2C52}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{2B9DF389-C72F-4059-8330-4C7FFDEC84CA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{306DA17A-12CD-4C2E-B88D-DE789A5D7B8B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{322E851C-FF0F-49F9-8E2A-2640C2093D1D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{33DE444A-F2DE-45CE-84B9-82ACE29BD474}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3BD771FE-C76C-4F20-8EF7-6476BBFBE720}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |

"{3EF7B343-E464-4AC4-8B82-910F8C45B08C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{40FC09DE-B6C9-447A-AB40-BE222EB7D1A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{41673CB6-68BE-4664-81E8-E37C79442C8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4B72DE96-72DC-44F0-9AE4-0A168E143433}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4D3CBFE3-4922-46D1-9812-67AE4B8C1B12}" = protocol=6 | dir=out | app=system |

"{5EABCA1F-6AE0-4345-AF74-0482DA898677}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{61C3D5C9-058F-44D3-8A7B-05A2535C9E55}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{61FC89CF-098C-4A5B-A79B-9D97F048AEE8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{62E60DEF-FCE8-4E6C-93B0-7BCE7660ED56}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{6497DF3F-AB30-4929-AC46-C3CBEAB690C5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{6B8B477B-E5DF-43B5-8A23-37F051D44F91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{6F65758A-666E-4051-A55E-DD62A482D6CC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{711E425F-2386-4763-BC84-FAF91A00D5B3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{7CDE1427-B5C1-4065-9C34-A85464224146}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{835805B9-0D88-4D62-9C96-35AB694C99AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{90910AC8-0AA2-4575-838B-FA7C224AECB6}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{989D0773-39EF-4C39-BB4F-3A6B0367817E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{9AF83998-3DE3-4971-AA00-E8D5BEAEEDAA}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"{9D2D785A-A94E-4C0A-9066-7707CA6621E9}" = protocol=6 | dir=out | app=system |

"{A25C0191-659F-4E38-BBD5-F8154ABDAC5E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{AB922BDD-4478-4785-B7FF-8B261689EA2D}" = protocol=6 | dir=out | app=system |

"{C6113FC9-5BFD-4CC8-8834-55CA6D70B914}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |

"{C80C4578-E2FC-4763-8855-9163F6053E44}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D293CBDD-0343-44C2-B2C4-449B6632D6C7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{E3DC37AA-7910-43DD-B114-1DF60CFC183C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{EA26BA2F-F61D-4AC4-A734-EDB5D61AB333}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{EBA4E583-FE61-4EFE-B94C-C4079E311397}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |

"{ECE4FDCD-AFEC-4CBF-B318-1207602BA40B}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |

"{F52653FB-2B83-49AE-969F-98D1C962EA25}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{FAC9B15F-F8A9-4E70-8561-1818C6BB2192}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"TCP Query User{09C4B75C-7723-4F9F-9975-0AC1ED0F85EF}C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe" = protocol=6 | dir=in | app=c:\program files\sonicwall\sonicwall global vpn client\swgvc.exe |

"TCP Query User{472E6EF0-64BD-4C40-A6EF-DFD2575121A6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"UDP Query User{63783EA6-055B-4D7F-937F-74F944709EE4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"UDP Query User{D73F7C35-5468-46E3-9071-C2D94AB27EF9}C:\program files\sonicwall\sonicwall global vpn client\swgvc.exe" = protocol=17 | dir=in | app=c:\program files\sonicwall\sonicwall global vpn client\swgvc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center

"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series" = Canon MX860 series MP Drivers

"{18A5D014-E9AD-DEFE-FAFE-A409612F51B4}" = AMD Media Foundation Decoders

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{262325FE-E6AA-7D56-9071-453A374086C9}" = ATI AVIVO64 Codecs

"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)

"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)

"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{50BD00DC-127E-BF00-FDD5-E1A93AB3507C}" = ccc-utility64

"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)

"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)

"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)

"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)

"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center

"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)

"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)

"{6B62B973-49F5-4C51-B738-93B56A963417}" = StuffIt Expander 2011

"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)

"{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}" = WD SmartWare

"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)

"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)

"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64

"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{9049851D-76CC-4DCC-B446-4F370C542797}" = SonicWALL Global VPN Client

"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune

"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst

"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)

"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{BB009B20-0BA0-ABDF-1947-4D56639214C7}" = AMD Accelerated Video Transcoding

"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)

"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)

"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)

"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)

"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant

"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)

"{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}" = AMD Catalyst Install Manager

"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64

"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter

"{FA300000-0001-6400-0000-074957833700}" = ABBYY PDF Transformer 3.0

"CCleaner" = CCleaner

"Dell Support Center" = Dell Support Center

"DW WLAN Card Utility" = DW WLAN Card Utility

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"sp6" = Logitech SetPoint 6.51

"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4

"{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC

"{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German

"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact Pro

"{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard

"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese

"{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home

"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional

"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources

"{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish

"{2721795A-75C5-4F34-B2E5-EDC8A0B4C087}" = ScanSnap

"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration

"{2CC5FCAE-51BA-4926-8C2B-4F07E54F6EA3}" = ScanSnap

"{2D83C0A3-EA20-4254-948A-B89B16571F9A}" = SlideShow Expressions

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French

"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery

"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress

"{34C147B6-35DF-467E-B720-2F1B2C7F47F1}" = SugarSync for Outlook

"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic

"{39D06E77-8921-4056-8901-36D0035BAECA}" = Dell Stage

"{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg

"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update

"{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader

"{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian

"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform

"{5158974E-2D28-4018-9335-7694C2974746}" = Fix-It

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek

"{55E63724-2BFE-49BC-B03E-9BE0F62E18C2}" = ScanSnap Organizer

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform

"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter

"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn

"{79E06DF1-24FE-11E1-913F-F04DA23A5C58}" = DVD Architect Studio 5.0

"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety

"{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish

"{7D5F8291-24FE-11E1-BCE5-F04DA23A5C58}" = MSVCRT Redists

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish

"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{830A965B-A880-42DF-B204-2A7D253F7B25}" = Rack2-Viewer (This application may be deleted by deleting Rack2-Filer)

"{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish

"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions

"{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = Catalyst Control Center

"{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian

"{8DCD0779-8811-4060-9227-871E2FD48E45}" = CardMinder V4.1

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage

"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch

"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer

"{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common

"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B1975E3-F7AA-4424-BD43-D1DA28F78A58}" = Adobe Update Manager CS4

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai

"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro

"{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish

"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay

"{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian

"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA

"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch

"{AC76BA86-1033-F400-BA7E-000000000004}_953" = Adobe Acrobat 9.5.3 - CPSID_83708

"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)

"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime

"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime

"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail

"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share

"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD

"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1" = iolo technologies' System Mechanic Professional

"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials

"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer

"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO

"{C50BA5AB-6459-4104-9EEC-A1D72B962D2C}" = ScanSnap

"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common

"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common

"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents

"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO

"{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D18A468F-B94F-11E0-A9FF-001320F83A25}" = MSVCRT Redists

"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer

"{D4F2AFD3-0167-4464-B92F-78AB6DA8A0AA}" = CardMinder

"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM

"{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All

"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common

"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup

"{D94C2031-1C03-11E1-BAD7-F04DA23A5C58}" = Vegas Movie Studio HD Platinum 11.0

"{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}" = ScanSnap Manager

"{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech

"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"{DDF94F8B-1239-4612-A8B3-AA425F013726}" = Adobe Setup

"{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0B2CF40-1C03-11E1-9165-F04DA23A5C58}" = MSVCRT Redists

"{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English

"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding

"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage

"{E58F3B88-3B3E-4F85-9323-04789D979C15}" = ScanSnap Organizer

"{E639E6B1-E93C-48DC-9882-7FE06398180A}" = Rack2-Filer

"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker

"{EE4CA5AF-4A55-418C-8CB8-74435814207B}" = LogMeIn

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy

"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter

"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger

"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement

"{F5EB26E8-0EF6-4AF0-9D43-D2B7E0D9D63C}" = Broken Shortcut Fixer

"{FB400000-0002-0000-0000-074957833700}" = ABBYY FineReader for ScanSnap 4.1

"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery

"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE

"ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe_bdaf081c056f11a250e72a7a345a96c" = Adobe Update Manager CS4

"avast" = avast! Free Antivirus

"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility

"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool

"CanonMyPrinter" = Canon Utilities My Printer

"CanonSolutionMenu" = Canon Utilities Solution Menu

"ClubWPT" = ClubWPT

"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition

"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX

"ERUNT_is1" = ERUNT 1.1j

"ESET Online Scanner" = ESET Online Scanner v3

"Free Window Registry Repair" = Free Window Registry Repair

"Geekbench 2.4" = Geekbench 2.4

"iKnowMed Support Applications" = iKnowMed Support Applications

"InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact Pro

"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader

"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100

"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1

"Office14.SingleImage" = Microsoft Office Professional 2010

"PokerStars.net" = PokerStars.net

"Professor Answers" = Professor Answers

"Professor Teaches Access 2007" = Professor Teaches Access 2007

"Professor Teaches Excel 2007" = Professor Teaches Excel 2007

"Professor Teaches Excel 2007 Advanced" = Professor Teaches Excel 2007 Advanced

"Professor Teaches Internet Explorer 8" = Professor Teaches Internet Explorer 8

"Professor Teaches Outlook 2007" = Professor Teaches Outlook 2007

"Professor Teaches PowerPoint 2007" = Professor Teaches PowerPoint 2007

"Professor Teaches PowerPoint 2007 Advanced" = Professor Teaches PowerPoint 2007 Advanced

"Professor Teaches Publisher 2007" = Professor Teaches Publisher 2007

"Professor Teaches Windows 7" = Professor Teaches Windows 7

"Professor Teaches Windows 7 Advanced" = Professor Teaches Windows 7 Advanced

"Professor Teaches Word 2007" = Professor Teaches Word 2007

"Professor Teaches Word Advanced 2007" = Professor Teaches Word Advanced 2007

"Secunia PSI" = Secunia PSI (2.0.0.4003)

"SpywareBlaster_is1" = SpywareBlaster 4.6

"SugarSync" = SugarSync

"WinLiveSuite" = Windows Live Essentials

"Wondershare Video Converter Ultimate_is1" = Wondershare Video Converter Ultimate(Build 6.0.1.0)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"1674365274.office.microsoft.com" = Interactive Publisher menu to ribbon guide

"1677788759.office.microsoft.com" = Interactive Excel menu to ribbon guide

"1811948404.office.microsoft.com" = Interactive OneNote menu to ribbon guide

"2295245087.office.microsoft.com" = Interactive Word menu to ribbon guide

"3260018631.office.microsoft.com" = Interactive PowerPoint menu to ribbon guide

"3867980560.office.microsoft.com" = Interactive Outlook menu to ribbon guide

"bd4d3a0508d364f5" = Dell Driver Download Manager

"GoToMeeting" = GoToMeeting 5.1.0.880

"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 11/3/2012 3:34:20 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0x1e44 Faulting application start time: 0x01cdb9f9fdf8922b Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: 76040bc1-25ed-11e2-b4f8-180373dba8ab

Error - 11/3/2012 3:36:14 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0x474 Faulting application start time: 0x01cdb9fa73800bd9 Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: b9e9b763-25ed-11e2-b4f8-180373dba8ab

Error - 11/3/2012 3:39:18 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0xaf4 Faulting application start time: 0x01cdb9fa8aeeecaf Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: 27a49e15-25ee-11e2-b4f8-180373dba8ab

Error - 11/3/2012 3:49:50 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0x1678 Faulting application start time: 0x01cdb9faf11ede3a Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: a0582fe0-25ef-11e2-b4f8-180373dba8ab

Error - 11/3/2012 3:50:48 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0x1fa8 Faulting application start time: 0x01cdb9fc72b929b3 Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: c2e3c57e-25ef-11e2-b4f8-180373dba8ab

Error - 11/3/2012 3:57:54 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0x14d0 Faulting application start time: 0x01cdb9fd1f0a193e Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: c0d1c745-25f0-11e2-b4f8-180373dba8ab

Error - 11/3/2012 4:12:06 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0x690 Faulting application start time: 0x01cdb9fd8917efb8 Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: bcad0781-25f2-11e2-b4f8-180373dba8ab

Error - 11/3/2012 4:12:55 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0x2654 Faulting application start time: 0x01cdb9ff90e84686 Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: d9e6b05e-25f2-11e2-b4f8-180373dba8ab

Error - 11/3/2012 4:13:52 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: Fix-It.exe, version: 12.0.32.9, time stamp:

0x4e456bbf Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0xcbc Faulting application start time: 0x01cdb9ffa66d9fb2 Faulting application path:

C:\Program Files (x86)\Avanquest\Fix-It\Fix-It.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: fbce8986-25f2-11e2-b4f8-180373dba8ab

Error - 11/3/2012 4:14:55 PM | Computer Name = RAMDELL8300-PC | Source = Application Error | ID = 1000

Description = Faulting application name: mxtask2.exe, version: 12.0.32.9, time stamp:

0x4e456b99 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:

0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting process id:

0x5b4 Faulting application start time: 0x01cdb9ee54dbcf2e Faulting application path:

C:\PROGRA~2\AVANQU~1\Fix-It\mxtask2.exe Faulting module path: C:\Windows\system32\MSVCR100.dll

Report

Id: 21868bc9-25f3-11e2-b4f8-180373dba8ab

[ Broadcom Wireless LAN Events ]

Error - 4/13/2012 11:03:43 PM | Computer Name = RAMDELL8300-PC | Source = WLAN-Tray | ID = 0

Description = 20:03:41, Fri, Apr 13, 12 Error - Unable to gain access to user store

[ Media Center Events ]

Error - 1/21/2013 12:44:38 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 8:44:37 PM - Error connecting to the internet. 8:44:38 PM - Unable

to contact server..

Error - 1/21/2013 12:44:46 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 8:44:43 PM - Error connecting to the internet. 8:44:43 PM - Unable

to contact server..

Error - 1/21/2013 1:44:51 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 9:44:51 PM - Error connecting to the internet. 9:44:51 PM - Unable

to contact server..

Error - 1/21/2013 1:44:56 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 9:44:56 PM - Error connecting to the internet. 9:44:56 PM - Unable

to contact server..

Error - 1/21/2013 2:45:01 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 10:45:01 PM - Error connecting to the internet. 10:45:01 PM - Unable

to contact server..

Error - 1/21/2013 2:45:06 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 10:45:06 PM - Error connecting to the internet. 10:45:06 PM - Unable

to contact server..

Error - 1/21/2013 3:45:11 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 11:45:11 PM - Error connecting to the internet. 11:45:11 PM - Unable

to contact server..

Error - 1/21/2013 3:45:16 AM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 11:45:16 PM - Error connecting to the internet. 11:45:16 PM - Unable

to contact server..

Error - 1/21/2013 12:19:43 PM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 8:19:43 AM - Error connecting to the internet. 8:19:43 AM - Unable

to contact server..

Error - 1/21/2013 12:19:51 PM | Computer Name = RAMDELL8300-PC | Source = MCUpdate | ID = 0

Description = 8:19:48 AM - Error connecting to the internet. 8:19:48 AM - Unable

to contact server..

[ System Events ]

Error - 1/23/2013 8:17:41 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7001

Description = The WD Backup service depends on the WD Rules service which failed

to start because of the following error: %%1058

Error - 1/23/2013 8:32:38 PM | Computer Name = RAMDELL8300-PC | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

Error - 1/23/2013 8:33:11 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7001

Description = The WD Backup service depends on the WD Rules service which failed

to start because of the following error: %%1058

Error - 1/23/2013 8:33:25 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7024

Description = The Windows Search service terminated with service-specific error

%%-2147218173.

Error - 1/23/2013 8:33:49 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

FileDisk

Error - 1/23/2013 8:33:49 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7031

Description = The Windows Search service terminated unexpectedly. It has done this

1 time(s). The following corrective action will be taken in 30000 milliseconds:

Restart the service.

Error - 1/23/2013 8:34:19 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7032

Description = The Service Control Manager tried to take a corrective action (Restart

the service) after the unexpected termination of the Windows Search service, but

this action failed with the following error: %%1056

Error - 1/23/2013 8:36:09 PM | Computer Name = RAMDELL8300-PC | Source = DCOM | ID = 10005

Description =

Error - 1/23/2013 8:36:09 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7001

Description = The WD Backup service depends on the WD Rules service which failed

to start because of the following error: %%1058

Error - 1/23/2013 8:48:21 PM | Computer Name = RAMDELL8300-PC | Source = Service Control Manager | ID = 7001

Description = The WD Backup service depends on the WD Rules service which failed

to start because of the following error: %%1058

< End of report >

Link to post
Share on other sites

Security Check

Results of screen317's Security Check version 0.99.57

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 8 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

avast! Antivirus

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

SpywareBlaster 4.6

Secunia PSI (2.0.0.4003)

Malwarebytes Anti-Malware version 1.70.0.1100

Adobe Flash Player 11.5.502.135

Adobe Reader 10.1.5 Adobe Reader out of Date!

Mozilla Firefox (18.0.1)

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

AVAST Software Avast AvastSvc.exe

AVAST Software Avast AvastUI.exe

iolo Common Lib ioloServiceManager.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Older versions of Adobe Reader pose a potential security risk.

De-install your Adobe Reader: Use Control Panel's Program and Features, Un-install Adobe Reader.

Get latest Adobe Reader version

http://get.adobe.com/reader/

Be sure to un-check the box for Free McAfee Security Scan or any "toolbar" (if offered )

Would you run a quick scan with your Avast, and then let me know the result.

I think we can proceed to cleanups & closure on the next round.

Link to post
Share on other sites

Adobe Reader has been updated.

I'm unable to copy and paste the Avast scan results. They have shown repeatedly since installation some Files that can't be scanned. There are four listed. They are all start with

C:Program Files (x86)\Dell DataSafe Local Back\Components\DSUpdate|Update\Updates_LGG_Tag__ini_Update.exe|>

Then finish with

DataSafe_Green.ico

diff_0000001.dif

IRIMG1BMP

IRIMG1JPG

Their status is all

Error:Archive is password protected. (42056)

Newbie111

Link to post
Share on other sites

That's in the Dell datasafe folder. If you decide, you may use Windows Explorer, then go to that folder, and delete those items.

Those are not "active" items in any event, so do not pose a threat.

Your Avast may well be overly touchy.

You should migrate your system to Internet Explorer 9.

We can wrap this up now. I see that you are clear of your original issues.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used. Advise me after you have completed the cleanups.

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

ERUNT you should keep and use periodically to backup Windows registry.

Delete the following if still present:

adwcleaner.exe

TDSSKILLER.exe

Roguekiller.exe

Securitycheck.exe

Safer practices & malware prevention

We are finished here. Best regards. cool.gif

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.