Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

RunDLL errors

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: RunDLL errors

Unread postby wre1712 » June 24th, 2012, 12:15 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK






C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe a variant of Win32/HiddenStart.A application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application
C:\Users\TWE\Downloads\asc-setup.exe a variant of Win32/Toolbar.Widgi application
C:\Users\TWE\Downloads\extractnow.exe Win32/OpenCandy application
C:\Users\TWE\Downloads\sd2-setup220.exe a variant of Win32/Toolbar.Widgi application
C:\Users\TWE\Downloads\SoftonicDownloader_for_samsung-kies.exe Win32/SoftonicDownloader application
C:\Users\TWE\Downloads\XvidSetup (1).exe a variant of Win32/Adware.HotBar.L application
C:\Users\TWE\Downloads\XvidSetup (2).exe a variant of Win32/Adware.HotBar.L application
C:\Users\TWE\Downloads\XvidSetup (3).exe a variant of Win32/Adware.HotBar.L application
C:\Users\TWE\Downloads\XvidSetup.exe a variant of Win32/Adware.HotBar.L application
wre1712
Regular Member
 
Posts: 35
Joined: June 21st, 2012, 11:17 am
Advertisement
Register to Remove

Re: RunDLL errors

Unread postby wre1712 » June 24th, 2012, 12:19 pm

I have noticed the computer is running a lot better than it was.

Is there a problem using advanced system care 5, i liked this program and have it installed on other machines but i will stop using it if needed.

Thanks,
Wayne.
wre1712
Regular Member
 
Posts: 35
Joined: June 21st, 2012, 11:17 am

Re: RunDLL errors

Unread postby pgmigg » June 25th, 2012, 1:56 am

Hello Wayne,
I have noticed the computer is running a lot better than it was.
Good news but stay with me - we still have work to do...
Is there a problem using advanced system care 5, i liked this program and have it installed on other machines but i will stop using it if needed.
Yes, there are a lot of problems related to Advanced System Care.
The IOBit is a software company that mainly creates and markets security software, such as
  • Advanced SystemCare
  • IObit Security 360
  • Smart Defrag
  • Game Booster
  • Random Password Generator
  • IObit Advanced Uninstaller
  • IObit Conduit toolbar
  • ClickTask XSkin
It has been widely reported that after uninstalling their programs a considerable amount of data will be left behind on a computer. Most of them are a rogue security programs known to cause system problems and that had stolen material from other computer security companies to use in their own programs.

Please avoid of using them in the future!

Now let return to our cleanup. :)

Firstly please delete any OTL logs that are on your desktop.

Step 1.
Remove Program
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the word Code: into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click on Entry, if it exists, choose Uninstall, and give permission to Continue:
    Game Booster
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 2.
Run BitRemover
  1. Please download BitRemover.exe and save it on your Desktop.
  2. Right click on BitRemover.exe and select Run As Administrator to run it.
  3. Then please check the following items:
    • IObit Conduit Toolbar
    • IObit Advanced System Care
    • IObit Smart Defrag
    • IObit GameBooster
    and click on Go button.
  4. Then click on Yes button for opened prompt with question "... Are you sure?".
    Note: If it will ask you about search for the right directory, select No button.
  5. Clcik OK button when Done window appeared. Then close BitRemover.
  6. Reboot your computer.

Step 3.
Malwarebytes' Anti-Malware
  1. Please download Malwarebytes' Anti-Malware and save to your desktop.
  2. Right-click mbam-setup.exe And select "Run as administrator..." /b] then follow the prompts to install the program.
  3. At the end, be sure a [b]checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  4. Then click Finish.
  5. If an update is found, it will download and install the latest version.
  6. Once the program has loaded, select Perform Quick Scan, then click Scan.
  7. When the scan is complete, click OK, then Show Results to view the results.
  8. Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  9. When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
  10. The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Step 4.
SystemLook
You should still have SystemLook_x64.exe on your desktop.
  1. Right click on SystemLook_x64.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries into SystemLook's main text entry window:
    Code: Select all
    :filefind
    *IObit*
    *Conduit*
    *SystemCare*
    *Smart Defrag*
    *GameBooster*
    
    :folderfind
    *Conduit*
    *IObit*
    *SystemCare*
    *Smart Defrag*
    *GameBooster*
    
    :Regfind
    IObit
    Smart Defrag
    Conduit
    GameBooster
    
  3. Press the Look button to start the scan.
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Step 5.
Fresh OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please include in your next reply:
  1. Please tell what applications were installed by your wife as you noted?
  2. Do you have any problems executing the instructions?
  3. Contents of the Malwarebyte's log
  4. Contents of the SystemLook.txt log file
  5. Contents of a OTL.txt log file
  6. Contents of a Extras.txt log file
  7. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: RunDLL errors

Unread postby wre1712 » June 25th, 2012, 1:51 pm

Hi pgmigg,

The programs my wife installed are two games by Big Fish Games called Drawn the Painted Tower and Drawn 2 Dark Flight.

I didn't have any problems executing your instructions but in step 1 the Game booster was not on the list of programs.



Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.25.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
TWE :: TWE-PC [administrator]

25/06/2012 16:32:19
mbam-log-2012-06-25 (16-32-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228940
Time elapsed: 2 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\ProgramData\HBLiteSA (Adware.Hotbar) -> Quarantined and deleted successfully.

Files Detected: 10
C:\Users\TWE\Downloads\SoftonicDownloader_for_samsung-kies.exe (PUP.BundleOffer.Downloader.S) -> Quarantined and deleted successfully.
C:\Users\TWE\Downloads\XvidSetup (1).exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\TWE\Downloads\XvidSetup (2).exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\TWE\Downloads\XvidSetup (3).exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\TWE\Downloads\XvidSetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\HBLiteSA\HBLiteSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HBLiteSA\HBLiteSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HBLiteSA\HBLiteSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HBLiteSA\HBLiteSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HBLiteSA\HBLiteSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.

(end)






SystemLook 30.07.11 by jpshortstuff
Log created at 16:48 on 25/06/2012 by TWE
Administrator - Elevation successful

========== filefind ==========

Searching for "*IObit*"
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_store.iobit.com_0.localstorage --a---- 8192 bytes [20:05 15/06/2012] [20:05 15/06/2012] 1F1F709E5F5D80B880C105ABA6622617
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_iobit.mybrowserbar.com_0.localstorage --a---- 7168 bytes [15:53 22/06/2012] [15:53 22/06/2012] 6CC766C1AB5E8DB5B6DCA11FE4E1FE2F
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.iobit.com_0.localstorage --a---- 8192 bytes [08:47 05/06/2012] [20:05 15/06/2012] 84EC4AE4EE0D448EF9ECF2621707DC36

Searching for "*Conduit*"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll --a---- 1206120 bytes [12:44 20/01/2012] [12:44 20/01/2012] 976934130CD5C5DBD2DC977B298DF525
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.resources\PhoneConduit.plist --a---- 11408 bytes [13:33 20/01/2012] [13:33 20/01/2012] AB18CD2A656AE753C30E6276EC3DA0C2
C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage --a---- 9216 bytes [12:56 24/06/2012] [15:04 25/06/2012] 397DADD8EF84B7ACCED3E1A2BA0A084C
C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage --a---- 10240 bytes [12:56 24/06/2012] [15:23 25/06/2012] 22A30C4ED3E22F62C8EBAAF3BE194C3B
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.js --a---- 9052 bytes [18:27 19/01/2012] [11:47 11/01/2012] AF98421711C6CFA73D6720C455D92DAC
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.xpt --a---- 166 bytes [18:27 19/01/2012] [11:47 11/01/2012] 806EA6CC4DCBF88A20AA3331BCDC9918
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.xml --a---- 925 bytes [18:27 19/01/2012] [11:47 11/01/2012] EC559A6ABEC972452F52CFB3A2AA9F7E
C:\_OTL\MovedFiles\06242012_134857\C_Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_apps.conduit.com_0.localstorage --a---- 3072 bytes [14:03 20/05/2012] [14:03 20/05/2012] EAD5E6EADCE6D577E955877D82FD8D38
C:\_OTL\MovedFiles\06242012_134857\C_Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_images.search.conduit.com_0.localstorage --a---- 8192 bytes [10:28 25/05/2012] [07:32 08/06/2012] 05870736C570EBAA2817A3F72F7A2B6D
C:\_OTL\MovedFiles\06242012_134857\C_Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage --a---- 10240 bytes [14:16 20/05/2012] [13:10 23/06/2012] 201530F09F8D7A2B01FD940DCBC98CAF
C:\_OTL\MovedFiles\06242012_134857\C_Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage --a---- 15360 bytes [14:01 20/05/2012] [12:48 23/06/2012] 663329D8D903A7B48494D7628967CBAA

Searching for "*SystemCare*"
No files found.

Searching for "*Smart Defrag*"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Smart Defrag 2.lnk --a---- 1154 bytes [18:31 16/07/2011] [15:40 11/09/2011] 3A7256C0658AB2C856ED2C770B4C1835
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Smart Defrag Home Page.url --a---- 68 bytes [18:31 16/07/2011] [15:40 11/09/2011] 348A2180564B90ECD4BA45F68AC1CDCF
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Uninstall Smart Defrag 2.lnk --a---- 1139 bytes [18:31 16/07/2011] [15:40 11/09/2011] CB8DA78A16F057A1A9C83CD7DADCD258
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Smart Defrag 2.lnk --a---- 1154 bytes [18:31 16/07/2011] [15:40 11/09/2011] 3A7256C0658AB2C856ED2C770B4C1835
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Smart Defrag Home Page.url --a---- 68 bytes [18:31 16/07/2011] [15:40 11/09/2011] 348A2180564B90ECD4BA45F68AC1CDCF
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Uninstall Smart Defrag 2.lnk --a---- 1139 bytes [18:31 16/07/2011] [15:40 11/09/2011] CB8DA78A16F057A1A9C83CD7DADCD258

Searching for "*GameBooster*"
C:\_OTL\MovedFiles\06232012_123944\C_Program Files (x86)\IObit\Game Booster\GameBooster.exe --a---- 4119896 bytes [18:31 16/07/2011] [13:51 15/06/2011] E29440BB2B5E6444DD46B82CB919CBEF
C:\_OTL\MovedFiles\06232012_123944\C_ProgramData\IObit\Game Booster\GameBooster.ini --a---- 4232 bytes [18:31 16/07/2011] [11:25 23/06/2012] E89E1F8A591F0C4C3C2C22B1B1481683

========== folderfind ==========

Searching for "*Conduit*"
C:\_OTL\MovedFiles\06242012_134857\C_Program Files (x86)\Conduit d------ [18:27 19/01/2012]
C:\_OTL\MovedFiles\06242012_134857\C_Users\TWE\AppData\Local\Conduit d------ [18:27 19/01/2012]
C:\_OTL\MovedFiles\06242012_134857\C_Users\TWE\AppData\LocalLow\Conduit d------ [18:27 19/01/2012]

Searching for "*IObit*"
C:\_OTL\MovedFiles\06232012_123944\C_Program Files (x86)\IObit d------ [15:42 20/04/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Program Files (x86)\IObit\IObit Malware Fighter d------ [18:31 16/07/2011]
C:\_OTL\MovedFiles\06232012_123944\C_ProgramData\IObit d------ [15:44 20/04/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\Default\AppData\Roaming\IObit d------ [08:24 04/06/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\Mcx1-TWE-PC\AppData\Roaming\IObit d------ [13:46 21/08/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\IObit d------ [15:42 20/04/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\IObit\IObit Malware Fighter d------ [18:31 16/07/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\IObit\IObit Uninstaller d------ [18:09 17/06/2012]
C:\_OTL\MovedFiles\06232012_123944\C_Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit d------ [16:12 01/04/2012]

Searching for "*SystemCare*"
C:\_OTL\MovedFiles\06232012_123944\C_Program Files (x86)\IObit\Advanced SystemCare 4 d------ [15:42 20/04/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Program Files (x86)\IObit\Advanced SystemCare 5 d------ [15:37 01/04/2012]
C:\_OTL\MovedFiles\06232012_123944\C_ProgramData\IObit\Advanced SystemCare V4 d------ [15:44 20/04/2011]
C:\_OTL\MovedFiles\06232012_123944\C_ProgramData\IObit\Advanced SystemCare V5 d------ [15:37 01/04/2012]
C:\_OTL\MovedFiles\06232012_123944\C_Users\Default\AppData\Roaming\IObit\Advanced SystemCare V4 d------ [08:24 04/06/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\Mcx1-TWE-PC\AppData\Roaming\IObit\Advanced SystemCare V4 d------ [13:46 21/08/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\IObit\Advanced SystemCare V4 d------ [15:42 20/04/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\IObit\Advanced SystemCare V5 d------ [15:36 01/04/2012]
C:\_OTL\MovedFiles\06232012_123944\C_Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V5 d------ [16:12 01/04/2012]

Searching for "*Smart Defrag*"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2 d------ [18:31 16/07/2011]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2 d------ [18:31 16/07/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Program Files (x86)\IObit\Smart Defrag 2 d------ [18:31 16/07/2011]
C:\_OTL\MovedFiles\06232012_123944\C_Users\TWE\AppData\Roaming\IObit\Smart Defrag 2 d------ [18:31 16/07/2011]

Searching for "*GameBooster*"
No folders found.

========== Regfind ==========

Searching for "IObit"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BB81440-5F42-4480-A5F7-770A6F439FC8}\InprocServer32]
@="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\0\win64]
@="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\HELPDIR]
@="C:\Program Files (x86)\IObit\IObit Malware Fighter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\0\win64]
@="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\HELPDIR]
@="C:\Program Files (x86)\IObit\IObit Malware Fighter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB2446710~31bf3856ad364e35~amd64~~6.1.1.3]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2446710-x64.cab_temp\244BA2FC-A078-4B14-AD2A-5A77D4871A48\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB2478662~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2478662-x64.cab_temp\82E99EE1-B062-49DF-BD6E-599A4E24EDBB\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB2488113~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2488113-x64.cab_temp\253270B0-9FFB-4F41-B713-7057B13229D7\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB2709981~31bf3856ad364e35~amd64~~6.1.2.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 5\KB2709981.cab_Temp\989657EF-47B0-4C53-B968-43E64C78CBBC\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_2_for_KB2446710~31bf3856ad364e35~amd64~~6.1.1.3]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2446710-x64.cab_temp\244BA2FC-A078-4B14-AD2A-5A77D4871A48\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_2_for_KB2478662~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2478662-x64.cab_temp\82E99EE1-B062-49DF-BD6E-599A4E24EDBB\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_2_for_KB2488113~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2488113-x64.cab_temp\253270B0-9FFB-4F41-B713-7057B13229D7\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_2_for_KB2607576~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2607576-x64.cab_temp\53294827-8E11-4FE6-917B-5C924483CC9A\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_4_for_KB2446710~31bf3856ad364e35~amd64~~6.1.1.3]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2446710-x64.cab_temp\244BA2FC-A078-4B14-AD2A-5A77D4871A48\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_4_for_KB2478662~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2478662-x64.cab_temp\82E99EE1-B062-49DF-BD6E-599A4E24EDBB\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_4_for_KB2488113~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2488113-x64.cab_temp\253270B0-9FFB-4F41-B713-7057B13229D7\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_5_for_KB2488113~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2488113-x64.cab_temp\253270B0-9FFB-4F41-B713-7057B13229D7\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_5_for_KB2607576~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2607576-x64.cab_temp\53294827-8E11-4FE6-917B-5C924483CC9A\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2446710_SP1~31bf3856ad364e35~amd64~~6.1.1.3]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2446710-x64.cab_temp\244BA2FC-A078-4B14-AD2A-5A77D4871A48\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2446710~31bf3856ad364e35~amd64~~6.1.1.3]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2446710-x64.cab_temp\244BA2FC-A078-4B14-AD2A-5A77D4871A48\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2478662_SP1~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2478662-x64.cab_temp\82E99EE1-B062-49DF-BD6E-599A4E24EDBB\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2478662~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2478662-x64.cab_temp\82E99EE1-B062-49DF-BD6E-599A4E24EDBB\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2488113_RTM~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2488113-x64.cab_temp\253270B0-9FFB-4F41-B713-7057B13229D7\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2488113_SP1~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2488113-x64.cab_temp\253270B0-9FFB-4F41-B713-7057B13229D7\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2488113~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2488113-x64.cab_temp\253270B0-9FFB-4F41-B713-7057B13229D7\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2607576_RTM~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2607576-x64.cab_temp\53294827-8E11-4FE6-917B-5C924483CC9A\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2607576_SP1~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2607576-x64.cab_temp\53294827-8E11-4FE6-917B-5C924483CC9A\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2607576~31bf3856ad364e35~amd64~~6.1.1.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 4\SecurityHoles_Download\temp\windows6.1-kb2607576-x64.cab_temp\53294827-8E11-4FE6-917B-5C924483CC9A\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2709981_SP1~31bf3856ad364e35~amd64~~6.1.2.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 5\KB2709981.cab_Temp\989657EF-47B0-4C53-B968-43E64C78CBBC\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB2709981~31bf3856ad364e35~amd64~~6.1.2.0]
"InstallLocation"="\\?\C:\Program Files (x86)\IObit\Advanced SystemCare 5\KB2709981.cab_Temp\989657EF-47B0-4C53-B968-43E64C78CBBC\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\0\win64]
@="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\HELPDIR]
@="C:\Program Files (x86)\IObit\IObit Malware Fighter"

Searching for "Smart Defrag"
No data found.

Searching for "Conduit"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966]
"A977DA8BAD2856347A0DDAD3FC5CC5FF"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB1E579405BE28F46B2E7AAE9534B564]
"A977DA8BAD2856347A0DDAD3FC5CC5FF"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.resources\PhoneConduit.plist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit]

Searching for "GameBooster"
No data found.

-= EOF =-






OTL logfile created on: 6/25/2012 5:07:52 PM - Run 3
OTL by OldTimer - Version 3.2.51.0 Folder = C:\Users\TWE\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.86 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 64.31% Memory free
7.73 Gb Paging File | 6.08 Gb Available in Paging File | 78.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 319.57 Gb Free Space | 70.86% Space Free | Partition Type: NTFS

Computer Name: TWE-PC | User Name: TWE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/22 17:07:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\TWE\Desktop\OTL.exe
PRC - [2012/06/18 18:44:31 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/06/05 09:26:06 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012/05/24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\TWE\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/01/04 07:07:40 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/01/04 07:07:30 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/02/22 10:52:12 | 000,182,784 | ---- | M] (Ideazon, Inc.) -- C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
PRC - [2011/01/17 19:08:58 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:08:58 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2011/01/13 19:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 19:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 19:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/01/13 19:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/11/01 23:02:12 | 000,522,736 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/07/01 21:10:26 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/07/01 21:10:22 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/29 21:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/06/24 23:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/24 13:54:49 | 000,115,137 | ---- | M] () -- C:\Users\TWE\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll
MOD - [2012/06/24 13:54:24 | 000,112,318 | ---- | M] () -- C:\Users\TWE\AppData\Local\Temp\acc98a83-4789-42d6-8c8f-ba0c09eb1879\CliSecureRT.dll
MOD - [2012/06/18 18:44:31 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/06/15 07:14:51 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 22:35:30 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\063174e87d258ef1db040cbfbdd4cd31\PresentationFramework.ni.dll
MOD - [2012/06/14 22:35:16 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\984f8802a334d2ae862b66bf71332c10\PresentationCore.ni.dll
MOD - [2012/06/14 22:35:12 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d55bed00e3d36b0db5bd3994c77fe850\System.Windows.Forms.ni.dll
MOD - [2012/06/14 22:35:06 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\697786bb51408d41d980263d90a56d03\WindowsBase.ni.dll
MOD - [2012/06/14 22:35:04 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9abdaeea6a61127606bbc324d9177579\System.Drawing.ni.dll
MOD - [2012/06/14 22:22:32 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 22:22:07 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 22:21:47 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/06/05 09:26:06 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012/05/10 09:04:19 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0189f9fb0ff0476b570aeadfc036ddd6\System.Management.ni.dll
MOD - [2012/05/10 08:56:43 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\367837cb7f83c9e52f09278f4e6c3ccd\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 08:56:34 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f91c92735c4a913143a0914c8cb531f2\System.Xaml.ni.dll
MOD - [2012/05/10 08:54:19 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/10 07:46:59 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/10 07:46:42 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
MOD - [2012/05/10 07:46:42 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.Wrapper.dll
MOD - [2012/05/10 07:46:41 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/10 07:46:41 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
MOD - [2012/05/10 07:46:07 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
MOD - [2012/05/10 07:45:56 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/10 07:45:50 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 07:45:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 07:45:46 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 07:45:40 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/09 21:26:45 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\fd52e266873de847aea40b1d0715e0bb\PresentationFramework.Aero.ni.dll
MOD - [2012/05/09 21:23:55 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\500ffaf6258746eaf0bfc333ab534a51\System.Core.ni.dll
MOD - [2012/05/09 21:23:50 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b54a85f8f8f5ac297357c80b95834a90\System.Xml.ni.dll
MOD - [2012/05/09 21:23:44 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\360d70391adff56f1d029b1a538d2431\System.ni.dll
MOD - [2012/05/09 21:23:39 | 014,415,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\97d737762adec957a2d7c80fafb4703a\mscorlib.ni.dll
MOD - [2012/01/04 07:07:40 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/16 10:37:48 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/02/16 13:38:44 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Ideazon\ZEngine\AxWBOCXLib.dll
MOD - [2011/01/13 19:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2011/01/13 19:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/01/13 19:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2011/01/13 19:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2011/01/13 19:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2011/01/13 19:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2011/01/13 19:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2011/01/13 19:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2011/01/13 19:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2011/01/13 19:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2010/11/20 05:12:59 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/01 23:02:12 | 000,522,736 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010/08/30 10:34:12 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2009/07/14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/05 17:26:38 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2010/03/05 17:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 17:06:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2010/01/23 03:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/12/29 21:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/11/18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/06/05 09:26:06 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/01/13 19:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/12/23 16:39:43 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/04 08:15:22 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/09/04 08:14:26 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/07/01 21:10:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/07/01 21:10:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/04/10 20:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/10/27 02:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011/10/27 02:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 02:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011/10/27 02:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/10/27 02:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 02:25:42 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/10/27 02:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/10/27 02:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/05/07 20:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/07 11:44:32 | 000,321,584 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/08 21:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/31 04:58:06 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/03/31 04:58:06 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/03/31 04:58:06 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/31 04:58:06 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/03/31 04:58:06 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/03/19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/18 07:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2010/03/04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/23 03:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/01/23 02:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/12/22 18:18:50 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/07/23 07:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/03/20 09:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham264.sys -- (Alpham2)
DRV:64bit: - [2006/11/01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{F29800FF-99A2-4B70-847E-083AAE212520}: "URL" = http://www.bing.com/search?q={searchTerms}&amp;form=DLCDF8&amp;pc=MDDC&amp;src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{49B7F2CE-FDF9-41CA-9C51-A4D3F7E44427}: "URL" = http://www.bing.com/search?q={searchTerms}&amp;form=DLCDF8&amp;pc=MDDC&amp;src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.co.uk/ [binary data]
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dell.uk.msn.com/
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A 37 00 41 0B 52 CD 01 [binary data]
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\..\SearchScopes\{3AA8C0BC-DB80-44AB-A3FC-8A4C52CC8237}: "URL" = http://uk.search.yahoo.com/search?fr=ch ... =642886&p={searchTerms}
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\TWE\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\TWE\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\TWE\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\TWE\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/12 09:02:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/24 12:47:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/05 09:26:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/06/05 09:23:17 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2786678
CHR - default_search_provider: suggest_url = http://search.conduit.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\TWE\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\TWE\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\TWE\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\TWE\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\TWE\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Users\TWE\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: WiseConvert 2.2 = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllaobobdmgmnafkbkdjnkebbaopjofd\2.3.9.0_0\
CHR - Extension: Christmas Mahjong = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmebaamjdfjkhaaifophgklodieiflm\1.0.0.1_0\
CHR - Extension: Halloween Mahjong = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielpieklegnicibpoklcphmbonpbdknd\1.0.0.1_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: AVG Safe Search = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: Zombie Pandemic = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkicdgidnfmdfnhhllffoplpaldkljl\1_0\
CHR - Extension: AVG Do Not Track = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Marc Ecko = C:\Users\TWE\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Zboard] C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Mcx1-TWE-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\TWE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\TWE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\TWE\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\TWE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/troubleshoo ... /pcd86.cab (Launcher Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADFB36DF-143C-4071-BE54-F19A29810210}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1f876407-c640-11e0-aa4c-c0cb38bf9380}\Shell - "" = AutoRun
O33 - MountPoints2\{1f876407-c640-11e0-aa4c-c0cb38bf9380}\Shell\AutoRun\command - "" = E:\DTVP_Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/25 16:29:44 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\Malwarebytes
[2012/06/25 16:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/25 16:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/25 16:29:31 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/25 16:29:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/06/25 16:23:31 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\TWE\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/25 16:08:37 | 000,110,080 | ---- | C] (Thomas Hoen - T-Tools) -- C:\Users\TWE\Desktop\BitRemover.exe
[2012/06/25 09:25:45 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2012/06/23 07:54:32 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/23 07:54:32 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/23 07:54:31 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/23 07:54:11 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/23 07:54:11 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/23 07:54:11 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/23 07:53:53 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/23 07:53:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/22 17:15:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/22 17:07:45 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\TWE\Desktop\OTL.exe
[2012/06/21 17:00:37 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drawn - The Painted Tower
[2012/06/21 17:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drawn - The Painted Tower
[2012/06/21 17:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Drawn - The Painted Tower
[2012/06/21 16:43:26 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drawn - Dark Flight
[2012/06/21 16:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drawn - Dark Flight
[2012/06/21 16:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Drawn - Dark Flight
[2012/06/21 15:48:04 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\SparkTrust
[2012/06/21 15:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SparkTrust
[2012/06/18 18:44:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/06/18 17:15:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/06/18 15:34:21 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\ERS G-Studio
[2012/06/18 15:31:47 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PuppetShow - Mystery of Joyville
[2012/06/18 15:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuppetShow - Mystery of Joyville
[2012/06/18 15:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PuppetShow - Mystery of Joyville
[2012/06/15 21:52:57 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/06/15 21:52:57 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/06/14 13:31:00 | 000,918,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/14 13:31:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/14 13:30:52 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/06/14 13:30:50 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/14 13:30:50 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/14 13:30:49 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/14 13:30:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/14 13:30:49 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/14 13:30:49 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/14 13:30:02 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/14 13:30:02 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/14 13:30:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/14 13:29:58 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/14 13:29:57 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/14 13:29:56 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/14 13:29:50 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/14 13:29:44 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/14 13:29:43 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/12 09:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/06/11 12:44:16 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/06/10 09:16:41 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\FixCleaner
[2012/06/10 09:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FixCleaner
[2012/06/10 09:16:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012/06/05 09:37:04 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\WildTangent
[2012/06/05 09:26:11 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Local\AVG Secure Search
[2012/06/05 09:13:23 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\SpeedyPC Software
[2012/06/05 09:13:23 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Roaming\DriverCure
[2012/06/05 09:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/05/31 07:46:00 | 000,000,000 | ---D | C] -- C:\Users\TWE\AppData\Local\Ideazon,_Inc

========== Files - Modified Within 30 Days ==========

[2012/06/25 16:52:30 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/25 16:52:30 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/25 16:50:47 | 000,727,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/25 16:50:47 | 000,629,326 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/25 16:50:47 | 000,111,220 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/25 16:48:03 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1198342920-2546925730-1615197809-1001UA.job
[2012/06/25 16:44:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/25 16:44:00 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/25 16:29:32 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/25 16:25:10 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\TWE\Desktop\mbam-setup-1.61.0.1400.exe
[2012/06/25 16:08:31 | 000,110,080 | ---- | M] (Thomas Hoen - T-Tools) -- C:\Users\TWE\Desktop\BitRemover.exe
[2012/06/25 09:53:46 | 100,686,497 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/22 17:22:52 | 000,165,376 | ---- | M] () -- C:\Users\TWE\Desktop\SystemLook_x64.exe
[2012/06/22 17:07:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\TWE\Desktop\OTL.exe
[2012/06/18 18:29:32 | 000,113,461 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjw.avm
[2012/06/15 21:52:57 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/06/15 21:52:57 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/06/15 07:12:04 | 000,348,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/14 22:18:21 | 000,007,607 | ---- | M] () -- C:\Users\TWE\AppData\Local\Resmon.ResmonCfg
[2012/06/05 09:34:46 | 000,625,911 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2012/06/05 09:24:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/06/05 08:50:52 | 000,001,049 | ---- | M] () -- C:\Users\TWE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/02 23:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/02 23:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/02 23:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/02 23:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/02 23:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/02 23:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe

========== Files Created - No Company Name ==========

[2012/06/25 16:29:32 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/22 17:22:50 | 000,165,376 | ---- | C] () -- C:\Users\TWE\Desktop\SystemLook_x64.exe
[2012/06/14 22:18:21 | 000,007,607 | ---- | C] () -- C:\Users\TWE\AppData\Local\Resmon.ResmonCfg
[2012/05/27 13:25:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/04/01 17:26:33 | 000,735,726 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/21 17:19:10 | 000,000,042 | ---- | C] () -- C:\Users\TWE\jagex_cl_runescape_LIVE.dat
[2012/03/21 17:19:10 | 000,000,024 | ---- | C] () -- C:\Users\TWE\random.dat
[2011/11/28 08:51:24 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/11/28 08:51:24 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/10/31 12:22:42 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/10/31 12:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 12:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 12:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 12:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/08/21 14:46:28 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/07/12 15:22:55 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011/07/07 20:59:36 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2011/07/07 20:59:36 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010/12/23 18:06:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/23 17:46:10 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/23 16:28:19 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin

< End of report >
wre1712
Regular Member
 
Posts: 35
Joined: June 21st, 2012, 11:17 am

Re: RunDLL errors

Unread postby wre1712 » June 25th, 2012, 1:52 pm

OTL Extras logfile created on: 6/25/2012 5:07:52 PM - Run 3
OTL by OldTimer - Version 3.2.51.0 Folder = C:\Users\TWE\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.86 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 64.31% Memory free
7.73 Gb Paging File | 6.08 Gb Available in Paging File | 78.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 319.57 Gb Free Space | 70.86% Space Free | Partition Type: NTFS

Computer Name: TWE-PC | User Name: TWE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075F2566-5724-476B-9E71-C7808FD22203}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{105B168C-FF3F-4E17-9BAA-DD3E8BD56E93}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{190A9F03-6AA4-409E-BF24-1037B124400B}" = rport=137 | protocol=17 | dir=out | app=system |
"{29521103-572F-4617-BF3D-E82CE1D5BECC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2BFAC249-E0AD-4651-92E6-81CF878741E2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2D0B135F-04B2-473F-98DB-8660059EA255}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2D396743-ED5F-4F28-9FF3-F61E88C00ADC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B5F887F-1AD4-4573-A3D2-86FB6B7634A7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BA72674-90BF-4393-BE33-6C0364E36873}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{462AEC24-68A3-4BCD-AAAA-7B2B5154AB29}" = rport=445 | protocol=6 | dir=out | app=system |
"{476B390E-D004-4F71-96B1-15A745F18D02}" = rport=10243 | protocol=6 | dir=out | app=system |
"{537689E5-7A22-4817-92A4-515B53E10724}" = lport=138 | protocol=17 | dir=in | app=system |
"{5B4A11A8-F553-4C7C-A498-F571DBB2839A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5BBB76BA-8DC6-49AC-9EC7-248C89311A15}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5CAC59A3-7A56-46F4-939B-E6440226BE38}" = lport=10244 | protocol=6 | dir=in | app=system |
"{60E416B3-A6A7-4CE9-B949-9538B6724544}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{6C52D676-0D19-4B0E-BAA9-97B9069CAA99}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{77849B28-0D58-4855-B5D4-B9F6B96616CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{786E0923-964D-4724-8838-78BF8E90AFB9}" = lport=137 | protocol=17 | dir=in | app=system |
"{7AFDF53E-3710-4ADE-8378-C7C33BDDB910}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7ED547C7-EE2B-4621-BAF6-E4B02738F236}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7EDB1B11-851C-4AE0-9EAA-94270EF9B1CC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7F3B5215-265B-4D84-B68D-C98A4CA89411}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FC18907-6CE0-4ED2-90F7-E7F39CE89F31}" = rport=139 | protocol=6 | dir=out | app=system |
"{87140CFE-480F-4AE2-9FF4-B179AC25D68B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{90D7E207-FC1B-4E4B-82B9-152217BE1B9F}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9169DB9A-2122-4A40-8286-C18E769B1EA2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{996FC9AE-EF3B-4CEE-B10E-E6F900BA3D09}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{9D8C11D8-A1B9-4BCA-A358-24E7465265BC}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A8708ED1-5C0C-4AD5-9B3F-249EAD6FA886}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1C9F615-C52D-4D32-9D00-8F3084F5F01A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD25BD4F-2219-432E-BA63-9CA642BBFD8A}" = lport=10244 | protocol=6 | dir=in | app=system |
"{C299864A-383C-42AE-9023-A4EA747BD466}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C3B671BF-4D71-45E7-863B-2BFB45CA7B2D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C699941B-B277-4981-B0FC-AD4900C76423}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA2E289F-F001-44EC-BC9B-BF0E41E3872A}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CD8296FE-018D-492D-853B-1638ADA7084D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CDF40C5F-8B32-4C78-B287-61A08DF73191}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2253B56-9683-4229-87CC-11EC38C410D4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D4F4BC85-0C02-4E73-8C9F-1D9AD659193F}" = lport=3390 | protocol=6 | dir=in | app=system |
"{D6D73E4D-DBA6-46FB-8121-FDAD50D0EE0D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D895F252-4AE4-44C7-8CF7-B52751523747}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DCD96901-CA0C-47B2-90CC-D780EDC6E217}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E1DEA8B7-A523-4DED-862C-B2E425991222}" = lport=445 | protocol=6 | dir=in | app=system |
"{EAE7DC6A-83BC-44C5-98CD-16B686723912}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F0E56AD1-49EE-4D57-9177-6EAC6D4EB2E4}" = lport=139 | protocol=6 | dir=in | app=system |
"{FD9CFD19-3125-4691-8A30-72563FCD7E0E}" = rport=138 | protocol=17 | dir=out | app=system |
"{FF2CA074-ED30-4039-87BB-4E9EFE8262CA}" = lport=3390 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03A4CD6B-732E-4AE0-88FD-4F076417ED49}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0440E923-11BE-4497-A4EB-E93531CAE983}" = protocol=17 | dir=in | app=c:\users\twe\appdata\roaming\dropbox\bin\dropbox.exe |
"{0C11241A-24C8-4717-BF38-5C89DA41BC85}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{0FECDD14-8C5B-4BFC-B2F6-EA1B3C1C655A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1036FAB7-429E-4FBF-AAD3-A360EC92F7EA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{10F80260-DF76-43E2-BF36-B265A2A78A41}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{1423A1DF-A109-4B31-A02F-7A1C3C1B0C7E}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe |
"{1D905618-4B82-496D-88B0-42DC8659CDB2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1DADD8DD-1092-4CE8-88EC-D50E0DCB1C6A}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{2326D503-8E0D-4900-A55C-E75675B1E1E8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A181D1D-673A-470E-BB4C-810B9B39F9B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A996FD4-5976-4EF8-A046-6E1EFDE32674}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2C2B4E88-F9F1-47C3-9BE3-533004DA5D34}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{2C45EB19-FD79-46B8-B2BF-625A0CFBE96F}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{2E4AB1DB-5A59-441B-801D-42E6ACCAC185}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3344572F-73A6-43B8-9CF6-83FEDE7CCBA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3822D448-8FD0-44B6-BC68-7C90074B21C0}" = protocol=6 | dir=in | app=c:\users\twe\appdata\local\temp\blizzard installer bootstrap - 007e8383\installer.exe |
"{3B8A50C4-E197-45BB-8CAF-2F12CB3895D2}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{3D5F3102-A878-4C61-B948-E65E81CE24D8}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{3D6FAF46-4FFE-405B-B3CF-01BBFBD41B42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4144F9A2-B5E5-4EC7-BC13-889F4A93BF61}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{455EFB60-DBD3-4F21-87BE-1EF839390FC2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{47C6C33E-532A-4B6A-90AF-26B0E59E533A}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{4BEC8CF2-2A6F-4ADC-9A98-78333D331DD9}" = protocol=6 | dir=in | app=c:\users\twe\appdata\roaming\dropbox\bin\dropbox.exe |
"{4C91B049-A7F6-4D18-B1C6-4723EF1B5E4D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{50A9A79F-E0C2-4561-A7AC-ECE64EC8D2A9}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{52BBB545-6EFA-4E51-9D78-3E5E32675C75}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{547493B5-CDED-4704-BE00-FB6BFA2B0ED9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55A4BDE3-9670-4E4D-8F04-877D2BA9790A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{58B02193-778D-40C0-98F3-CA8EEB347A10}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5E1160DE-C261-49B0-9D66-5C64F63AA6BC}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{61E265D8-1E98-41C1-A9BB-F865E9A367AA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A6DB018-24CA-4D87-ABE1-760AB6A16311}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{6DA69A1B-F3CB-4A5D-B17C-9CBB42E7BF5F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{6E3B62A3-D2A1-4682-9949-2D748BEAA839}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{6FA9C820-C87C-40ED-83DE-D686D483C257}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{738EBE8E-B99B-442E-AF34-EC02CAA0DFBF}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{7572BE28-097F-48F2-B7DE-FB317647515C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CF290D6-F3E0-40F3-B53B-7D5DFD24E0B1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{7E4B14E6-7550-4CE2-9195-72C7D1B0A1F6}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{7E874F4B-E893-4CC6-A821-3195D2236533}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{8226E182-116A-4A7A-B558-C682D3B82915}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe |
"{82B93D23-07B9-4BCE-8995-34AF59ECE94E}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{84C21972-0DEA-42C0-9696-B39841DF999C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{86A7EA77-4130-42DA-AB89-9170F19B2A7F}" = protocol=17 | dir=in | app=c:\users\twe\appdata\local\temp\blizzard installer bootstrap - 007e8383\installer.exe |
"{8AFDE061-BC8A-46B6-9483-11EA549CA656}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8B9651CD-1E08-460A-931F-B773D23DE61D}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{91CC4783-81AF-4782-A263-FE87AD1F527D}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{99EF8217-A7EC-4873-B7AE-9704DAC4FA30}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9BB491E1-3230-41C8-A893-623CB326BE72}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"{9C2AE4CD-6E8B-4917-9716-3C71E625A477}" = protocol=17 | dir=in | app=c:\users\twe\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{A4410279-E160-4CC1-8E61-CE1E00C1514D}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{A8F124DD-CE51-409A-9843-920235F511F1}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{AAE2E1AF-79FE-4C03-90FA-5F43A7FE87B9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{AB33BA95-73C2-4DBC-BE9C-C2FE7D28C9EA}" = protocol=6 | dir=in | app=c:\users\twe\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{B3299B98-15D9-4A6F-812B-8E80ECC28204}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{B7FB6541-F155-4DC9-8A9F-86F3518E0C11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B9692B20-D2FB-42FA-AFE7-118EBAA4D7F2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE6A06B9-034F-45D4-85B9-1C2DFA4B01D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C20A50ED-3A49-4A0A-AC87-84A861BC953E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C24A1BA6-44EE-415F-BFC9-BB3EF09B2A3E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{C691ABEB-4887-49B1-BE17-D4C4B41BE672}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C8BC25ED-D073-4828-A188-25DFFF66B46A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D6B27BBB-094D-4ADF-B82A-5CDC7BE7FEED}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{DE403A1B-03B8-4129-B5E4-9EA0C7F613CD}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DE9CA7EB-21A6-486C-8D1D-5FC5C7997D73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E2596321-3720-4348-A4C1-870A6A14802D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{E288ACE8-C42C-4F0E-BCE2-F1906E41E941}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E2A0B881-E583-487E-B2A1-583FFF92DAC0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4287D70-2E7D-4A73-87FB-A46F95E7D5EE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E430BADB-5B66-49F6-8044-E16037B98229}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"{E877BAEE-211B-4894-8BBC-9D97F87E2863}" = protocol=6 | dir=out | app=system |
"{EC11D28C-03D9-4071-95F3-2B519480D410}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{ED245862-E050-4343-A759-1BD2E424FB77}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{EDA94CA0-A9E0-4B5F-829E-34C8D9400BB0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{EDD51933-E6A5-4E6A-967C-844B8E0B2D4F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EFD0E301-2FA7-48C3-AC48-30B05937D11E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F3072FCD-2B9D-45D7-827D-7318530C0C5B}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{FD65CCF1-DB82-4BF3-AA7E-03307E6B4DEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1A33F021-4EE7-4A8F-82E3-7BDB884C507E}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{1B857405-B997-4673-98E7-5C3B1989BD28}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{4003C46C-A0F8-4E9B-A1C5-2216323E6750}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{56B526CB-952B-44C7-B6EE-8FBDE52AAFA3}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{6406A379-D908-48AA-8EEA-ED864CBC78E7}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{794E62A1-A02E-4CB0-81C3-4A3BF453EB77}C:\users\twe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\twe\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{EB3058CD-6DEE-4F26-9085-8A44042714A9}C:\program files (x86)\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{18020D56-4B90-4314-9E36-B885BB2CDC1F}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{33F7C647-1FC9-4F49-952D-D2D64A3C0CC7}C:\program files (x86)\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{608CEBD5-4867-4CCF-AE8F-7BCB5CF127AA}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{61669C92-6073-428B-B2A4-AEDC80E7AA40}C:\users\twe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\twe\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{680313A0-13EF-4C3B-BE23-E2DCBF8E0254}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{9344D491-B90F-48D6-B580-9E7C710D2D58}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{B5695A83-4881-471E-9FF0-72635BE37D97}C:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Intel(R) PROSet/Wireless WiFi Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{3B6074E5-5823-9363-851C-25F9DDB1E477}" = ccc-utility64
"{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012
"{49A4F76E-4285-4AEE-9D5D-9CCE5E86AA8F}" = AVG 2012
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"AVG" = AVG 2012
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1170BEDA-359C-4202-A5BF-CCA919E7B917}" = CCC Help Danish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19DE6032-D3EE-D664-FA63-452431599161}" = CCC Help Norwegian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24BBD0E3-4579-9EF5-6081-DE56129D093A}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{39EFAC6A-639E-3CE3-2B62-EF8518AD8326}" = CCC Help Chinese Traditional
"{3ED3BC2E-141A-BFB0-D48C-E8DDA3A461E7}" = ccc-core-static
"{44E1DE63-C8FA-4C70-B4AA-0C49A947ACDE}" = Sid Meier's Railroads!
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{57B21E43-056F-9E58-8774-20E8A89B5347}" = CCC Help English
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}" = Z Engine
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65A30A52-B4CA-006E-8750-8366C9693C77}" = CCC Help Russian
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66C5E9B6-2D87-D7E8-9B8F-BFCAD7105AD1}" = Catalyst Control Center Graphics Previews Common
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F3AB64A-CC2D-C533-C5CD-30420E2DC578}" = Skins
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78AE5FAE-C641-311B-9CC8-CEBB87FAF795}" = CCC Help Japanese
"{7BCA9417-A611-CC28-9471-6250EC9666EB}" = Catalyst Control Center Graphics Full Existing
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{82AF3E91-57E1-4754-84D0-40A46E2479AB}" = OpenOffice.org 3.3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C28F118-03B5-4756-F83C-C31C851D1FF3}" = CCC Help Chinese Standard
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9013B370-99D4-404B-9DB9-779B51CEB5FF}" = LeapFrog My Pals Plugin
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95E58BA1-2E10-B49E-283C-3C170C098149}" = CCC Help Dutch
"{9635D462-1B39-E171-BA1C-32A036572251}" = CCC Help Spanish
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A4147C0B-A939-B87E-A6AB-71837A52AFEC}" = Catalyst Control Center Core Implementation
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8ACDFFF-093C-8898-E1B8-9388277CD805}" = CCC Help Portuguese
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B47669BF-36B7-B33B-69C9-A2E7AAA36017}" = CCC Help German
"{C52D6FF6-308B-2395-72EE-CA72216F8618}" = CCC Help Korean
"{C5422D6A-6CC4-82CA-C28F-249DC0C846B5}" = Catalyst Control Center Graphics Full New
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEC73671-6AFB-CC2B-203B-2A00E8901755}" = Catalyst Control Center Graphics Previews Vista
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7058431-BC8D-71B7-136F-6FFA32C5C7C2}" = CCC Help Swedish
"{D9962211-375A-38C7-8A4D-E6B13D1CA9F2}" = Google Talk Plugin
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECBA603F-259F-9C33-85DE-0D7E3FCAB407}" = CCC Help Finnish
"{EE14D3B8-D4A6-EEC6-A37E-FC77CBF6A5FE}" = CCC Help Italian
"{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}" = Sid Meier's Railroads!
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26E3E58-D6E5-3C61-7A7C-20D61017C26A}" = CCC Help French
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"{FB9F4BEA-283B-18FA-3DA4-B757214528F3}" = Catalyst Control Center Localization All
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE6D5F28-4C11-4197-66CA-48AA4AECD833}" = Catalyst Control Center Graphics Light
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"BFG-Abra Academy - Returning Cast" = Abra Academy : Returning Cast
"BFG-Awakening - The Dreamless Castle" = Awakening: The Dreamless Castle
"BFGC" = Big Fish Games: Game Manager
"BFG-Drawn - Dark Flight" = Drawn: Dark Flight &reg;
"BFG-Drawn - The Painted Tower" = Drawn: The Painted Tower ™
"BFG-Mystery Case Files - Dire Grove" = Mystery Case Files &reg;: Dire Grove ™
"BFG-Mystery Case Files - Ravenhearst" = Mystery Case Files: Ravenhearst &reg;
"BFG-Mystery Trackers - The Void" = Mystery Trackers: The Void
"BFG-PuppetShow - Mystery of Joyville" = PuppetShow: Mystery of Joyville ™
"BFG-Sherlock Holmes and the Hound of the Baskervilles" = Sherlock Holmes and the Hound of the Baskervilles
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"D-Fend Reloaded" = D-Fend Reloaded 1.1.0 (deinstall)
"ExtractNow_is1" = ExtractNow
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MyPalsPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"RealPlayer 15.0" = RealPlayer
"Shockwave" = Shockwave
"UPCShell" = LeapFrog Connect
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"ZMBV" = Zip Motion Block Video codec (Remove Only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BingoLinerUK" = BingoLinerUK
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/16/2012 1:12:01 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/16/2012 1:12:01 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3104

Error - 6/16/2012 1:12:01 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3104

Error - 6/16/2012 1:12:02 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/16/2012 1:12:02 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4118

Error - 6/16/2012 1:12:02 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4118

Error - 6/16/2012 1:12:03 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/16/2012 1:12:03 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5117

Error - 6/16/2012 1:12:03 PM | Computer Name = TWE-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5117

Error - 6/21/2012 2:08:06 AM | Computer Name = TWE-PC | Source = Application Error | ID = 1000
Description = Faulting application name: sftservice.EXE, version: 1.0.82.66, time
stamp: 0x4ceb9cf0 Faulting module name: STString.dll, version: 1.1.0.5, time stamp:
0x47e11d41 Exception code: 0xc0000005 Fault offset: 0x00003ba8 Faulting process id:
0x824 Faulting application start time: 0x01cd4f74250b732e Faulting application path:
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE Faulting module
path: C:\Program Files (x86)\Dell DataSafe Local Backup\STString.dll Report Id:
7747008c-bb67-11e1-acbc-c0cb38bf9380

[ Dell Events ]
Error - 6/7/2012 2:54:30 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/10/2012 4:08:35 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/10/2012 4:08:35 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/14/2012 2:53:13 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/14/2012 2:53:13 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/18/2012 2:50:17 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/18/2012 2:50:17 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/23/2012 8:42:02 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/23/2012 8:42:02 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/25/2012 11:20:48 AM | Computer Name = TWE-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ Media Center Events ]
Error - 11/8/2011 10:13:19 AM | Computer Name = TWE-PC | Source = MCUpdate | ID = 0
Description = 14:13:19 - Error connecting to the internet. 14:13:19 - Unable
to contact server..

Error - 11/8/2011 10:13:28 AM | Computer Name = TWE-PC | Source = MCUpdate | ID = 0
Description = 14:13:24 - Error connecting to the internet. 14:13:24 - Unable
to contact server..

[ System Events ]
Error - 6/25/2012 11:18:28 AM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The PnP-X IP Bus Enumerator service depends on the Function Discovery
Provider Host service which failed to start because of the following error: %%1058

Error - 6/25/2012 11:18:30 AM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the Function
Discovery Provider Host service which failed to start because of the following error:
%%1058

Error - 6/25/2012 11:20:05 AM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058

Error - 6/25/2012 11:21:18 AM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The PnP-X IP Bus Enumerator service depends on the Function Discovery
Provider Host service which failed to start because of the following error: %%1058

Error - 6/25/2012 11:43:27 AM | Computer Name = TWE-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll


Error - 6/25/2012 11:44:38 AM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The PnP-X IP Bus Enumerator service depends on the Function Discovery
Provider Host service which failed to start because of the following error: %%1058

Error - 6/25/2012 11:44:40 AM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The Media Center Extender Service service depends on the Function
Discovery Provider Host service which failed to start because of the following error:
%%1058

Error - 6/25/2012 11:46:46 AM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058

Error - 6/25/2012 11:47:28 AM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The PnP-X IP Bus Enumerator service depends on the Function Discovery
Provider Host service which failed to start because of the following error: %%1058

Error - 6/25/2012 12:00:10 PM | Computer Name = TWE-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058


< End of report >
wre1712
Regular Member
 
Posts: 35
Joined: June 21st, 2012, 11:17 am

Re: RunDLL errors

Unread postby pgmigg » June 26th, 2012, 2:03 am

Hello Wayne,

Good work! Your logs look much better. :)
We need to run one more fix, once done let me know if you are experiencing any problems now.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Copy and Paste the following code into the Image text box. Do not include the word Code
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
    IE - HKLM\..\SearchScopes,DefaultScope = 
    IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\..\SearchScopes,DefaultScope = 
    
    :Files
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
    C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
    C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\DSUpdate\hstart.exe
    C:\Users\TWE\Downloads\asc-setup.exe
    C:\Users\TWE\Downloads\extractnow.exe
    C:\Users\TWE\Downloads\sd2-setup220.exe
    C:\Users\TWE\Downloads\SoftonicDownloader_for_samsung-kies.exe
    C:\Users\TWE\Downloads\XvidSetup (1).exe
    C:\Users\TWE\Downloads\XvidSetup (2).exe
    C:\Users\TWE\Downloads\XvidSetup (3).exe
    C:\Users\TWE\Downloads\XvidSetup.exe
    ipconfig /flushdns /c
    
    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
Change Search Engine for Google Chrome
  1. Please open your Google Chrome browser and click on wrench icon at the right upper corner.
  2. Select Settings from opened menu.
  3. Under Search control label select Google as your default Search Engine.
  4. Close the browser.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Please give me an update on your computer performance.

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: RunDLL errors

Unread postby wre1712 » June 26th, 2012, 12:24 pm

Hi pgmigg,

your instructions have been very easy to follow and i haven't had any problems executing them.

The computer is preforming like new again thanks to your help.






All processes killed
========== PROCESSES ==========
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-1198342920-2546925730-1615197809-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2 folder moved successfully.
File\Folder C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2 not found.
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe moved successfully.
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe moved successfully.
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe moved successfully.
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\DSUpdate\hstart.exe moved successfully.
C:\Users\TWE\Downloads\asc-setup.exe moved successfully.
C:\Users\TWE\Downloads\extractnow.exe moved successfully.
C:\Users\TWE\Downloads\sd2-setup220.exe moved successfully.
File\Folder C:\Users\TWE\Downloads\SoftonicDownloader_for_samsung-kies.exe not found.
File\Folder C:\Users\TWE\Downloads\XvidSetup (1).exe not found.
File\Folder C:\Users\TWE\Downloads\XvidSetup (2).exe not found.
File\Folder C:\Users\TWE\Downloads\XvidSetup (3).exe not found.
File\Folder C:\Users\TWE\Downloads\XvidSetup.exe not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\TWE\Desktop\cmd.bat deleted successfully.
C:\Users\TWE\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mcx1-TWE-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: TWE
->Temp folder emptied: 785592 bytes
->Temporary Internet Files folder emptied: 11343566 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 197950646 bytes
->Flash cache emptied: 2340 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 128988 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50132 bytes
RecycleBin emptied: 254740 bytes

Total Files Cleaned = 201.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.51.0 log created on 06262012_160104

Files\Folders moved on Reboot...
C:\Users\TWE\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
wre1712
Regular Member
 
Posts: 35
Joined: June 21st, 2012, 11:17 am

Re: RunDLL errors

Unread postby pgmigg » June 26th, 2012, 1:36 pm

Hello Wayne,
The computer is preforming like new again thanks to your help.
Nice to hear it! :D
Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps

Your Adobe Reader 9.5.1, Internet Explorer 8, and Java 6.22, 6.31 are out of date.

Step 1.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the word Code: into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Adobe Reader 9.5.1
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 31
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 2.
Latest Java Installation Needed!

Attention: Print these instructions or copy them. You will be closing your browser!!

DOWNLOAD LATEST VERSION
  1. Get the latest version (7u5) of Java Runtime Environment (JRE)... © Sun Microsystems, Inc.
  2. Click the "Download JRE" button to the right.
  3. Check "Accept License Agreement "
  4. Locate the entry for Windows x64, click on the associated file name, then save the file to your Desktop.

INSTALL Java
  1. Close all open applications (standard), especially your browser.
  2. From Desktop please right-click on jre-7u5-windows-x64.exe select "Run As Administrator..." to install the newest version.
  3. Follow the on-screen directions. When installation is completed successfully, please reboot your computer normally.
  4. Once the computer has been restarted, you can delete the "downloaded" installation file from your desktop.

OPTIONAL:
To prevent some unnecessary JAVA components from running when you boot your computer each time...
  1. Go to Control Panel and click on the JAVA icon.
  2. Press the Update tab and UNCHECK "Check for Updates Automatically". (You can check for updates manually.)
      Reply "Never Check" to the warning prompt.
  3. Now press the Advanced tab. Press the [+] to expand the "Miscellaneous" options.
  4. UNCHECK "Java Quick Starter".
  5. Press Apply and OK, then close the Java Control Panel and exit Control Panel.

Step 3.
Update Adobe Reader
Your version of Adobe Reader is out-of-date. There are serious security issues with older versions of Adobe Reader.
I'm not asking you to update any Adobe Acrobat installation... this can be quite costly. I am going to insist that you update your Adobe Reader software.
Then use the Reader for viewing PDF files - you can use the Acrobat software for your other needs.

Please download the current version of Adobe Reader...Copyright © Adobe Systems Inc.
Please UNCHECK the box for the: Free McAfee® Security Scan Plus.
  1. Click the yellow Download now button. If you don't already have Adobe DLM... you may receive a prompt.
    Adobe DLM software removal instructions available here, if wanted.
  2. The Adobe installer will check your system and begin the installation process. Use the default installation parameters.
  3. When the installation is complete, please Close and re-open your Internet browser.

Adobe Reader X - recommended (safety) program settings
When the program is open, click on Edit and select Preferences. In the categories below, use these settings:
  • Javascript - Uncheck Enable Acrobat Javascript.
  • Security (Enhanced) - Uncheck Automatically trust sites from my Win OS security zones.
  • Secure Trust Manager- Uncheck Allow opening of non-PDF file attachments with external applications.

Step 4.
OTL - Run Fix Script
You should still have OTL on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image text box. Do not include the word Code
    Code: Select all
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 5.
OTL - Cleanup
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.


Step 6.
Please don't forget to
  1. Delete BitRemover.exe from your desktop.
  2. Update Wundows including Internet Explorer from version 8 to 9 as well as MS Office products. Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
    To update Windows, go to Start -> All Programs -> Windows Update -> Check for updates.
  3. Enable all your defense software!

Finally, please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: RunDLL errors

Unread postby wre1712 » June 27th, 2012, 2:33 pm

Hi pgmigg,

Thank you for all your help fixing my computer.

My Java control panel doesn't have a update tab so i have skipped that part for now,
wre1712
Regular Member
 
Posts: 35
Joined: June 21st, 2012, 11:17 am

Re: RunDLL errors

Unread postby pgmigg » June 29th, 2012, 12:33 am

Hello Wayne,
Thank you for all your help fixing my computer.
You are very welcome! :)
My Java control panel doesn't have a update tab so i have skipped that part for now
This issue was optional and don't worry about it...

Stay Safe! ;)
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: RunDLL errors

Unread postby deltalima » July 2nd, 2012, 10:53 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 284 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware