Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please help!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Please help!

Unread postby gh_braz » January 24th, 2013, 8:50 pm

My computer is running v.......e.......r........y slowly, I would say averaging 2 minutes to respond to a single click. Sometimes its ok, but usually very slow. It also randomly talks or plays music. We have to keep the speakers turned off or down when we aren't using it. We also are gettig virus warnings VERY often from AVG.

Here are the logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16446
Run by Hazel at 19:05:29 on 2013-01-23
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSr64.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
C:\WINDOWS\RAVCpl64.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files (x86)\Dell Remote Access\ezi_ra.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\AVG\AVG10\avgscana.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\microsoft office\office12\winword.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: Produtools Manuals 2.1 Toolbar: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll
mURLSearchHooks: Produtools Manuals 2.1 Toolbar: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Produtools Manuals 2.1 Toolbar: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Produtools Manuals 2.1 Toolbar: {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Produtools Manuals 2.1 Toolbar: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [ROC_ROC_JAN2013_AV] C:\Users\Hazel\AppData\Roaming\AVG January 2013 Campaign\ROC_JAN2013_AV.exe /PROMPT --mid ee94020792e04c77828ba6280d7a5a33-9a335b0557442f6a3671bcb4ace487d48292b106
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [Launcher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/produ ... wsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/softwa ... Plugin.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{C6C0FCE6-C792-4115-B5D4-4B90E56384CF} : DHCPNameServer = 192.168.254.254 192.168.254.254
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - K:\Quickbooks\HelpAsyncPluggableProtocol.dll
Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} -
Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] RAVCpl64.exe
x64-Run: [Skytel] Skytel.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - LocalServer32 - <no file>
x64-Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - <orphaned>
x64-Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - LocalServer32 - <no file>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R? BBSvc;Bing Bar Update Service
R? clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? gupdate1ca6bd69e15fac4;Google Update Service (gupdate1ca6bd69e15fac4)
R? JLTECH0227;Dual Mode Camera
R? LVRS64;Logitech RightSound Filter Driver
R? LVUVC64;Logitech QuickCam S5500(UVC)
R? PCD5SRVC{048DBD20-445E8C82-05040104};PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver
R? PerfHost;Performance Counter DLL Host
R? SkypeUpdate;Skype Updater
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AERTFilters;Andrea RT Filters Service
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSEH;AVGIDSEH
S? AVGIDSFilter;AVGIDSFilter
S? Avgldx64;AVG AVI Loader Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BBUpdate;BBUpdate
S? DockLoginService;Dock Login Service
S? FontCache;Windows Font Cache Service
S? IntcHdmiAddService;Intel(R) High Definition Audio HDMI
S? LVPr2M64;Logitech LVPr2M64 Driver
S? LVPrcS64;Process Monitor
S? PxHlpa64;PxHlpa64
S? RtNdPt60;Realtek NDIS Protocol Driver
S? SftService;SoftThinks Agent Service
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-01-09 03:57:49 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 03:57:49 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-12 09:47:46 312160 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
.
============= FINISH: 0:36:18.24 ===============

AND


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 7/7/2009 12:57:32 PM
System Uptime: 1/21/2013 7:29:43 PM (53 hours ago)
.
Motherboard: Dell Inc. | | 0M017G
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz | CPU 1 | 2003/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 684 GiB total, 470.631 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 6.494 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is FIXED (NTFS) - 1397 GiB total, 1392.213 GiB free.
L: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0003
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter
PNP Device ID: ROOT\*ISATAP\0003
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
8500A909_eDocs
8500A909_Help
8500A909a
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
AVG 2011
Batch Update
Bible Data Type System Files
Bing Bar
BPD_DSWizards
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Choice Guard
Common System Files
Coupon Printer for Windows
Dell-eBay
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Remote Access
Dell Support Center
Dell Video Chat
DELL0703
Destination Component
DeviceDiscovery
DocMgr
DocProc
e-Sword
Fax
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
GPBaseService2
Graphical Query Editor
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 13 (64-bit)
Java(TM) 6 Update 26
Junk Mail filter update
Kids Cam Show and Share Creativity Center
Libronix Digital Library System
Libronix DLS Application
Libronix DLS Shortcuts
LibronixUpdate
LLS Resource Driver
Logitech Webcam Software
Logitech Webcam Software Driver Package
MarketResearch
MicroDicom 0.5.4
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
MPM
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Network64
OCR Software by I.R.I.S. 12.0
OEB Resource Driver
Officejet Pro 8500 A909 Series
PDF Resource Driver
Pearl Harbor Attack Attack!
PowerDVD DX
ProductContext
Produtools Manuals 2.1 Toolbar
QuickBooks
QuickBooks Pro 2009
QuickTime
RealPlayer
Realtek Ethernet Network Card Diagnostic tool for Windows Vista
Realtek High Definition Audio Driver
RealUpgrade 1.0
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
SampleTestInstall
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Sentence Diagramming
Shop for HP Supplies
Sibelius Scorch (ActiveX Only)
Skype Click to Call
Skype™ 5.10
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Status
SupportSoft Assisted Service
Toolbox
TrayApp
Uninstall Dual Mode Camera
Unity Web Player
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio 2008 x64 Redistributables
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Mobile Device Updater Component
Yahoo! BrowserPlus 2.9.8
Yahoo! Toolbar
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== End Of File ===========================
gh_braz
Active Member
 
Posts: 6
Joined: January 23rd, 2013, 7:57 pm
Advertisement
Register to Remove

Re: Please help!

Unread postby deltalima » January 25th, 2013, 6:26 pm

checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Please help!

Unread postby deltalima » January 25th, 2013, 6:34 pm

Hi gh_braz,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please let me know what QuickBooks Pro 2009 is used for.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Please help!

Unread postby gh_braz » January 25th, 2013, 7:06 pm

Quick Books Pro 2009 isn't actually used on this machine at all. I purchased it when I bought the pc thinking that I would sometime in the near future use it for a bookkeeping business. I haven't started that business. I believe I started opening a 'company' in QB for my church's missions books (I volunteer for that), but it is much easier to just use excel because there is a very low volume of transactions.

I'll post the other logs you requested shortly.

Thank you!
gh_braz
Active Member
 
Posts: 6
Joined: January 23rd, 2013, 7:57 pm

Re: Please help!

Unread postby deltalima » January 25th, 2013, 7:08 pm

OK, please post the OTL logs when ready.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Please help!

Unread postby gh_braz » January 25th, 2013, 7:51 pm

Here you go:

OTL logfile created on: 1/25/2013 6:30:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hazel\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.87 Gb Total Physical Memory | 0.45 Gb Available Physical Memory | 5.66% Memory free
7.78 Gb Paging File | 2.44 Gb Available in Paging File | 31.41% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.58 Gb Total Space | 468.79 Gb Free Space | 68.58% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 6.49 Gb Free Space | 43.29% Space Free | Partition Type: NTFS
Drive K: | 1397.26 Gb Total Space | 1388.36 Gb Free Space | 99.36% Space Free | Partition Type: NTFS

Computer Name: BRAZELL-PC | User Name: Hazel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Hazel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - K:\e-Sword.exe (Rick Meyers)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
PRC - C:\Program Files (x86)\Dell Remote Access\ezi_ra.exe (Dell Inc.)
PRC - c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\663112d3002034cf5126be253efff60d\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll ()
MOD - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\WINDOWS\SysWOW64\vsspell6.ocx ()
MOD - C:\WINDOWS\SysWOW64\vsthes6.ocx ()


========== Services (SafeList) ==========

SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV:64bit: - (AERTFilters) -- C:\Windows\SysNative\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
SRV - (hnmsvc) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\DRIVERS\RtNdPt60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (Packet) -- C:\Windows\SysNative\DRIVERS\packet.sys (SingleClick Systems)
DRV:64bit: - (e1express) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (JLTECH0227) -- C:\Windows\SysNative\Drivers\jl2005c.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV - (Packet) -- C:\WINDOWS\SysWOW64\drivers\packet.sys (SingleClick Systems)
DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_enUS341
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_enUS341
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dell.msn.com/
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_enUS341
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\SearchScopes\{BAD51D68-7966-42A4-B4BA-19D587005685}: "URL" = http://search.avg.com/?d=4dc94f33&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Hazel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Hazel\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/08 21:50:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/12/11 18:02:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/08 21:50:50 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Produtools Manuals 2.1 Toolbar) - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Produtools Manuals 2.1 Toolbar) - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\Toolbar\WebBrowser: (Produtools Manuals 2.1 Toolbar) - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3567418962-859799855-3154529485-1001..\Run: [ROC_ROC_JAN2013_AV] C:\Users\Hazel\AppData\Roaming\AVG January 2013 Campaign\ROC_JAN2013_AV.exe ()
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Gene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/softwa ... Plugin.cab (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6C0FCE6-C792-4115-B5D4-4B90E56384CF}: DhcpNameServer = 192.168.254.254
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\lbxfile - No CLSID value found
O18:64bit: - Protocol\Handler\lbxres - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - K:\Quickbooks\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\lbxfile {56831180-F115-11d2-B6AA-00104B2B9943} - C:\Program Files (x86)\Libronix DLS\System\FileProt.dll File not found
O18 - Protocol\Handler\lbxres {24508F1B-9E94-40EE-9759-9AF5795ADF52} - C:\Program Files (x86)\Libronix DLS\System\ResProt.dll File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Hazel\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Hazel\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 16:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008/10/28 02:29:30 | 000,000,126 | ---- | M] () - K:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/20 16:38:02 | 000,000,000 | ---D | C] -- C:\Users\Hazel\AppData\Roaming\AVG January 2013 Campaign
[2013/01/20 16:36:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG January 2013 Campaign
[2013/01/11 12:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/01/11 12:31:48 | 000,000,000 | ---D | C] -- C:\Users\Hazel\AppData\Local\Conduit
[2013/01/11 12:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Produtools_Manuals_2.1
[2009/07/25 19:00:41 | 008,270,752 | ---- | C] (Dell, Inc. ) -- C:\Users\Hazel\AppData\Roaming\DataSafeDotNet.exe
[28 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/25 17:59:45 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 17:59:45 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 17:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/25 17:48:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/25 15:48:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/25 09:21:15 | 107,614,463 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2013/01/25 04:27:59 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerResumeInstall_Gene.job
[2013/01/24 17:58:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/24 11:43:04 | 000,000,526 | ---- | M] () -- C:\Windows\tasks\ROC_ROC_JAN2013_AV.job
[2013/01/22 18:57:48 | 000,458,777 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2013/01/21 13:21:07 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerResumeInstallLogin_Gene.job
[2013/01/21 13:21:07 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2013/01/20 16:36:58 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\ROC_REG_JAN_DELETE.job
[2013/01/20 16:31:35 | 000,001,987 | ---- | M] () -- C:\Users\Hazel\Desktop\Google Chrome.lnk
[2013/01/20 16:30:57 | 4157,792,255 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/17 22:40:37 | 000,709,536 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/17 22:40:37 | 000,608,644 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/17 22:40:37 | 000,106,146 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/08 22:57:49 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/08 22:57:49 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[28 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/24 11:43:00 | 000,000,526 | ---- | C] () -- C:\Windows\tasks\ROC_ROC_JAN2013_AV.job
[2013/01/20 16:36:58 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\ROC_REG_JAN_DELETE.job
[2013/01/20 16:31:35 | 000,001,987 | ---- | C] () -- C:\Users\Hazel\Desktop\Google Chrome.lnk
[2013/01/20 01:27:50 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerResumeInstallLogin_Gene.job
[2013/01/20 01:27:49 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerResumeInstall_Gene.job
[2011/07/11 16:44:40 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/09/20 19:45:05 | 000,000,680 | ---- | C] () -- C:\Users\Hazel\AppData\Local\d3d9caps.dat
[2009/08/20 22:43:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/07/25 20:14:32 | 000,010,752 | ---- | C] () -- C:\Users\Hazel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2011/11/18 15:55:05 | 000,002,048 | -HS- | M] () -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\@
[2011/11/18 15:55:05 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\L
[2013/01/18 05:02:59 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U
[2013/01/18 05:02:59 | 000,000,928 | ---- | M] () -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U\00000001.@
[2012/10/28 13:18:06 | 000,014,848 | ---- | M] () -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U\80000000.@
[2012/09/23 13:12:38 | 000,025,088 | ---- | M] () -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U\800000cb.@
[2012/06/09 21:57:17 | 000,002,048 | -HS- | M] () -- C:\Users\Hazel\AppData\Local\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\@
[2011/11/18 15:55:05 | 000,000,000 | -HSD | M] -- C:\Users\Hazel\AppData\Local\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\L
[2011/11/18 15:55:05 | 000,000,000 | -HSD | M] -- C:\Users\Hazel\AppData\Local\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U
[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\Hazel\AppData\Local\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\n.

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011/01/21 11:50:13 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:7A36BD6D
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:5D432CE3
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:502D809E

< End of report >


and

OTL Extras logfile created on: 1/25/2013 6:30:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hazel\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.87 Gb Total Physical Memory | 0.45 Gb Available Physical Memory | 5.66% Memory free
7.78 Gb Paging File | 2.44 Gb Available in Paging File | 31.41% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.58 Gb Total Space | 468.79 Gb Free Space | 68.58% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 6.49 Gb Free Space | 43.29% Space Free | Partition Type: NTFS
Drive K: | 1397.26 Gb Total Space | 1388.36 Gb Free Space | 99.36% Space Free | Partition Type: NTFS

Computer Name: BRAZELL-PC | User Name: Hazel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 2E 81 E4 1D 54 24 CA 01 [binary data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{10940C91-59FD-48D4-BE53-1A30A0C3235B}" = AVG 2011
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{624E7452-BA43-4f55-B9D5-FC75EEA0808B}" = Officejet Pro 8500 A909 Series
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6AE1CCC4-E49F-4107-BBCA-7B5984F47AE1}" = Network64
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}" = Logitech Webcam Software
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{E79F3BD0-8BC4-4CE7-9EC9-56C4FB8D3F2F}" = AVG 2011
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2011
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PC-Doctor for Windows" = Dell Support Center
"Shop for HP Supplies" = Shop for HP Supplies
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{053C30EA-D4C6-47A0-8537-8D231D9BE873}" = DELL0703
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini
"{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs
"{19991EAD-C273-47EB-87E8-0D274925230B}" = OEB Resource Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{432A850B-3558-4BFF-B1F9-30626835B523}" = BPD_DSWizards
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C0856B6-6260-4952-8FF5-C79C3FD3AA44}" = e-Sword
"{5F81DD84-6A2F-11D4-903E-00E0293397B7}" = Bible Data Type System Files
"{5F81DD89-6A2F-11D4-903E-00E0293397B7}" = Common System Files
"{5F81DD92-6A2F-11D4-903E-00E0293397B7}" = Libronix Digital Library System
"{5F81DD97-6A2F-11D4-903E-00E0293397B7}" = Libronix DLS Application
"{5F81DD9B-6A2F-11D4-903E-00E0293397B7}" = LibronixUpdate
"{5F81DD9F-6A2F-11D4-903E-00E0293397B7}" = LLS Resource Driver
"{5F81DDA3-6A2F-11D4-903E-00E0293397B7}" = PDF Resource Driver
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72CB5335-6D2A-4207-B811-6CB6C6925039}" = Batch Update
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{A0EFB06D-0C7C-4A85-B1D3-65AF82536A7B}" = Sentence Diagramming
"{A8B87CE9-600A-11D5-888A-005004D128A9}" = Pearl Harbor Attack Attack!
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B495547C-01F8-4836-A2E6-749B5F3EA691}" = 8500A909_Help
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE53BB2F-FD8F-48b9-AC90-207D0D8EE028}" = 8500A909a
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CA0AF735-4583-413E-897F-E91A237EE2E1}" = Libronix DLS Shortcuts
"{CC351B44-5610-43C5-81E6-A2C760CB0A20}" = Graphical Query Editor
"{CD8C5C7F-7C58-4F85-8977-A6C08C087912}" = MPM
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DA8BF070-1358-4a30-A68F-21E0E9421AEF}" = ProductContext
"{E5232150-5F44-4B21-9281-3869C7791B1E}" = SampleTestInstall
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIMars" = Kids Cam Show and Share Creativity Center
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Dell Video Chat" = Dell Video Chat
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"MicroDicom" = MicroDicom 0.5.4
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Produtools_Manuals_2.1 Toolbar" = Produtools Manuals 2.1 Toolbar
"RealPlayer 12.0" = RealPlayer
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3567418962-859799855-3154529485-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/22/2012 12:13:19 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/22/2012 12:13:19 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

Error - 12/24/2012 12:32:45 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/24/2012 12:32:46 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

Error - 12/25/2012 2:49:09 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/25/2012 2:49:09 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

Error - 12/27/2012 12:14:03 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/27/2012 12:14:04 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

Error - 12/29/2012 12:15:04 AM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/29/2012 12:15:04 AM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

[ System Events ]
Error - 1/24/2013 6:59:46 PM | Computer Name = Brazell-PC | Source = DCOM | ID = 10005
Description =

Error - 1/24/2013 6:59:46 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/24/2013 6:59:46 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/24/2013 7:00:47 PM | Computer Name = Brazell-PC | Source = DCOM | ID = 10010
Description =

Error - 1/24/2013 7:01:57 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/24/2013 7:01:57 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/24/2013 7:58:32 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/24/2013 7:58:32 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/24/2013 8:58:19 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/24/2013 8:58:19 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
gh_braz
Active Member
 
Posts: 6
Joined: January 23rd, 2013, 7:57 pm

Re: Please help!

Unread postby gh_braz » January 25th, 2013, 7:51 pm

Here you go:

OTL logfile created on: 1/25/2013 6:30:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hazel\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.87 Gb Total Physical Memory | 0.45 Gb Available Physical Memory | 5.66% Memory free
7.78 Gb Paging File | 2.44 Gb Available in Paging File | 31.41% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.58 Gb Total Space | 468.79 Gb Free Space | 68.58% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 6.49 Gb Free Space | 43.29% Space Free | Partition Type: NTFS
Drive K: | 1397.26 Gb Total Space | 1388.36 Gb Free Space | 99.36% Space Free | Partition Type: NTFS

Computer Name: BRAZELL-PC | User Name: Hazel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Hazel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - K:\e-Sword.exe (Rick Meyers)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
PRC - C:\Program Files (x86)\Dell Remote Access\ezi_ra.exe (Dell Inc.)
PRC - c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\663112d3002034cf5126be253efff60d\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll ()
MOD - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\WINDOWS\SysWOW64\vsspell6.ocx ()
MOD - C:\WINDOWS\SysWOW64\vsthes6.ocx ()


========== Services (SafeList) ==========

SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV:64bit: - (AERTFilters) -- C:\Windows\SysNative\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
SRV - (hnmsvc) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\DRIVERS\RtNdPt60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (Packet) -- C:\Windows\SysNative\DRIVERS\packet.sys (SingleClick Systems)
DRV:64bit: - (e1express) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (JLTECH0227) -- C:\Windows\SysNative\Drivers\jl2005c.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV - (Packet) -- C:\WINDOWS\SysWOW64\drivers\packet.sys (SingleClick Systems)
DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_enUS341
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_enUS341
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dell.msn.com/
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_enUS341
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\SearchScopes\{BAD51D68-7966-42A4-B4BA-19D587005685}: "URL" = http://search.avg.com/?d=4dc94f33&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
IE - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Hazel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Hazel\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/08 21:50:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/12/11 18:02:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/08 21:50:50 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Produtools Manuals 2.1 Toolbar) - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Produtools Manuals 2.1 Toolbar) - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3567418962-859799855-3154529485-1001\..\Toolbar\WebBrowser: (Produtools Manuals 2.1 Toolbar) - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbProd.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3567418962-859799855-3154529485-1001..\Run: [ROC_ROC_JAN2013_AV] C:\Users\Hazel\AppData\Roaming\AVG January 2013 Campaign\ROC_JAN2013_AV.exe ()
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Gene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/softwa ... Plugin.cab (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6C0FCE6-C792-4115-B5D4-4B90E56384CF}: DhcpNameServer = 192.168.254.254
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\lbxfile - No CLSID value found
O18:64bit: - Protocol\Handler\lbxres - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - K:\Quickbooks\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\lbxfile {56831180-F115-11d2-B6AA-00104B2B9943} - C:\Program Files (x86)\Libronix DLS\System\FileProt.dll File not found
O18 - Protocol\Handler\lbxres {24508F1B-9E94-40EE-9759-9AF5795ADF52} - C:\Program Files (x86)\Libronix DLS\System\ResProt.dll File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Hazel\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Hazel\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 16:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008/10/28 02:29:30 | 000,000,126 | ---- | M] () - K:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/20 16:38:02 | 000,000,000 | ---D | C] -- C:\Users\Hazel\AppData\Roaming\AVG January 2013 Campaign
[2013/01/20 16:36:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG January 2013 Campaign
[2013/01/11 12:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/01/11 12:31:48 | 000,000,000 | ---D | C] -- C:\Users\Hazel\AppData\Local\Conduit
[2013/01/11 12:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Produtools_Manuals_2.1
[2009/07/25 19:00:41 | 008,270,752 | ---- | C] (Dell, Inc. ) -- C:\Users\Hazel\AppData\Roaming\DataSafeDotNet.exe
[28 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/25 17:59:45 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 17:59:45 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 17:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/25 17:48:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/25 15:48:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/25 09:21:15 | 107,614,463 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2013/01/25 04:27:59 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerResumeInstall_Gene.job
[2013/01/24 17:58:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/24 11:43:04 | 000,000,526 | ---- | M] () -- C:\Windows\tasks\ROC_ROC_JAN2013_AV.job
[2013/01/22 18:57:48 | 000,458,777 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2013/01/21 13:21:07 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerResumeInstallLogin_Gene.job
[2013/01/21 13:21:07 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2013/01/20 16:36:58 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\ROC_REG_JAN_DELETE.job
[2013/01/20 16:31:35 | 000,001,987 | ---- | M] () -- C:\Users\Hazel\Desktop\Google Chrome.lnk
[2013/01/20 16:30:57 | 4157,792,255 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/17 22:40:37 | 000,709,536 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/17 22:40:37 | 000,608,644 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/17 22:40:37 | 000,106,146 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/08 22:57:49 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/08 22:57:49 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[28 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/24 11:43:00 | 000,000,526 | ---- | C] () -- C:\Windows\tasks\ROC_ROC_JAN2013_AV.job
[2013/01/20 16:36:58 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\ROC_REG_JAN_DELETE.job
[2013/01/20 16:31:35 | 000,001,987 | ---- | C] () -- C:\Users\Hazel\Desktop\Google Chrome.lnk
[2013/01/20 01:27:50 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerResumeInstallLogin_Gene.job
[2013/01/20 01:27:49 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerResumeInstall_Gene.job
[2011/07/11 16:44:40 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/09/20 19:45:05 | 000,000,680 | ---- | C] () -- C:\Users\Hazel\AppData\Local\d3d9caps.dat
[2009/08/20 22:43:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/07/25 20:14:32 | 000,010,752 | ---- | C] () -- C:\Users\Hazel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2011/11/18 15:55:05 | 000,002,048 | -HS- | M] () -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\@
[2011/11/18 15:55:05 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\L
[2013/01/18 05:02:59 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U
[2013/01/18 05:02:59 | 000,000,928 | ---- | M] () -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U\00000001.@
[2012/10/28 13:18:06 | 000,014,848 | ---- | M] () -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U\80000000.@
[2012/09/23 13:12:38 | 000,025,088 | ---- | M] () -- C:\WINDOWS\Installer\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U\800000cb.@
[2012/06/09 21:57:17 | 000,002,048 | -HS- | M] () -- C:\Users\Hazel\AppData\Local\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\@
[2011/11/18 15:55:05 | 000,000,000 | -HSD | M] -- C:\Users\Hazel\AppData\Local\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\L
[2011/11/18 15:55:05 | 000,000,000 | -HSD | M] -- C:\Users\Hazel\AppData\Local\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\U
[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\Hazel\AppData\Local\{7a2b50be-c694-eeaf-2ca8-e81c6445af66}\n.

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011/01/21 11:50:13 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:7A36BD6D
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:5D432CE3
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:502D809E

< End of report >


and

OTL Extras logfile created on: 1/25/2013 6:30:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hazel\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.87 Gb Total Physical Memory | 0.45 Gb Available Physical Memory | 5.66% Memory free
7.78 Gb Paging File | 2.44 Gb Available in Paging File | 31.41% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.58 Gb Total Space | 468.79 Gb Free Space | 68.58% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 6.49 Gb Free Space | 43.29% Space Free | Partition Type: NTFS
Drive K: | 1397.26 Gb Total Space | 1388.36 Gb Free Space | 99.36% Space Free | Partition Type: NTFS

Computer Name: BRAZELL-PC | User Name: Hazel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 2E 81 E4 1D 54 24 CA 01 [binary data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{10940C91-59FD-48D4-BE53-1A30A0C3235B}" = AVG 2011
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{624E7452-BA43-4f55-B9D5-FC75EEA0808B}" = Officejet Pro 8500 A909 Series
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6AE1CCC4-E49F-4107-BBCA-7B5984F47AE1}" = Network64
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}" = Logitech Webcam Software
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{E79F3BD0-8BC4-4CE7-9EC9-56C4FB8D3F2F}" = AVG 2011
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2011
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PC-Doctor for Windows" = Dell Support Center
"Shop for HP Supplies" = Shop for HP Supplies
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{053C30EA-D4C6-47A0-8537-8D231D9BE873}" = DELL0703
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini
"{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs
"{19991EAD-C273-47EB-87E8-0D274925230B}" = OEB Resource Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{432A850B-3558-4BFF-B1F9-30626835B523}" = BPD_DSWizards
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C0856B6-6260-4952-8FF5-C79C3FD3AA44}" = e-Sword
"{5F81DD84-6A2F-11D4-903E-00E0293397B7}" = Bible Data Type System Files
"{5F81DD89-6A2F-11D4-903E-00E0293397B7}" = Common System Files
"{5F81DD92-6A2F-11D4-903E-00E0293397B7}" = Libronix Digital Library System
"{5F81DD97-6A2F-11D4-903E-00E0293397B7}" = Libronix DLS Application
"{5F81DD9B-6A2F-11D4-903E-00E0293397B7}" = LibronixUpdate
"{5F81DD9F-6A2F-11D4-903E-00E0293397B7}" = LLS Resource Driver
"{5F81DDA3-6A2F-11D4-903E-00E0293397B7}" = PDF Resource Driver
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72CB5335-6D2A-4207-B811-6CB6C6925039}" = Batch Update
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{A0EFB06D-0C7C-4A85-B1D3-65AF82536A7B}" = Sentence Diagramming
"{A8B87CE9-600A-11D5-888A-005004D128A9}" = Pearl Harbor Attack Attack!
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B495547C-01F8-4836-A2E6-749B5F3EA691}" = 8500A909_Help
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE53BB2F-FD8F-48b9-AC90-207D0D8EE028}" = 8500A909a
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CA0AF735-4583-413E-897F-E91A237EE2E1}" = Libronix DLS Shortcuts
"{CC351B44-5610-43C5-81E6-A2C760CB0A20}" = Graphical Query Editor
"{CD8C5C7F-7C58-4F85-8977-A6C08C087912}" = MPM
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DA8BF070-1358-4a30-A68F-21E0E9421AEF}" = ProductContext
"{E5232150-5F44-4B21-9281-3869C7791B1E}" = SampleTestInstall
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIMars" = Kids Cam Show and Share Creativity Center
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Dell Video Chat" = Dell Video Chat
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"MicroDicom" = MicroDicom 0.5.4
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Produtools_Manuals_2.1 Toolbar" = Produtools Manuals 2.1 Toolbar
"RealPlayer 12.0" = RealPlayer
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3567418962-859799855-3154529485-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/22/2012 12:13:19 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/22/2012 12:13:19 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

Error - 12/24/2012 12:32:45 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/24/2012 12:32:46 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

Error - 12/25/2012 2:49:09 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/25/2012 2:49:09 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

Error - 12/27/2012 12:14:03 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/27/2012 12:14:04 PM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

Error - 12/29/2012 12:15:04 AM | Computer Name = Brazell-PC | Source = Perflib | ID = 1010
Description =

Error - 12/29/2012 12:15:04 AM | Computer Name = Brazell-PC | Source = Perflib | ID = 1008
Description =

[ System Events ]
Error - 1/24/2013 6:59:46 PM | Computer Name = Brazell-PC | Source = DCOM | ID = 10005
Description =

Error - 1/24/2013 6:59:46 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/24/2013 6:59:46 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/24/2013 7:00:47 PM | Computer Name = Brazell-PC | Source = DCOM | ID = 10010
Description =

Error - 1/24/2013 7:01:57 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/24/2013 7:01:57 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/24/2013 7:58:32 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/24/2013 7:58:32 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/24/2013 8:58:19 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/24/2013 8:58:19 PM | Computer Name = Brazell-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
gh_braz
Active Member
 
Posts: 6
Joined: January 23rd, 2013, 7:57 pm

Re: Please help!

Unread postby gh_braz » January 25th, 2013, 9:56 pm

Sorry! Didn't mean to post that twice. I just thought this thing was ignoring me again.
gh_braz
Active Member
 
Posts: 6
Joined: January 23rd, 2013, 7:57 pm

Re: Please help!

Unread postby deltalima » January 26th, 2013, 10:30 am

Hi gh_braz,

We also are gettig virus warnings VERY often from AVG


Does AVG detect the same virus ever time or different ones?

Please post a sample AVG detection report showing detected virus name and file location.

TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool. Vista - W7 users: Right-click and select "Run As Administrator".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. Click Change parameters
  4. Under Additional Options CHECK Verify file digital signatures
  5. IMPORTANT: Ensure Detect TDLFS file system remains UNCHECKED.
  6. Click Start scan and allow it to scan for Malicious objects.

    • If Malicious objects are detected, the default action will be Cure, ensure SKIP is selected... then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected... then click Continue

    DO NOT change the default actions, other than CURE to SKIP.

  7. You may be asked to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  8. A log will be created on your root drive (usually C:) drive. The log will have a name like Name.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  9. If no reboot is required, click on Report. A log file should appear.
  10. Please post the contents of the log file in your next reply

Now reboot the computer.

Please download GMER Rootkit Scanner from here.
  • Right click the .exe file and select: Run as Administrator. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Please help!

Unread postby gh_braz » January 26th, 2013, 8:50 pm

I can't seem to copy the AVG warning, but it usually says its in "C:\Windows\system32\services.exe" and it says its a "trojan horse patched - C.LZ1"

Here is the TDSS log, but the other one keeps stopping midstream. I'll keep trying to run it and will post if its ever successful. Thanks again.

13:19:14.0084 17060 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:19:16.0097 17060 ============================================================
13:19:16.0097 17060 Current date / time: 2013/01/26 13:19:16.0097
13:19:16.0097 17060 SystemInfo:
13:19:16.0097 17060
13:19:16.0097 17060 OS Version: 6.0.6002 ServicePack: 2.0
13:19:16.0097 17060 Product type: Workstation
13:19:16.0097 17060 ComputerName: BRAZELL-PC
13:19:16.0097 17060 UserName: Hazel
13:19:16.0097 17060 Windows directory: C:\Windows
13:19:16.0097 17060 System windows directory: C:\Windows
13:19:16.0097 17060 Running under WOW64
13:19:16.0097 17060 Processor architecture: Intel x64
13:19:16.0097 17060 Number of processors: 4
13:19:16.0097 17060 Page size: 0x1000
13:19:16.0097 17060 Boot type: Normal boot
13:19:16.0097 17060 ============================================================
13:19:17.0610 17060 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:19:17.0625 17060 Drive \Device\Harddisk6\DR6 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:19:17.0625 17060 ============================================================
13:19:17.0625 17060 \Device\Harddisk0\DR0:
13:19:17.0625 17060 MBR partitions:
13:19:17.0625 17060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1E00000
13:19:17.0625 17060 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E1B800, BlocksNum 0x5572A000
13:19:17.0625 17060 \Device\Harddisk6\DR6:
13:19:17.0625 17060 MBR partitions:
13:19:17.0625 17060 \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA86702
13:19:17.0625 17060 ============================================================
13:19:17.0657 17060 C: <-> \Device\Harddisk0\DR0\Partition2
13:19:17.0703 17060 D: <-> \Device\Harddisk0\DR0\Partition1
13:19:17.0766 17060 K: <-> \Device\Harddisk6\DR6\Partition1
13:19:17.0766 17060 ============================================================
13:19:17.0766 17060 Initialize success
13:19:17.0766 17060 ============================================================
13:20:37.0220 15584 ============================================================
13:20:37.0220 15584 Scan started
13:20:37.0220 15584 Mode: Manual; SigCheck;
13:20:37.0220 15584 ============================================================
13:20:37.0875 15584 ================ Scan system memory ========================
13:20:37.0875 15584 System memory - ok
13:20:37.0875 15584 ================ Scan services =============================
13:20:38.0031 15584 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:20:38.0140 15584 ACPI - ok
13:20:38.0203 15584 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:20:38.0218 15584 AdobeARMservice - ok
13:20:38.0312 15584 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:20:38.0328 15584 AdobeFlashPlayerUpdateSvc - ok
13:20:38.0374 15584 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:20:38.0390 15584 adp94xx - ok
13:20:38.0452 15584 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:20:38.0468 15584 adpahci - ok
13:20:38.0530 15584 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:20:38.0546 15584 adpu160m - ok
13:20:38.0562 15584 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:20:38.0577 15584 adpu320 - ok
13:20:38.0640 15584 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:20:38.0780 15584 AeLookupSvc - ok
13:20:38.0796 15584 [ 0D7A11395C0A33D9E7587CDB9866EFAD ] AERTFilters C:\Windows\system32\AERTSr64.exe
13:20:38.0889 15584 AERTFilters - ok
13:20:38.0967 15584 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
13:20:39.0045 15584 AFD - ok
13:20:39.0092 15584 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:20:39.0108 15584 agp440 - ok
13:20:39.0139 15584 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:20:39.0154 15584 aic78xx - ok
13:20:39.0186 15584 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
13:20:39.0310 15584 ALG - ok
13:20:39.0342 15584 [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide C:\Windows\system32\drivers\aliide.sys
13:20:39.0357 15584 aliide - ok
13:20:39.0373 15584 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
13:20:39.0388 15584 amdide - ok
13:20:39.0420 15584 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:20:39.0466 15584 AmdK8 - ok
13:20:39.0513 15584 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
13:20:39.0591 15584 Appinfo - ok
13:20:39.0622 15584 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
13:20:39.0638 15584 arc - ok
13:20:39.0669 15584 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:20:39.0685 15584 arcsas - ok
13:20:39.0716 15584 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:20:39.0763 15584 AsyncMac - ok
13:20:39.0794 15584 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
13:20:39.0810 15584 atapi - ok
13:20:39.0841 15584 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:20:39.0903 15584 AudioEndpointBuilder - ok
13:20:39.0903 15584 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:20:39.0934 15584 AudioSrv - ok
13:20:40.0184 15584 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
13:20:40.0621 15584 AVGIDSAgent - ok
13:20:40.0668 15584 [ 6AB06C4E99F575B9B5701A33BA9FD19E ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
13:20:40.0683 15584 AVGIDSDriver - ok
13:20:40.0792 15584 [ 0994BA65388C7D5282242D1124FE8373 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
13:20:40.0792 15584 AVGIDSEH - ok
13:20:40.0808 15584 [ BF9EBE32B3827991D2100FCEBCA1AF01 ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
13:20:40.0824 15584 AVGIDSFilter - ok
13:20:40.0870 15584 [ 5D9D7009EDA9338F286730390DBEB5B6 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
13:20:40.0902 15584 Avgldx64 - ok
13:20:40.0917 15584 [ 997D002827D3E3DCBBB25BF46DB161AB ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
13:20:40.0933 15584 Avgmfx64 - ok
13:20:40.0948 15584 [ BCCFE3374C887075CDE2AC8FDB1CB2F8 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
13:20:40.0980 15584 Avgrkx64 - ok
13:20:41.0011 15584 [ 0D49ADCEBE243B79366EA523B647519A ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
13:20:41.0026 15584 Avgtdia - ok
13:20:41.0073 15584 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
13:20:41.0089 15584 avgwd - ok
13:20:41.0136 15584 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:20:41.0151 15584 BBSvc - ok
13:20:41.0198 15584 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:20:41.0229 15584 BBUpdate - ok
13:20:41.0245 15584 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:20:41.0292 15584 blbdrive - ok
13:20:41.0370 15584 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:20:41.0416 15584 bowser - ok
13:20:41.0448 15584 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:20:41.0494 15584 BrFiltLo - ok
13:20:41.0526 15584 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:20:41.0572 15584 BrFiltUp - ok
13:20:41.0604 15584 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
13:20:41.0682 15584 Browser - ok
13:20:41.0697 15584 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
13:20:41.0900 15584 Brserid - ok
13:20:41.0916 15584 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:20:41.0962 15584 BrSerWdm - ok
13:20:41.0962 15584 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:20:42.0056 15584 BrUsbMdm - ok
13:20:42.0056 15584 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:20:42.0103 15584 BrUsbSer - ok
13:20:42.0134 15584 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:20:42.0228 15584 BTHMODEM - ok
13:20:42.0259 15584 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:20:42.0321 15584 cdfs - ok
13:20:42.0352 15584 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:20:42.0415 15584 cdrom - ok
13:20:42.0462 15584 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
13:20:42.0508 15584 CertPropSvc - ok
13:20:42.0524 15584 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
13:20:42.0586 15584 circlass - ok
13:20:42.0618 15584 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
13:20:42.0633 15584 CLFS - ok
13:20:42.0711 15584 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:20:42.0727 15584 clr_optimization_v2.0.50727_32 - ok
13:20:42.0789 15584 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:20:42.0805 15584 clr_optimization_v2.0.50727_64 - ok
13:20:42.0883 15584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:20:42.0914 15584 clr_optimization_v4.0.30319_32 - ok
13:20:42.0961 15584 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:20:42.0976 15584 clr_optimization_v4.0.30319_64 - ok
13:20:42.0992 15584 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:20:43.0008 15584 cmdide - ok
13:20:43.0008 15584 [ 34A6AA82AA36C87FC8816F2097EFA345 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:20:43.0023 15584 Compbatt - ok
13:20:43.0039 15584 COMSysApp - ok
13:20:43.0039 15584 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:20:43.0054 15584 crcdisk - ok
13:20:43.0117 15584 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:20:43.0226 15584 CryptSvc - ok
13:20:43.0257 15584 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
13:20:43.0320 15584 DcomLaunch - ok
13:20:43.0382 15584 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:20:43.0476 15584 DfsC - ok
13:20:43.0585 15584 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
13:20:43.0850 15584 DFSR - ok
13:20:43.0912 15584 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:20:43.0959 15584 Dhcp - ok
13:20:44.0022 15584 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
13:20:44.0037 15584 disk - ok
13:20:44.0084 15584 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:20:44.0146 15584 Dnscache - ok
13:20:44.0224 15584 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
13:20:44.0256 15584 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
13:20:44.0256 15584 DockLoginService - detected UnsignedFile.Multi.Generic (1)
13:20:44.0302 15584 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
13:20:44.0334 15584 dot3svc - ok
13:20:44.0380 15584 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:20:44.0443 15584 Dot4 - ok
13:20:44.0458 15584 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:20:44.0521 15584 Dot4Print - ok
13:20:44.0552 15584 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:20:44.0599 15584 dot4usb - ok
13:20:44.0646 15584 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
13:20:44.0692 15584 DPS - ok
13:20:44.0724 15584 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:20:44.0817 15584 drmkaud - ok
13:20:44.0864 15584 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:20:44.0911 15584 DXGKrnl - ok
13:20:44.0942 15584 [ 17D40652EF3E55EEAE187A89DF40965A ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
13:20:45.0004 15584 e1express - ok
13:20:45.0020 15584 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
13:20:45.0067 15584 E1G60 - ok
13:20:45.0098 15584 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
13:20:45.0160 15584 EapHost - ok
13:20:45.0192 15584 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
13:20:45.0207 15584 Ecache - ok
13:20:45.0254 15584 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:20:45.0301 15584 ehRecvr - ok
13:20:45.0316 15584 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
13:20:45.0348 15584 ehSched - ok
13:20:45.0379 15584 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
13:20:45.0457 15584 ehstart - ok
13:20:45.0504 15584 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:20:45.0519 15584 elxstor - ok
13:20:45.0566 15584 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:20:45.0691 15584 EMDMgmt - ok
13:20:45.0706 15584 [ 991FAB6AA066E1214EFB5B496FB7959A ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:20:45.0769 15584 ErrDev - ok
13:20:45.0816 15584 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
13:20:45.0862 15584 EventSystem - ok
13:20:45.0909 15584 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
13:20:45.0987 15584 exfat - ok
13:20:46.0018 15584 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:20:46.0081 15584 fastfat - ok
13:20:46.0096 15584 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:20:46.0159 15584 fdc - ok
13:20:46.0190 15584 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
13:20:46.0237 15584 fdPHost - ok
13:20:46.0268 15584 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
13:20:46.0330 15584 FDResPub - ok
13:20:46.0330 15584 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:20:46.0346 15584 FileInfo - ok
13:20:46.0362 15584 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:20:46.0408 15584 Filetrace - ok
13:20:46.0440 15584 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:20:46.0502 15584 flpydisk - ok
13:20:46.0533 15584 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:20:46.0549 15584 FltMgr - ok
13:20:46.0627 15584 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
13:20:46.0752 15584 FontCache - ok
13:20:46.0814 15584 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:20:46.0830 15584 FontCache3.0.0.0 - ok
13:20:46.0892 15584 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:20:46.0923 15584 Fs_Rec - ok
13:20:46.0954 15584 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:20:46.0970 15584 gagp30kx - ok
13:20:47.0001 15584 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
13:20:47.0017 15584 GoToAssist - ok
13:20:47.0048 15584 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
13:20:47.0095 15584 gpsvc - ok
13:20:47.0204 15584 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca6bd69e15fac4 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:20:47.0220 15584 gupdate1ca6bd69e15fac4 - ok
13:20:47.0235 15584 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:20:47.0251 15584 gupdatem - ok
13:20:47.0298 15584 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:20:47.0313 15584 gusvc - ok
13:20:47.0344 15584 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:20:47.0500 15584 HDAudBus - ok
13:20:47.0516 15584 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:20:47.0594 15584 HidBth - ok
13:20:47.0625 15584 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:20:47.0672 15584 HidIr - ok
13:20:47.0703 15584 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
13:20:47.0750 15584 hidserv - ok
13:20:47.0766 15584 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:20:47.0812 15584 HidUsb - ok
13:20:47.0859 15584 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
13:20:47.0890 15584 hkmsvc - ok
13:20:47.0968 15584 [ 853BABC289F2B46F8150DF0E0CF0B537 ] hnmsvc c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
13:20:48.0015 15584 hnmsvc - ok
13:20:48.0031 15584 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:20:48.0046 15584 HpCISSs - ok
13:20:48.0109 15584 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:20:48.0140 15584 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
13:20:48.0140 15584 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
13:20:48.0171 15584 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:20:48.0202 15584 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
13:20:48.0202 15584 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
13:20:48.0234 15584 [ 298A6890A7AC415DABB35047D168F13B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
13:20:48.0280 15584 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
13:20:48.0280 15584 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
13:20:48.0312 15584 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:20:48.0405 15584 HTTP - ok
13:20:48.0436 15584 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:20:48.0452 15584 i2omp - ok
13:20:48.0468 15584 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:20:48.0514 15584 i8042prt - ok
13:20:48.0561 15584 [ 07FB761600EFF44AF02C35B8B57E5863 ] iaStor C:\Windows\system32\drivers\iastor.sys
13:20:48.0592 15584 iaStor - ok
13:20:48.0608 15584 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:20:48.0639 15584 iaStorV - ok
13:20:48.0702 15584 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:20:48.0733 15584 idsvc - ok
13:20:48.0967 15584 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:20:49.0528 15584 igfx - ok
13:20:49.0560 15584 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:20:49.0575 15584 iirsp - ok
13:20:49.0606 15584 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
13:20:49.0653 15584 IKEEXT - ok
13:20:49.0716 15584 [ 0DD17D4B59D0EC40E3C86A505BB0B6DD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:20:49.0762 15584 IntcAzAudAddService - ok
13:20:49.0794 15584 [ BE1CB000C655396C9DEF09AEE3EA2D67 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
13:20:49.0872 15584 IntcHdmiAddService - ok
13:20:49.0918 15584 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\DRIVERS\intelide.sys
13:20:49.0934 15584 intelide - ok
13:20:49.0950 15584 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:20:49.0996 15584 intelppm - ok
13:20:50.0043 15584 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:20:50.0090 15584 IPBusEnum - ok
13:20:50.0137 15584 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:20:50.0168 15584 IpFilterDriver - ok
13:20:50.0168 15584 IpInIp - ok
13:20:50.0184 15584 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:20:50.0215 15584 IPMIDRV - ok
13:20:50.0230 15584 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:20:50.0293 15584 IPNAT - ok
13:20:50.0308 15584 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:20:50.0355 15584 IRENUM - ok
13:20:50.0371 15584 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:20:50.0386 15584 isapnp - ok
13:20:50.0418 15584 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:20:50.0433 15584 iScsiPrt - ok
13:20:50.0449 15584 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:20:50.0464 15584 iteatapi - ok
13:20:50.0496 15584 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:20:50.0511 15584 iteraid - ok
13:20:50.0542 15584 [ D57BC37917533162E3E75140D1F037B9 ] JLTECH0227 C:\Windows\system32\Drivers\jl2005c.sys
13:20:50.0558 15584 JLTECH0227 - ok
13:20:50.0558 15584 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:20:50.0574 15584 kbdclass - ok
13:20:50.0605 15584 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:20:50.0652 15584 kbdhid - ok
13:20:50.0698 15584 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
13:20:50.0776 15584 KeyIso - ok
13:20:50.0792 15584 [ 2758D174604F597BBC8A217FF667913D ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:20:50.0823 15584 KSecDD - ok
13:20:50.0854 15584 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:20:50.0901 15584 ksthunk - ok
13:20:50.0948 15584 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
13:20:51.0010 15584 KtmRm - ok
13:20:51.0088 15584 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:20:51.0135 15584 LanmanServer - ok
13:20:51.0166 15584 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:20:51.0229 15584 LanmanWorkstation - ok
13:20:51.0260 15584 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:20:51.0307 15584 lltdio - ok
13:20:51.0338 15584 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:20:51.0385 15584 lltdsvc - ok
13:20:51.0400 15584 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:20:51.0447 15584 lmhosts - ok
13:20:51.0478 15584 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:20:51.0494 15584 LSI_FC - ok
13:20:51.0510 15584 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:20:51.0525 15584 LSI_SAS - ok
13:20:51.0541 15584 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:20:51.0556 15584 LSI_SCSI - ok
13:20:51.0572 15584 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
13:20:51.0603 15584 luafv - ok
13:20:51.0634 15584 [ 7717A2CB550267860D3933F3FBA0216F ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
13:20:51.0634 15584 LVPr2M64 - ok
13:20:51.0650 15584 [ 7717A2CB550267860D3933F3FBA0216F ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
13:20:51.0666 15584 LVPr2Mon - ok
13:20:51.0697 15584 [ 8EBEB7E7A0C3D295CA6BBCFA942C6AA8 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
13:20:51.0712 15584 LVPrcS64 - ok
13:20:51.0744 15584 [ 125AE13C293889001B8456CF3EB04A40 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
13:20:51.0759 15584 LVRS64 - ok
13:20:51.0884 15584 [ A5B0494409FB08DCDC42A216C6EAB0F7 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
13:20:52.0118 15584 LVUVC64 - ok
13:20:52.0149 15584 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
13:20:52.0180 15584 McciCMService ( UnsignedFile.Multi.Generic ) - warning
13:20:52.0180 15584 McciCMService - detected UnsignedFile.Multi.Generic (1)
13:20:52.0212 15584 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:20:52.0243 15584 Mcx2Svc - ok
13:20:52.0290 15584 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
13:20:52.0305 15584 megasas - ok
13:20:52.0336 15584 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:20:52.0368 15584 MegaSR - ok
13:20:52.0383 15584 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
13:20:52.0430 15584 MMCSS - ok
13:20:52.0461 15584 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
13:20:52.0492 15584 Modem - ok
13:20:52.0508 15584 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:20:52.0539 15584 monitor - ok
13:20:52.0555 15584 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:20:52.0570 15584 mouclass - ok
13:20:52.0586 15584 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:20:52.0633 15584 mouhid - ok
13:20:52.0633 15584 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:20:52.0648 15584 MountMgr - ok
13:20:52.0664 15584 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
13:20:52.0680 15584 mpio - ok
13:20:52.0695 15584 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:20:52.0742 15584 mpsdrv - ok
13:20:52.0773 15584 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:20:52.0773 15584 Mraid35x - ok
13:20:52.0804 15584 [ 80B2EC735495823AE5771A5F603E73BD ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
13:20:52.0836 15584 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
13:20:52.0836 15584 MREMP50 - detected UnsignedFile.Multi.Generic (1)
13:20:52.0836 15584 MREMP50a64 - ok
13:20:52.0867 15584 [ 37D7C22F7E26DA90E2D2D260E5D27846 ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
13:20:52.0867 15584 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
13:20:52.0867 15584 MRESP50 - detected UnsignedFile.Multi.Generic (1)
13:20:52.0867 15584 MRESP50a64 - ok
13:20:52.0898 15584 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:20:52.0945 15584 MRxDAV - ok
13:20:52.0992 15584 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:20:53.0038 15584 mrxsmb - ok
13:20:53.0070 15584 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:20:53.0132 15584 mrxsmb10 - ok
13:20:53.0148 15584 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:20:53.0163 15584 mrxsmb20 - ok
13:20:53.0226 15584 [ 730B784962D22D2C6481EAE2370E7C8C ] msahci C:\Windows\system32\drivers\msahci.sys
13:20:53.0241 15584 msahci - ok
13:20:53.0241 15584 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:20:53.0272 15584 msdsm - ok
13:20:53.0288 15584 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
13:20:53.0335 15584 MSDTC - ok
13:20:53.0382 15584 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:20:53.0428 15584 Msfs - ok
13:20:53.0460 15584 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:20:53.0475 15584 msisadrv - ok
13:20:53.0491 15584 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:20:53.0538 15584 MSiSCSI - ok
13:20:53.0538 15584 msiserver - ok
13:20:53.0569 15584 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:20:53.0600 15584 MSKSSRV - ok
13:20:53.0616 15584 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:20:53.0662 15584 MSPCLOCK - ok
13:20:53.0694 15584 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:20:53.0756 15584 MSPQM - ok
13:20:53.0772 15584 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:20:53.0803 15584 MsRPC - ok
13:20:53.0818 15584 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:20:53.0834 15584 mssmbios - ok
13:20:53.0850 15584 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:20:53.0881 15584 MSTEE - ok
13:20:53.0881 15584 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
13:20:53.0912 15584 Mup - ok
13:20:53.0943 15584 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
13:20:53.0990 15584 napagent - ok
13:20:54.0021 15584 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:20:54.0068 15584 NativeWifiP - ok
13:20:54.0130 15584 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:20:54.0162 15584 NDIS - ok
13:20:54.0162 15584 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:20:54.0208 15584 NdisTapi - ok
13:20:54.0240 15584 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:20:54.0286 15584 Ndisuio - ok
13:20:54.0318 15584 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:20:54.0364 15584 NdisWan - ok
13:20:54.0396 15584 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:20:54.0442 15584 NDProxy - ok
13:20:54.0489 15584 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:20:54.0489 15584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:20:54.0489 15584 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:20:54.0505 15584 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:20:54.0552 15584 NetBIOS - ok
13:20:54.0567 15584 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:20:54.0614 15584 netbt - ok
13:20:54.0614 15584 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
13:20:54.0630 15584 Netlogon - ok
13:20:54.0676 15584 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
13:20:54.0739 15584 Netman - ok
13:20:54.0786 15584 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
13:20:54.0848 15584 netprofm - ok
13:20:54.0879 15584 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:20:54.0895 15584 NetTcpPortSharing - ok
13:20:54.0910 15584 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:20:54.0926 15584 nfrd960 - ok
13:20:54.0942 15584 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
13:20:54.0973 15584 NlaSvc - ok
13:20:54.0988 15584 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:20:55.0035 15584 Npfs - ok
13:20:55.0066 15584 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
13:20:55.0113 15584 nsi - ok
13:20:55.0113 15584 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:20:55.0160 15584 nsiproxy - ok
13:20:55.0207 15584 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:20:55.0285 15584 Ntfs - ok
13:20:55.0285 15584 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
13:20:55.0347 15584 Null - ok
13:20:55.0363 15584 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:20:55.0394 15584 nvraid - ok
13:20:55.0394 15584 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:20:55.0410 15584 nvstor - ok
13:20:55.0425 15584 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:20:55.0441 15584 nv_agp - ok
13:20:55.0456 15584 NwlnkFlt - ok
13:20:55.0456 15584 NwlnkFwd - ok
13:20:55.0519 15584 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:20:55.0566 15584 odserv - ok
13:20:55.0628 15584 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:20:55.0659 15584 ohci1394 - ok
13:20:55.0706 15584 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:20:55.0722 15584 ose - ok
13:20:55.0768 15584 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:20:55.0862 15584 p2pimsvc - ok
13:20:55.0893 15584 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
13:20:55.0924 15584 p2psvc - ok
13:20:55.0940 15584 [ 43E24699A18126F11E3D9BF6DB85518B ] Packet C:\Windows\system32\DRIVERS\packet.sys
13:20:55.0987 15584 Packet - ok
13:20:56.0018 15584 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
13:20:56.0080 15584 Parport - ok
13:20:56.0127 15584 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:20:56.0143 15584 partmgr - ok
13:20:56.0174 15584 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
13:20:56.0221 15584 PcaSvc - ok
13:20:56.0252 15584 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
13:20:56.0268 15584 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
13:20:56.0283 15584 pci - ok
13:20:56.0299 15584 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
13:20:56.0314 15584 pciide - ok
13:20:56.0330 15584 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:20:56.0346 15584 pcmcia - ok
13:20:56.0377 15584 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:20:56.0455 15584 PEAUTH - ok
13:20:56.0517 15584 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:20:56.0580 15584 PerfHost - ok
13:20:56.0626 15584 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
13:20:56.0720 15584 pla - ok
13:20:56.0767 15584 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:20:56.0798 15584 PlugPlay - ok
13:20:56.0845 15584 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:20:56.0860 15584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:20:56.0860 15584 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:20:56.0892 15584 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:20:56.0923 15584 PNRPAutoReg - ok
13:20:56.0954 15584 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:20:56.0985 15584 PNRPsvc - ok
13:20:57.0032 15584 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:20:57.0126 15584 PolicyAgent - ok
13:20:57.0188 15584 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:20:57.0235 15584 PptpMiniport - ok
13:20:57.0266 15584 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
13:20:57.0313 15584 Processor - ok
13:20:57.0328 15584 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
13:20:57.0375 15584 ProfSvc - ok
13:20:57.0391 15584 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
13:20:57.0406 15584 ProtectedStorage - ok
13:20:57.0438 15584 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:20:57.0469 15584 PSched - ok
13:20:57.0500 15584 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:20:57.0500 15584 PxHlpa64 - ok
13:20:57.0640 15584 [ 65D9E440F351EF710F5598DDF9612F19 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
13:20:57.0656 15584 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
13:20:57.0656 15584 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
13:20:57.0718 15584 [ 2241EAF40E472C471CB80CF6B97CCA11 ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
13:20:57.0765 15584 QBFCService ( UnsignedFile.Multi.Generic ) - warning
13:20:57.0765 15584 QBFCService - detected UnsignedFile.Multi.Generic (1)
13:20:57.0796 15584 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:20:57.0843 15584 ql2300 - ok
13:20:57.0859 15584 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:20:57.0874 15584 ql40xx - ok
13:20:57.0906 15584 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
13:20:57.0952 15584 QWAVE - ok
13:20:57.0968 15584 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:20:57.0999 15584 QWAVEdrv - ok
13:20:58.0077 15584 [ 2A09A6B271D1F50ADF5E33B37D460DE6 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
13:20:58.0327 15584 R300 - ok
13:20:58.0358 15584 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:20:58.0420 15584 RasAcd - ok
13:20:58.0436 15584 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
13:20:58.0498 15584 RasAuto - ok
13:20:58.0530 15584 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:20:58.0576 15584 Rasl2tp - ok
13:20:58.0592 15584 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
13:20:58.0639 15584 RasMan - ok
13:20:58.0686 15584 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:20:58.0701 15584 RasPppoe - ok
13:20:58.0732 15584 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:20:58.0748 15584 RasSstp - ok
13:20:58.0764 15584 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:20:58.0795 15584 rdbss - ok
13:20:58.0810 15584 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:20:58.0842 15584 RDPCDD - ok
13:20:58.0873 15584 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:20:58.0935 15584 rdpdr - ok
13:20:58.0935 15584 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:20:58.0966 15584 RDPENCDD - ok
13:20:59.0029 15584 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:20:59.0076 15584 RDPWD - ok
13:20:59.0107 15584 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:20:59.0154 15584 RemoteAccess - ok
13:20:59.0185 15584 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:20:59.0247 15584 RemoteRegistry - ok
13:20:59.0278 15584 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
13:20:59.0310 15584 RpcLocator - ok
13:20:59.0356 15584 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
13:20:59.0403 15584 RpcSs - ok
13:20:59.0434 15584 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:20:59.0466 15584 rspndr - ok
13:20:59.0512 15584 [ B263B3AEBCDE2210D1CC25756601B8EA ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
13:20:59.0528 15584 RTL8169 - ok
13:20:59.0559 15584 [ 5532C4BF15173270757A75B46BAEB960 ] RtNdPt60 C:\Windows\system32\DRIVERS\RtNdPt60.sys
13:20:59.0637 15584 RtNdPt60 - ok
13:20:59.0668 15584 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
13:20:59.0700 15584 SamSs - ok
13:20:59.0731 15584 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:20:59.0746 15584 sbp2port - ok
13:20:59.0762 15584 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:20:59.0809 15584 SCardSvr - ok
13:20:59.0856 15584 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
13:20:59.0949 15584 Schedule - ok
13:20:59.0980 15584 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:21:00.0012 15584 SCPolicySvc - ok
13:21:00.0027 15584 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:21:00.0136 15584 SDRSVC - ok
13:21:00.0168 15584 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:21:00.0214 15584 secdrv - ok
13:21:00.0230 15584 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
13:21:00.0277 15584 seclogon - ok
13:21:00.0292 15584 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
13:21:00.0355 15584 SENS - ok
13:21:00.0386 15584 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:21:00.0448 15584 Serenum - ok
13:21:00.0480 15584 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
13:21:00.0558 15584 Serial - ok
13:21:00.0573 15584 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:21:00.0620 15584 sermouse - ok
13:21:00.0651 15584 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
13:21:00.0698 15584 SessionEnv - ok
13:21:00.0698 15584 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:21:00.0729 15584 sffdisk - ok
13:21:00.0745 15584 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:21:00.0776 15584 sffp_mmc - ok
13:21:00.0792 15584 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:21:00.0823 15584 sffp_sd - ok
13:21:00.0823 15584 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:21:00.0901 15584 sfloppy - ok
13:21:00.0963 15584 [ 4EF8FC5158AA1A01DF37FDB3FADDA077 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
13:21:00.0994 15584 SftService - ok
13:21:01.0072 15584 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:21:01.0119 15584 ShellHWDetection - ok
13:21:01.0150 15584 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:21:01.0166 15584 SiSRaid2 - ok
13:21:01.0182 15584 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:21:01.0197 15584 SiSRaid4 - ok
13:21:01.0275 15584 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:21:01.0291 15584 SkypeUpdate - ok
13:21:01.0353 15584 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
13:21:01.0525 15584 slsvc - ok
13:21:01.0556 15584 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:21:01.0603 15584 SLUINotify - ok
13:21:01.0634 15584 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:21:01.0696 15584 Smb - ok
13:21:01.0728 15584 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:21:01.0759 15584 SNMPTRAP - ok
13:21:01.0790 15584 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
13:21:01.0806 15584 spldr - ok
13:21:01.0852 15584 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
13:21:01.0915 15584 Spooler - ok
13:21:01.0946 15584 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
13:21:02.0008 15584 srv - ok
13:21:02.0055 15584 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:21:02.0118 15584 srv2 - ok
13:21:02.0149 15584 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:21:02.0196 15584 srvnet - ok
13:21:02.0211 15584 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:21:02.0258 15584 SSDPSRV - ok
13:21:02.0274 15584 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:21:02.0336 15584 SstpSvc - ok
13:21:02.0383 15584 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
13:21:02.0430 15584 stisvc - ok
13:21:02.0508 15584 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:21:02.0523 15584 stllssvr - ok
13:21:02.0554 15584 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:21:02.0570 15584 swenum - ok
13:21:02.0601 15584 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
13:21:02.0648 15584 swprv - ok
13:21:02.0679 15584 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:21:02.0695 15584 Symc8xx - ok
13:21:02.0710 15584 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:21:02.0710 15584 Sym_hi - ok
13:21:02.0742 15584 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:21:02.0757 15584 Sym_u3 - ok
13:21:02.0820 15584 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
13:21:02.0882 15584 SysMain - ok
13:21:02.0913 15584 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:21:02.0976 15584 TabletInputService - ok
13:21:03.0007 15584 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:21:03.0054 15584 TapiSrv - ok
13:21:03.0069 15584 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
13:21:03.0132 15584 TBS - ok
13:21:03.0194 15584 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:21:03.0256 15584 Tcpip - ok
13:21:03.0288 15584 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:21:03.0350 15584 Tcpip6 - ok
13:21:03.0412 15584 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:21:03.0475 15584 tcpipreg - ok
13:21:03.0537 15584 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:21:03.0584 15584 TDPIPE - ok
13:21:03.0615 15584 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:21:03.0662 15584 TDTCP - ok
13:21:03.0709 15584 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:21:03.0756 15584 tdx - ok
13:21:03.0787 15584 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:21:03.0802 15584 TermDD - ok
13:21:03.0818 15584 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
13:21:03.0865 15584 TermService - ok
13:21:03.0912 15584 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
13:21:03.0927 15584 Themes - ok
13:21:03.0943 15584 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
13:21:03.0974 15584 THREADORDER - ok
13:21:03.0990 15584 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
13:21:04.0052 15584 TrkWks - ok
13:21:04.0099 15584 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:21:04.0146 15584 TrustedInstaller - ok
13:21:04.0177 15584 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:21:04.0239 15584 tssecsrv - ok
13:21:04.0286 15584 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:21:04.0333 15584 tunmp - ok
13:21:04.0395 15584 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:21:04.0411 15584 tunnel - ok
13:21:04.0442 15584 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:21:04.0458 15584 uagp35 - ok
13:21:04.0504 15584 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:21:04.0551 15584 udfs - ok
13:21:04.0582 15584 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:21:04.0614 15584 UI0Detect - ok
13:21:04.0629 15584 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:21:04.0645 15584 uliagpkx - ok
13:21:04.0676 15584 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:21:04.0692 15584 uliahci - ok
13:21:04.0707 15584 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:21:04.0723 15584 UlSata - ok
13:21:04.0738 15584 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:21:04.0770 15584 ulsata2 - ok
13:21:04.0785 15584 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:21:04.0832 15584 umbus - ok
13:21:04.0848 15584 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
13:21:04.0894 15584 upnphost - ok
13:21:04.0957 15584 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:21:04.0988 15584 usbaudio - ok
13:21:05.0004 15584 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:21:05.0035 15584 usbccgp - ok
13:21:05.0066 15584 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:21:05.0128 15584 usbcir - ok
13:21:05.0144 15584 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:21:05.0191 15584 usbehci - ok
13:21:05.0238 15584 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:21:05.0284 15584 usbhub - ok
13:21:05.0316 15584 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:21:05.0378 15584 usbohci - ok
13:21:05.0394 15584 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:21:05.0440 15584 usbprint - ok
13:21:05.0456 15584 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:21:05.0487 15584 usbscan - ok
13:21:05.0503 15584 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:21:05.0534 15584 USBSTOR - ok
13:21:05.0550 15584 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:21:05.0581 15584 usbuhci - ok
13:21:05.0628 15584 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:21:05.0674 15584 usbvideo - ok
13:21:05.0690 15584 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
13:21:05.0721 15584 UxSms - ok
13:21:05.0752 15584 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
13:21:05.0784 15584 vds - ok
13:21:05.0830 15584 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:21:05.0893 15584 vga - ok
13:21:05.0908 15584 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:21:05.0955 15584 VgaSave - ok
13:21:05.0971 15584 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
13:21:05.0986 15584 viaide - ok
13:21:06.0018 15584 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:21:06.0033 15584 volmgr - ok
13:21:06.0049 15584 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:21:06.0064 15584 volmgrx - ok
13:21:06.0096 15584 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:21:06.0127 15584 volsnap - ok
13:21:06.0142 15584 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:21:06.0174 15584 vsmraid - ok
13:21:06.0220 15584 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
13:21:06.0298 15584 VSS - ok
13:21:06.0314 15584 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
13:21:06.0376 15584 W32Time - ok
13:21:06.0423 15584 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:21:06.0486 15584 WacomPen - ok
13:21:06.0517 15584 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:21:06.0548 15584 Wanarp - ok
13:21:06.0548 15584 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:21:06.0579 15584 Wanarpv6 - ok
13:21:06.0595 15584 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:21:06.0642 15584 wcncsvc - ok
13:21:06.0657 15584 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:21:06.0704 15584 WcsPlugInService - ok
13:21:06.0751 15584 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
13:21:06.0766 15584 Wd - ok
13:21:06.0813 15584 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:21:06.0844 15584 Wdf01000 - ok
13:21:06.0876 15584 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:21:06.0922 15584 WdiServiceHost - ok
13:21:06.0922 15584 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:21:06.0954 15584 WdiSystemHost - ok
13:21:06.0985 15584 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
13:21:07.0016 15584 WebClient - ok
13:21:07.0063 15584 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:21:07.0125 15584 Wecsvc - ok
13:21:07.0156 15584 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:21:07.0172 15584 wercplsupport - ok
13:21:07.0188 15584 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
13:21:07.0250 15584 WerSvc - ok
13:21:07.0250 15584 WinHttpAutoProxySvc - ok
13:21:07.0297 15584 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:21:07.0359 15584 Winmgmt - ok
13:21:07.0422 15584 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
13:21:07.0515 15584 WinRM - ok
13:21:07.0593 15584 [ 7F2F9E48566B2087F2AAAD258CB2A8D4 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
13:21:07.0640 15584 WinUSB - ok
13:21:07.0718 15584 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:21:07.0780 15584 Wlansvc - ok
13:21:07.0827 15584 [ 7999DFB1C555EFC0DB69576F70027867 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:21:07.0843 15584 WmiAcpi - ok
13:21:07.0890 15584 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:21:07.0905 15584 wmiApSrv - ok
13:21:07.0952 15584 WMPNetworkSvc - ok
13:21:08.0046 15584 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
13:21:08.0077 15584 WMZuneComm - ok
13:21:08.0108 15584 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:21:08.0202 15584 WPCSvc - ok
13:21:08.0233 15584 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:21:08.0311 15584 WPDBusEnum - ok
13:21:08.0358 15584 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:21:08.0389 15584 WpdUsb - ok
13:21:08.0529 15584 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:21:08.0576 15584 WPFFontCache_v0400 - ok
13:21:08.0607 15584 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:21:08.0638 15584 ws2ifsl - ok
13:21:08.0654 15584 WSearch - ok
13:21:08.0716 15584 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:21:08.0826 15584 WudfPf - ok
13:21:08.0904 15584 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:21:08.0935 15584 WUDFRd - ok
13:21:08.0935 15584 [ 3DCC7BF5AFA921B479E622BD999121F3 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:21:08.0982 15584 wudfsvc - ok
13:21:09.0169 15584 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
13:21:09.0465 15584 ZuneNetworkSvc - ok
13:21:09.0512 15584 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
13:21:09.0543 15584 ZuneWlanCfgSvc - ok
13:21:09.0543 15584 ================ Scan global ===============================
13:21:09.0574 15584 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
13:21:09.0621 15584 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
13:21:09.0637 15584 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
13:21:09.0699 15584 [ BC81150939BD52DBC7A08C245F1FB229 ] C:\Windows\system32\services.exe
13:21:09.0730 15584 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
13:21:09.0730 15584 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
13:21:09.0730 15584 ================ Scan MBR ==================================
13:21:09.0762 15584 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:21:09.0964 15584 \Device\Harddisk0\DR0 - ok
13:21:09.0964 15584 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk6\DR6
13:21:09.0964 15584 \Device\Harddisk6\DR6 - ok
13:21:09.0980 15584 ================ Scan VBR ==================================
13:21:09.0996 15584 [ 0C5F7348BAB38791D2882518819ECFCB ] \Device\Harddisk0\DR0\Partition1
13:21:10.0011 15584 \Device\Harddisk0\DR0\Partition1 - ok
13:21:10.0011 15584 [ F05FEC22071C485EAF0303BEA6FC964F ] \Device\Harddisk0\DR0\Partition2
13:21:10.0011 15584 \Device\Harddisk0\DR0\Partition2 - ok
13:21:10.0011 15584 [ 6F671173683FCE56E79FCF656B7197BE ] \Device\Harddisk6\DR6\Partition1
13:21:10.0011 15584 \Device\Harddisk6\DR6\Partition1 - ok
13:21:10.0027 15584 ============================================================
13:21:10.0027 15584 Scan finished
13:21:10.0027 15584 ============================================================
13:21:10.0027 17648 Detected object count: 12
13:21:10.0027 17648 Actual detected object count: 12
13:21:47.0264 17648 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0264 17648 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0264 17648 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0264 17648 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0264 17648 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0264 17648 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0280 17648 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0280 17648 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0280 17648 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0280 17648 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0280 17648 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0280 17648 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0280 17648 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0280 17648 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0280 17648 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0280 17648 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0280 17648 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0280 17648 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0280 17648 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0280 17648 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0295 17648 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:47.0295 17648 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:47.0295 17648 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - skipped by user
13:21:47.0295 17648 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Skip
13:23:06.0535 14112 Deinitialize success
gh_braz
Active Member
 
Posts: 6
Joined: January 23rd, 2013, 7:57 pm

Re: Please help!

Unread postby deltalima » January 27th, 2013, 2:22 pm

Hi gh_braz,

Your logs show signs of a Remote Access Infection on your computer.

13:21:09.0730 15584 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
13:21:09.0730 15584 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)


These indicate you are infected with ......

Zero Access Rootkit


Please take time to carefully read THIS topic, then let me know how you want to proceed.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Please help!

Unread postby deltalima » January 30th, 2013, 3:57 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 68 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware