Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Low disk space, Computer running slow.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Low disk space, Computer running slow.

Unread postby virbitsky » January 28th, 2013, 11:04 am

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_29
Run by j at 15:15:47 on 2013-01-23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3838.2153 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\DELL\OSD\AIO_OSD.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\DELL\OSD\OSDSvr.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\lxducoms.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Windows\SysWOW64\WinService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
C:\PROGRA~2\WEATHE~2\bar\2.bin\gcbarsvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\sdclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://aol.com/
uURLSearchHooks: AOLMAILTBSearch Class: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
uURLSearchHooks: <No Name>: {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcSrcAs.dll
mURLSearchHooks: AOLMAILTBSearch Class: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: ALOT Toolbar Helper: {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\alot.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Search Assistant BHO: {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcSrcAs.dll
BHO: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Toolbar BHO: {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbar.dll
BHO: AOL Email Toolbar Loader: {fbea8524-8c72-4208-9d12-7fb73e9926eb} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: AOL Email Toolbar: {A3704FA3-DBF6-46B5-B95E-0677DFD39577} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: AOL Email Toolbar: {a3704fa3-dbf6-46b5-b95e-0677dfd39577} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll
TB: ALOT Toolbar: {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll
TB: WeatherBlink: {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [HP Officejet 6700 (NET)] "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN21G1H1FC05RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
mRun: [FAStartup] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NEXTWI~1.LNK - C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\OSDUTI~1.LNK - C:\Program Files (x86)\DELL\OSD\AIO_OSD.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &AOL Email Toolbar Search - C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{620F6D51-8D26-4235-8E30-A36BF79508A3} : DHCPNameServer = 192.168.2.1
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi for Dell\CoziProtocolHandler.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
AppInit_DLLs= C:\PROGRA~2\Google\GOOGLE~1\GOEC62~1.DLL
LSA: Notification Packages = scecli FAPassSync
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableLUA = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - LocalServer32 - <no file>
x64-Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - LocalServer32 - <no file>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\570\G2AWinLogon_x64.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\
FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml ... 3ADA40ECB0
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsear ... searchfor=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\FFQpBHO3.5.dll
FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\FFQpBHO3.6.dll
FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\hpWebPrinting35.dll
FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\hpWebPrinting36.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\extensions\2020Player@2020Technologies.com\plugins\NP2020Player.dll
FF - ExtSQL: 2075-02-09 12:49; 2020Player@2020Technologies.com ; C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\extensions\2020Player@2020Technologies.com
FF - ExtSQL: !HIDDEN! 2009-09-19 04:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2011-09-30 10:41; smartwebprinting@hp.com ; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
.
============= SERVICES / DRIVERS ===============
.
R0 FXOSDDRV;Foxconn ACPI BIOS Simulator Driver;C:\Windows\System32\drivers\FxOSDdrv64.sys [2009-6-17 15448]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 nvamacpi;Nvidia Away Mode System;C:\Windows\System32\drivers\nvamacpi.sys [2009-6-17 28192]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-6-17 53488]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2011-10-27 25312]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-6-17 88576]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2009-3-7 2360584]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 FOXOSDService;Dell OSD Service;C:\Program Files (x86)\DELL\OSD\OSDSvr.exe [2009-6-17 65536]
R2 lxdu_device;lxdu_device;C:\Windows\System32\lxducoms.exe -service --> C:\Windows\System32\lxducoms.exe -service [?]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 SCM_Service;SCM_Service;C:\Windows\SysWOW64\WinService.exe [2011-10-27 180224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 TeamViewer4;TeamViewer 4;C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe [2008-12-10 185640]
R2 WeatherBlinkService;WeatherBlink Service;C:\PROGRA~2\WEATHE~2\bar\2.bin\gcbarsvc.exe [2011-2-18 36864]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\b57nd60a.sys [2009-6-17 252928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McShield;McAfee Real-time Scanner;C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe --> C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [?]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2009-8-17 30192]
S3 McSysmon;McAfee SystemGuards;C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe --> C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [?]
S3 PCD5SRVC{048DBD20-445E8C82-05040104};PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms [2008-11-4 28152]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\System32\drivers\wg111v2.sys [2011-10-27 340992]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-18 89920]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2075-08-23 08:05:43 1153972 ----a-w- C:\ProgramData\SPL252B.tmp
2013-01-19 08:01:16 67599240 ----a-w- C:\Windows\System32\mrt.exe
2012-12-16 13:31:20 48128 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 13:12:54 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 11:08:21 368128 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 10:50:29 293376 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-11-23 01:54:35 2770432 ----a-w- C:\Windows\System32\win32k.sys
2012-11-22 04:22:38 456192 ----a-w- C:\Windows\System32\shlwapi.dll
2012-11-22 03:54:36 353280 ----a-w- C:\Windows\SysWow64\shlwapi.dll
2012-11-20 04:22:50 204288 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-20 04:21:04 253952 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-14 07:06:18 17811968 ----a-w- C:\Windows\System32\mshtml.dll
2012-11-14 06:32:33 10925568 ----a-w- C:\Windows\System32\ieframe.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:44 1346048 ----a-w- C:\Windows\System32\urlmon.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 06:02:04 237056 ----a-w- C:\Windows\System32\url.dll
2012-11-14 05:59:52 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2012-11-14 05:58:36 816640 ----a-w- C:\Windows\System32\jscript.dll
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:55:45 2144768 ----a-w- C:\Windows\System32\iertutil.dll
2012-11-14 05:55:26 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2012-11-14 05:53:22 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 05:46:25 248320 ----a-w- C:\Windows\System32\ieui.dll
2012-11-14 02:48:26 12320256 ----a-w- C:\Windows\SysWow64\mshtml.dll
2012-11-14 02:14:59 9738240 ----a-w- C:\Windows\SysWow64\ieframe.dll
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:44 1103872 ----a-w- C:\Windows\SysWow64\urlmon.dll
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:55:46 231936 ----a-w- C:\Windows\SysWow64\url.dll
2012-11-14 01:51:44 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:49:19 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:47:20 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2012-11-14 01:46:38 1793024 ----a-w- C:\Windows\SysWow64\iertutil.dll
2012-11-14 01:45:01 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-14 01:41:30 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2012-11-13 01:45:48 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-13 01:29:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 10:47:16 1869824 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-02 10:47:16 1794560 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-02 10:45:52 477696 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 10:45:51 68096 ----a-w- C:\Windows\System32\dpnathlp.dll
2012-11-02 10:19:34 1400832 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-02 10:19:33 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-11-02 10:18:17 376320 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-02 08:59:56 26112 ----a-w- C:\Windows\System32\dpnsvr.exe
2012-11-02 08:26:06 23040 ----a-w- C:\Windows\SysWow64\dpnsvr.exe
.
============= FINISH: 15:16:28.96 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 6/16/2009 11:37:41 PM
System Uptime: 1/23/2013 2:14:40 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0K837J
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz | CPU 1 | 2500/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 191.473 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 0.002 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Officejet 6500 E709n
Device ID: ROOT\IMAGE\0001
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\IMAGE\0001
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6700
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Officejet 6700
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4d36e979-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\PRINTER\0000
Service:
.
==== System Restore Points ===================
.
RP618: 12/18/2012 3:34:57 AM - Windows Update
RP619: 12/21/2012 9:17:36 AM - Windows Update
RP620: 12/22/2012 3:00:11 AM - Windows Update
RP621: 12/23/2012 7:00:02 PM - Windows Backup
RP622: 12/25/2012 3:28:50 AM - Windows Update
RP623: 12/29/2012 3:28:58 AM - Windows Update
RP624: 12/30/2012 7:00:01 PM - Windows Backup
RP625: 1/2/2013 3:28:40 AM - Windows Update
RP629: 1/7/2013 1:50:13 PM - Windows Update
RP630: 1/11/2013 3:28:37 AM - Windows Update
RP631: 1/13/2013 7:00:01 PM - Windows Backup
RP632: 1/15/2013 3:28:38 AM - Windows Update
RP633: 1/15/2013 2:58:10 PM - Windows Backup
RP634: 1/19/2013 3:00:13 AM - Windows Update
RP635: 1/20/2013 7:00:02 PM - Windows Backup
RP636: 1/22/2013 3:36:58 AM - Windows Update
RP626: 1/4/7513 7:00:01 PM - Scheduled Checkpoint
RP627: 1/5/7513 2:00:01 PM - Windows Backup
RP628: 1/6/7513 7:00:01 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709n
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.5)
Adobe Shockwave Player 11.5
ALOT Toolbar
AOL Email Toolbar
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application for Payment v7.8.5
Bing Bar
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Choice Guard
Compatibility Pack for the 2007 Office system
Consumer In-Home Service Agreement
Cozi
CyberLink YouPaint
Dell-eBay
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell System Tour
Dell Touch Zone
Dell TouchCam
Dell Video Chat
DellTouchUI_Setup
Destination Component
DeviceDiscovery
DocMgr
DocProc
Download Updater (AOL LLC)
FastAccess
Fax
Google Chrome
Google Desktop
Google Earth
Google Earth Pro
Google Update Helper
GoToAssist Corporate
GPBaseService2
GPL Ghostscript 8.54
GPL Ghostscript Fonts
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Officejet 6500 E709 Series
HP Officejet 6700 Basic Device Software
HP Officejet 6700 Help
HP Officejet 6700 Product Improvement Study
HP Smart Web Printing
HP Solution Center 12.0
HP Update
HPDiagnosticCoreDll
HPProductAssistant
HPSSupply
I.R.I.S. OCR
iTunes
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Works
Mozilla Firefox 18.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NETGEAR WG111v2 wireless USB 2.0 adapter
Network64
NextWindow GSA
NVIDIA 3D Vision Driver 306.97
NVIDIA Control Panel 306.97
NVIDIA Drivers
NVIDIA Graphics Driver 306.97
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
OCR Software by I.R.I.S. 12.0
OSD
PEM Software Systems, Inc
PowerDVD
ProductContext
QuickBooks
QuickBooks Pro 2009
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Status
SupportSoft Assisted Service
TeamViewer 4
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
9/24/2075 3:28:43 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.258.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x80072f8f Error description: A security error occurred
9/23/2075 3:28:22 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.235.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x80072f8f Error description: A security error occurred
9/22/2075 4:34:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.235.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x80072f8f Error description: A security error occurred
9/22/2075 4:28:02 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.168.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x80072f8f Error description: A security error occurred
8/26/2075 4:01:40 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.133.381.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8703.0 Error code: 0x80072f8f Error description: A security error occurred
6/6/2075 9:43:49 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.1410.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
6/5/2075 5:43:21 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.1386.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
6/4/2075 9:44:05 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.1279.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
6/3/2075 1:43:20 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.1279.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
6/18/2075 9:44:08 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.2157.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
6/17/2075 9:44:09 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.2134.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
6/16/2075 9:44:08 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.2110.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
6/16/2075 1:32:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.2083.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
6/15/2075 2:43:27 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.2083.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
5/17/2075 3:45:08 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.19.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
5/16/2075 3:45:08 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.19.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
5/16/2075 2:44:05 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1854.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x80072f8f Error description: A security error occurred
3/1/2075 3:35:39 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.121.548.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8101.0 Error code: 0x80072f8f Error description: A security error occurred
3/1/2075 2:20:40 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.121.548.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8101.0 Error code: 0x80072f8f Error description: A security error occurred
12/31/2075 9:16:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1998.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
12/31/2075 2:29:39 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1998.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
12/30/2075 9:13:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1998.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
12/17/2075 3:33:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1976.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
12/16/2075 3:33:37 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1928.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
12/15/2075 3:33:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1918.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
12/15/2075 2:26:43 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1913.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
12/15/2075 12:39:00 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1913.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
12/15/2075 12:31:50 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1727.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
12/15/2075 1:02:22 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1913.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
12/12/2075 5:00:20 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1727.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
12/12/2075 4:22:56 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1605.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
11/22/2075 4:37:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
11/22/2075 4:13:15 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
11/22/2075 4:07:17 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.143.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
11/22/2075 10:08:12 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072f8f Error description: A security error occurred
11/15/2075 2:39:58 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.1840.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x80072f8f Error description: A security error occurred
1/8/2075 9:44:04 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.519.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
1/7/2075 9:48:43 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.519.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
1/7/2075 9:43:16 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.127.470.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error code: 0x80072f8f Error description: A security error occurred
1/3/2076 9:09:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.2126.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
1/23/2013 2:16:40 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/23/2013 2:16:40 PM, Error: Service Control Manager [7000] - The McAfee Real-time Scanner service failed to start due to the following error: The system cannot find the path specified.
1/23/2013 2:15:46 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP Officejet 6500 E709n Series with shared resource name HP Officejet 6500 E709n Series. Error 2114. The printer cannot be used by others on the network.
1/23/2013 2:15:46 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP Officejet 6500 E709n Series fax with shared resource name HP Officejet 6500 E709n Series fax. Error 2114. The printer cannot be used by others on the network.
1/2/2076 9:09:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.2093.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
1/18/2013 2:49:32 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
1/18/2013 2:49:32 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/18/2013 2:49:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/17/2075 2:05:25 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.2979.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
1/16/2075 8:15:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.2979.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
1/16/2075 2:05:22 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.2930.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
1/16/2075 10:52:59 AM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {66C99B38-BC12-4134-90A2-C5D6ABFC5FFE}. The error: "14001" Happened while starting this command: "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
1/15/2075 2:05:08 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.2877.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
1/14/2075 2:32:29 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.2807.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
1/1/2076 9:09:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.2059.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072f8f Error description: A security error occurred
.
==== End Of File ===========================


Computer is running very slow, message prompts keep saying low disk space, and I recently had my e-mail send out 100's of spam messages. Missed last posting so it was closed. same problem.
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm
Advertisement
Register to Remove

Re: Low disk space, Computer running slow.

Unread postby Gary R » January 30th, 2013, 5:31 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Low disk space, Computer running slow.

Unread postby Gary R » January 30th, 2013, 5:35 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Malware Removal" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi virbitsky

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Vista, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


There's one or two things in your DDS logs that need attention, but before we attend to them I'd like you to run a couple of extra scans for me.

First

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Next

Download TDSSKiller.zip and extract it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT

Summary of the logs I need from you in your next post:
  • OTL.txt
  • Extras.txt
  • TDSSKiller log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Low disk space, Computer running slow.

Unread postby virbitsky » February 1st, 2013, 6:21 pm

OTL logfile created on: 2/1/2013 5:03:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\j\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 53.90% Memory free
7.72 Gb Paging File | 5.82 Gb Available in Paging File | 75.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 192.39 Gb Free Space | 67.89% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 0.00 Gb Free Space | 0.02% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 443.06 Gb Free Space | 47.56% Space Free | Partition Type: NTFS

Computer Name: VIRBITSKY | User Name: j | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/01 17:01:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\j\Desktop\OTL.exe
PRC - [2013/01/22 10:01:29 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/01/07 19:44:16 | 001,638,400 | ---- | M] (Tweaking.com) -- C:\Users\j\Desktop\TweakingRegistryBackup.exe
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/06/09 16:25:16 | 000,090,112 | ---- | M] (Tweaking.com) -- C:\Users\j\Desktop\files\vss_start.exe
PRC - [2012/06/03 13:27:48 | 000,028,672 | ---- | M] (Tweaking.com) -- C:\Users\j\Desktop\files\vss_pause.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/06/09 12:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/02/18 13:52:31 | 000,036,864 | ---- | M] (WeatherBlink) -- C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbarsvc.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/07 14:16:26 | 001,934,600 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2009/03/07 14:16:26 | 000,095,496 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2009/03/07 14:16:00 | 002,360,584 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2009/03/07 09:51:50 | 000,024,576 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/01/29 12:13:20 | 000,252,248 | ---- | M] () -- C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
PRC - [2009/01/08 15:00:44 | 000,516,096 | ---- | M] (Dell Corporation) -- C:\Program Files (x86)\DELL\OSD\AIO_OSD.exe
PRC - [2008/12/22 15:59:12 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\DELL\OSD\OSDSvr.exe
PRC - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/12/10 04:13:10 | 003,942,184 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
PRC - [2008/12/10 03:49:46 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/07/17 14:48:16 | 000,180,224 | ---- | M] () -- C:\Windows\SysWOW64\WinService.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/22 10:01:08 | 003,022,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/01/19 03:31:35 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/19 03:30:23 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/19 03:30:17 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/03/07 14:17:04 | 000,088,840 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2009/03/07 14:16:30 | 000,059,144 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2009/03/07 14:15:28 | 000,234,248 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll
MOD - [2009/01/29 12:13:20 | 000,252,248 | ---- | M] () -- C:\Program Files (x86)\NextWindow\NextWindowGSA.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/01/07 05:15:56 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/05/23 07:58:54 | 001,040,552 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/22 10:01:29 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/02/18 13:52:31 | 000,036,864 | ---- | M] (WeatherBlink) [Auto | Running] -- C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbarsvc.exe -- (WeatherBlinkService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/05 11:17:31 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/07 14:16:00 | 002,360,584 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2009/03/07 09:51:50 | 000,024,576 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2008/12/22 15:59:12 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DELL\OSD\OSDSvr.exe -- (FOXOSDService)
SRV - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2008/12/10 03:49:46 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2008/11/18 15:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/10/16 18:31:12 | 000,906,752 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2007/07/17 14:48:16 | 000,180,224 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\WinService.exe -- (SCM_Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/07 06:03:50 | 000,028,192 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\NVAMACPI.sys -- (nvamacpi)
DRV:64bit: - [2009/01/07 05:25:52 | 000,252,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/11/28 09:31:02 | 000,015,448 | ---- | M] (Foxconn Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\FxOSDdrv64.sys -- (FXOSDDRV)
DRV:64bit: - [2008/11/17 06:29:14 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/09/24 19:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:64bit: - [2008/01/20 21:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
DRV:64bit: - [2007/12/26 09:46:26 | 000,340,992 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wg111v2.sys -- (RTL8187)
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/01/19 02:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\scmndisp.sys -- (SCMNdisP)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2008/11/04 18:16:40 | 000,028,152 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Dell Support Center\HWDiag\bin\pcd5srvc_x64.pkms -- (PCD5SRVC{048DBD20-445E8C82-05040104})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
IE - HKLM\..\SearchScopes,DefaultScope = {443789B7-F39C-4b5c-9287-DA72D38F4FE6}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/sli ... 843&query={SearchTerms}&invocationType=tb50-ie-aolmailtb-chromesbox-en-us
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\URLSearchHook: {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcSrcAs.dll (WeatherBlink)
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\URLSearchHook: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes,DefaultScope = {597b1823-7ff0-4cd3-8095-9d8cba514992}
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/sli ... 843&query={SearchTerms}&invocationType=tb50-ie-aolmailtb-chromesbox-en-us
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=140FD68001CA990C197882FA&install_time=19-01-2010:08:34&src_id=11009&camp_id=861&tb_version=2.5.7002.477
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=HODaWdOf ... DwM3wM4?q={searchTerms}
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=XNxdm003YYUS&ptb=980DD49E-1E3E-4D19-A04F-D23ADA40ECB0"
FF - prefs.js..extensions.enabledAddons: 2020Player%402020Technologies.com:4.5.2.0
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: gcffxtbr%40WeatherBlink.com:1.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.2.0
FF - prefs.js..extensions.enabledItems: gcffxtbr@WeatherBlink.com:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:4.0.1.0
FF - prefs.js..extensions.enabledItems: quickprint@hp.com:1.0
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XNxdm003YYUS&ptb=980DD49E-1E3E-4D19-A04F-D23ADA40ECB0&psa=&ind=2010110110&ptnrS=XNxdm003YYUS&si=&st=kwd&n=77cfd89e&searchfor="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files (x86)\WeatherBlink\bar\2.bin [2011/08/15 06:17:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011/09/30 09:41:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 14:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/22 10:01:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/22 10:01:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011/09/30 09:41:59 | 000,000,000 | ---D | M]

[2009/10/15 11:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\j\AppData\Roaming\Mozilla\Extensions
[2012/11/30 08:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\extensions
[2012/11/30 08:04:50 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2075/02/09 12:49:27 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\extensions\2020Player@2020Technologies.com
[2012/06/19 14:47:43 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2010/03/03 11:43:46 | 000,010,039 | ---- | M] () -- C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\searchplugins\WeatherBlink.xml
[2013/01/22 10:01:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/15 06:17:57 | 000,000,000 | ---D | M] (WeatherBlink) -- C:\PROGRAM FILES (X86)\WEATHERBLINK\BAR\2.BIN
[2013/01/22 10:01:30 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/10/18 10:31:53 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/18 10:31:53 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Entanglement = C:\Users\j\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Poppit = C:\Users\j\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2006/09/18 16:37:26 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Assistant BHO) - {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcSrcAs.dll (WeatherBlink)
O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Toolbar BHO) - {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbar.dll (WeatherBlink)
O2 - BHO: (AOL Email Toolbar Loader) - {fbea8524-8c72-4208-9d12-7fb73e9926eb} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AOL Email Toolbar) - {a3704fa3-dbf6-46b5-b95e-0677dfd39577} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (WeatherBlink) - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbar.dll (WeatherBlink)
O3 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\Toolbar\WebBrowser: (AOL Email Toolbar) - {A3704FA3-DBF6-46B5-B95E-0677DFD39577} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000..\Run: [HP Officejet 6700 (NET)] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: &AOL Email Toolbar Search - C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &AOL Email Toolbar Search - C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{620F6D51-8D26-4235-8E30-A36BF79508A3}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi for Dell\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\570\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\570\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall3.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/10 19:54:52 | 000,000,170 | ---- | M] () - G:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2075/09/21 06:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Desktop
[2075/01/13 21:30:59 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2075/01/13 21:30:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/02/01 17:01:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\j\Desktop\OTL.exe
[2013/02/01 16:59:44 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/02/01 16:58:43 | 000,000,000 | ---D | C] -- C:\Users\j\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/02/01 16:58:42 | 000,000,000 | ---D | C] -- C:\Users\j\Desktop\files
[2013/02/01 16:58:40 | 001,345,024 | ---- | C] (Indigo Rose Corporation) -- C:\Users\j\Desktop\uninstall.exe
[2013/02/01 16:58:40 | 000,000,000 | ---D | C] -- C:\Users\j\Desktop\Uninstall
[2013/01/23 15:15:29 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\j\Desktop\dds.scr
[2013/01/22 10:01:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/18 14:56:20 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/01/18 14:55:36 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2076/01/03 12:03:52 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Dave Lee- Bill for driveway.wps
[2075/09/21 06:48:32 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Grimm- Lackawaxen township Rate changes.wps
[2075/09/20 13:40:17 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Grimm-Dunkin Donuts.wps
[2075/09/20 13:40:02 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Rock Bottom- YMCA.wps
[2075/09/20 10:16:02 | 000,016,384 | ---- | M] () -- C:\Users\j\Documents\Guzzi- Moffit house.wps
[2075/09/16 11:16:33 | 000,016,384 | ---- | M] () -- C:\Users\j\Documents\Archbald ambulance.wps
[2075/09/15 14:51:11 | 000,001,699 | ---- | M] () -- C:\Users\j\Application Data\Microsoft\Internet Explorer\Quick Launch\Backup and Restore Center.lnk
[2075/09/14 10:52:47 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\KBA- Buras Cottage.wps
[2075/09/14 10:23:42 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\J.J Palumbo- 5th bill.wps
[2075/09/13 09:19:35 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Keystone college-Gym floor.wps
[2075/09/10 06:41:22 | 000,016,384 | ---- | M] () -- C:\Users\j\Documents\Grimm- Comfort inn.wps
[2075/09/09 09:22:14 | 000,016,384 | ---- | M] () -- C:\Users\j\Documents\Grimm- Cedar ave 629-631.wps
[2075/09/07 06:51:59 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Guzzi- Keystone College landscape bill.wps
[2075/09/07 06:49:41 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Grimm- Bill for chimney.wps
[2075/09/07 06:45:43 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Grimm- Bill for Susan.wps
[2075/09/07 06:36:03 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Keystone Community Resources- Bill for sanderson.wps
[2075/09/07 06:24:41 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Guzzi- Wind Turbine bill.wps
[2075/09/03 10:15:06 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Magnotta- Quardant.wps
[2075/08/27 15:31:48 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Atlantic Veal- Demaged wall.wps
[2075/08/16 11:09:11 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Sordoni- Bluestone bid.wps
[2075/08/13 08:53:41 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Keystone college- Davis Street bill.wps
[2075/08/11 10:35:14 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Keystone Community Resources- Bids Bryn Mar.wps
[2075/08/10 14:06:32 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Guzzi- Fountain project.wps
[2075/08/10 13:00:42 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\General Dynamics- new wall.wps
[2075/08/10 12:53:27 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Ed Reeves- Bill.wps
[2075/08/05 12:25:31 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Santarelli- Bill for store.wps
[2075/08/05 09:41:40 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Guzzi- Wind Turbine bid.wps
[2075/08/05 09:13:58 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Wallenpaupack-2010 jobs.wps
[2075/08/04 13:19:32 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Keystone college- Commons bill.wps
[2075/08/03 12:08:52 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Keystone Community Resources- Sanderson Ave bid.wps
[2075/08/03 12:08:27 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\K.wps
[2075/06/18 12:04:03 | 000,010,752 | ---- | M] () -- C:\Users\j\Documents\Guzzi Envolope.wps
[2075/06/18 11:55:29 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\U of scranton- wall between Lynett and casey hall.wps
[2075/05/16 14:46:24 | 000,010,752 | ---- | M] () -- C:\Users\j\Documents\Grimm- Keystone- Tewksbury Hall.wps
[2075/01/17 08:56:36 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Digg-it - Patch work at shop.wps
[2075/01/17 08:53:04 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Rock Bottom YMCA 2nd bill.wps
[2075/01/16 11:22:44 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Grimm- Trapper House.wps
[2013/02/01 17:01:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\j\Desktop\OTL.exe
[2013/02/01 17:00:53 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-VIRBITSKY-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
[2013/02/01 16:58:47 | 000,000,302 | ---- | M] () -- C:\Users\j\Desktop\Settings.ini
[2013/02/01 16:58:43 | 000,001,372 | ---- | M] () -- C:\Users\j\Desktop\Tweaking.com - Registry Backup.lnk
[2013/02/01 16:58:41 | 001,345,024 | ---- | M] (Indigo Rose Corporation) -- C:\Users\j\Desktop\uninstall.exe
[2013/02/01 16:58:41 | 000,325,960 | ---- | M] () -- C:\Users\j\Desktop\lua5.1.dll
[2013/02/01 16:56:56 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/02/01 16:56:56 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/02/01 16:56:56 | 000,104,202 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/01 16:45:49 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 16:45:46 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 16:45:37 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/01 16:45:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/01 16:45:21 | 4025,733,120 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/01 16:34:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/01 16:00:48 | 000,030,152 | ---- | M] () -- C:\Users\j\AppData\Roaming\wklnhst.dat
[2013/02/01 16:00:48 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\Quandel- Camp Archbald.wps
[2013/02/01 15:22:47 | 000,002,509 | ---- | M] () -- C:\Users\j\Desktop\Microsoft Works Word Processor.lnk
[2013/01/31 02:36:30 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/28 08:13:54 | 000,011,776 | ---- | M] () -- C:\Users\j\Documents\Siniawa- Bill for jermyn supply.wps
[2013/01/24 09:53:02 | 000,011,264 | ---- | M] () -- C:\Users\j\Documents\Quandel- Abington WWTP.wps
[2013/01/23 15:15:38 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\j\Desktop\dds.scr
[2013/01/23 09:48:31 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\Guzzi- Hale Trailer exterior concrete.wps
[2013/01/23 09:09:53 | 000,325,632 | ---- | M] () -- C:\Users\j\Documents\Fax Transmittal- VMI.wps
[2013/01/19 03:25:13 | 000,295,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/18 14:45:44 | 000,002,051 | ---- | M] () -- C:\Users\j\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/16 10:25:28 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\Magnotta- Valley Distributor loading dock.wps
[2013/01/11 13:12:04 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\Frankie Brennan- pool bill.wps
[2013/01/11 08:58:05 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\KBA- Medico residence.wps
[2013/01/07 19:44:16 | 001,638,400 | ---- | M] (Tweaking.com) -- C:\Users\j\Desktop\TweakingRegistryBackup.exe
[2013/01/07 13:19:25 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\Keystone College- Koelsch House steps.wps
[2013/01/07 13:16:18 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\Keystone College- Koelsch House Foundation repairs.wps
[2013/01/03 10:53:59 | 000,012,800 | ---- | M] () -- C:\Users\j\Documents\Mayfield Lions Club.wps
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2075/09/21 06:48:45 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Grimm- Sullivan County NY.wps
[2075/09/21 06:48:32 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Grimm- Lackawaxen township Rate changes.wps
[2075/09/20 13:40:17 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Grimm-Dunkin Donuts.wps
[2075/09/20 13:40:02 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Rock Bottom- YMCA.wps
[2075/09/16 10:14:25 | 000,016,384 | ---- | C] () -- C:\Users\j\Documents\Guzzi- Moffit house.wps
[2075/09/15 14:51:11 | 000,001,699 | ---- | C] () -- C:\Users\j\Application Data\Microsoft\Internet Explorer\Quick Launch\Backup and Restore Center.lnk
[2075/09/14 10:52:47 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\KBA- Buras Cottage.wps
[2075/09/14 10:23:42 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\J.J Palumbo- 5th bill.wps
[2075/09/13 09:19:35 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Keystone college-Gym floor.wps
[2075/09/10 06:41:22 | 000,016,384 | ---- | C] () -- C:\Users\j\Documents\Grimm- Comfort inn.wps
[2075/09/09 09:05:23 | 000,016,384 | ---- | C] () -- C:\Users\j\Documents\Grimm- Cedar ave 629-631.wps
[2075/09/08 12:52:58 | 000,016,384 | ---- | C] () -- C:\Users\j\Documents\Archbald ambulance.wps
[2075/09/07 10:45:08 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Grimm- Lackawaxen township.wps
[2075/09/07 06:49:41 | 000,017,920 | ---- | C] () -- C:\Users\j\Documents\Grimm- Bill for chimney.wps
[2075/09/07 06:45:43 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Grimm- Bill for Susan.wps
[2075/09/07 06:36:03 | 000,017,920 | ---- | C] () -- C:\Users\j\Documents\Keystone Community Resources- Bill for sanderson.wps
[2075/09/07 06:30:33 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Guzzi- Keystone College landscape bill.wps
[2075/09/07 06:24:41 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Guzzi- Wind Turbine bill.wps
[2075/09/03 10:15:06 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Magnotta- Quardant.wps
[2075/08/27 15:31:48 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Atlantic Veal- Demaged wall.wps
[2075/08/16 11:09:10 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Sordoni- Bluestone bid.wps
[2075/08/13 09:14:57 | 000,017,920 | ---- | C] () -- C:\Users\j\Documents\Grimm- White Mill.wps
[2075/08/13 08:53:41 | 000,017,920 | ---- | C] () -- C:\Users\j\Documents\Keystone college- Davis Street bill.wps
[2075/08/11 10:35:14 | 000,017,920 | ---- | C] () -- C:\Users\j\Documents\Keystone Community Resources- Bids Bryn Mar.wps
[2075/08/10 14:06:32 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Guzzi- Fountain project.wps
[2075/08/05 12:25:31 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Santarelli- Bill for store.wps
[2075/08/05 09:41:40 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Guzzi- Wind Turbine bid.wps
[2075/08/05 09:13:58 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Wallenpaupack-2010 jobs.wps
[2075/08/04 13:19:32 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Keystone college- Commons bill.wps
[2075/08/03 12:08:51 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\Keystone Community Resources- Sanderson Ave bid.wps
[2075/08/03 12:08:26 | 000,018,944 | ---- | C] () -- C:\Users\j\Documents\K.wps
[2075/06/18 12:04:03 | 000,010,752 | ---- | C] () -- C:\Users\j\Documents\Guzzi Envolope.wps
[2075/06/18 11:55:29 | 000,012,800 | ---- | C] () -- C:\Users\j\Documents\U of scranton- wall between Lynett and casey hall.wps
[2075/05/16 14:46:24 | 000,010,752 | ---- | C] () -- C:\Users\j\Documents\Grimm- Keystone- Tewksbury Hall.wps
[2075/05/16 14:43:36 | 000,010,752 | ---- | C] () -- C:\Users\j\Documents\Guzzi-Keystone -Tewksbury hall.wps
[2075/01/16 11:22:44 | 000,017,920 | ---- | C] () -- C:\Users\j\Documents\Grimm- Trapper House.wps
[2013/02/01 17:00:53 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-VIRBITSKY-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
[2013/02/01 16:58:43 | 000,001,372 | ---- | C] () -- C:\Users\j\Desktop\Tweaking.com - Registry Backup.lnk
[2013/02/01 16:58:41 | 000,325,960 | ---- | C] () -- C:\Users\j\Desktop\lua5.1.dll
[2013/02/01 16:00:48 | 000,012,800 | ---- | C] () -- C:\Users\j\Documents\Quandel- Camp Archbald.wps
[2013/01/28 08:13:54 | 000,011,776 | ---- | C] () -- C:\Users\j\Documents\Siniawa- Bill for jermyn supply.wps
[2013/01/24 09:53:02 | 000,011,264 | ---- | C] () -- C:\Users\j\Documents\Quandel- Abington WWTP.wps
[2013/01/23 09:48:31 | 000,012,800 | ---- | C] () -- C:\Users\j\Documents\Guzzi- Hale Trailer exterior concrete.wps
[2013/01/16 10:25:28 | 000,012,800 | ---- | C] () -- C:\Users\j\Documents\Magnotta- Valley Distributor loading dock.wps
[2013/01/11 13:12:04 | 000,012,800 | ---- | C] () -- C:\Users\j\Documents\Frankie Brennan- pool bill.wps
[2013/01/11 08:58:05 | 000,012,800 | ---- | C] () -- C:\Users\j\Documents\KBA- Medico residence.wps
[2013/01/07 13:19:25 | 000,012,800 | ---- | C] () -- C:\Users\j\Documents\Keystone College- Koelsch House steps.wps
[2013/01/07 13:16:18 | 000,012,800 | ---- | C] () -- C:\Users\j\Documents\Keystone College- Koelsch House Foundation repairs.wps
[2012/05/15 15:09:57 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/10/28 09:44:10 | 000,721,800 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/27 18:04:47 | 000,030,152 | ---- | C] () -- C:\Users\j\AppData\Roaming\wklnhst.dat
[2011/10/27 17:22:56 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\WinService.exe
[2011/10/27 16:34:31 | 000,000,732 | ---- | C] () -- C:\Users\j\AppData\Local\d3d9caps64.dat
[2011/09/30 10:20:08 | 000,186,604 | ---- | C] () -- C:\Windows\hpwins23.dat
[2010/06/07 14:14:40 | 000,007,916 | ---- | C] () -- C:\Users\j\AppData\Local\d3d9caps.dat
[2010/02/05 11:17:06 | 000,103,720 | ---- | C] () -- C:\Users\j\GoToAssistDownloadHelper.exe
[2009/08/17 12:39:55 | 000,000,351 | ---- | C] () -- C:\Users\j\AppData\Local\NWUserDefault.ini
[2009/08/14 07:32:25 | 000,027,136 | ---- | C] () -- C:\Users\j\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 12:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2009/08/19 13:47:09 | 000,000,000 | ---D | M] -- C:\Users\j\AppData\Roaming\5600-6600 Series
[2010/12/01 07:15:46 | 000,000,000 | ---D | M] -- C:\Users\j\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/03/02 14:50:48 | 000,000,000 | ---D | M] -- C:\Users\j\AppData\Roaming\FileMaker
[2012/03/28 13:16:17 | 000,000,000 | ---D | M] -- C:\Users\j\AppData\Roaming\GARMIN
[2011/11/02 15:40:30 | 000,000,000 | ---D | M] -- C:\Users\j\AppData\Roaming\TeamViewer
[2012/05/01 09:53:50 | 000,000,000 | ---D | M] -- C:\Users\j\AppData\Roaming\Template
[2012/02/24 13:52:45 | 000,000,000 | ---D | M] -- C:\Users\j\AppData\Roaming\Vu360
[2009/09/21 07:39:11 | 000,000,000 | ---D | M] -- C:\Users\j\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >



OTL Extras logfile created on: 2/1/2013 5:03:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\j\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 53.90% Memory free
7.72 Gb Paging File | 5.82 Gb Available in Paging File | 75.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 192.39 Gb Free Space | 67.89% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 0.00 Gb Free Space | 0.02% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 443.06 Gb Free Space | 47.56% Space Free | Partition Type: NTFS

Computer Name: VIRBITSKY | User Name: j | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 6D EE C2 12 66 95 CC 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3994122028-4133472215-4079814351-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05B5DE34-502B-49D2-9F9A-D1DA45C11A11}" = rport=445 | protocol=6 | dir=out | app=system |
"{2D221C27-D5C6-49B1-B516-6F90AB7CC3D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{3C90AAE1-7C84-4764-B9C6-1143206BDA20}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4B52EF8F-3117-4675-B273-843CBC995EBC}" = rport=137 | protocol=17 | dir=out | app=system |
"{85A6F8CB-022E-43BA-9784-9474E1AB727B}" = lport=445 | protocol=6 | dir=in | app=system |
"{86EC1A24-92BF-4B2C-AD33-9531201F40BA}" = lport=139 | protocol=6 | dir=in | app=system |
"{BFAE7C42-6525-42CE-9513-1FFDAF33AABF}" = rport=139 | protocol=6 | dir=out | app=system |
"{CCD5CC3A-3E8C-454A-AC16-885D0AB06C65}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{CF395424-7E02-4971-B7B6-0E4077ECC664}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CFB68D5D-E12C-4B4E-84E1-996C36F88A3A}" = rport=138 | protocol=17 | dir=out | app=system |
"{E394E478-E06C-44F2-9460-1D2610B1C128}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E41D517E-1445-463C-975E-A0831989782C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F120FDDB-C364-4E4D-AE63-471ABE8D6310}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045F9179-E282-440B-A18A-CD7B6E3F2735}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{05257724-FF03-4541-803F-A91CD9E45908}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe |
"{0E5D7E86-C69A-4B54-863A-A1F649DF71D9}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{0E79FE11-65D0-4FD2-B2C2-75D605B268B2}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\devicesetup.exe |
"{1A77D2C3-8367-4D99-8505-E3E0632CB77B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{24585209-E83F-4B1E-8A1D-C7801D152298}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{261D2B0B-BFC8-467A-BB5D-27090151628D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3284B35D-75E6-4E28-B410-DCFC14EC9B1C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3BF078DD-1A4F-4B29-99D1-BE0D594FA169}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{56CEE99C-E5E4-497C-9E6E-AB343C7BCC0C}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxduamon.exe |
"{598DA3A6-13F3-4FD0-93B5-93733F669FCD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{59BA9386-0B44-4E91-B70A-8924D1F5109B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{61345DD8-0D44-4AA5-81BF-913C6B048581}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6AE9164C-F1D2-4CCA-8D87-02F825D6957C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{76E55253-FABD-4764-94E3-958BDE804A08}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8E0CEECC-D8A9-4C95-9842-5A55125CC10F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8EC711B5-FC49-445F-BA3D-3A408BE60F65}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{A4F58CDA-36F5-4A92-8639-C155F1742E17}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxdufax.exe |
"{A9A5D65A-4D23-43C4-B511-BBCFE0359583}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxdufax.exe |
"{B632F9F0-1E24-4E8A-9859-CEBA078758F1}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{C22A62EB-2721-4DBF-8B60-C9A86DAE4C3B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C738ADDE-C2A1-4D65-9580-8548330BD740}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{CB2DDBE8-6E6E-415C-980D-ABA21CC9144C}" = dir=in | app=e:\setup\hpznui40.exe |
"{CF190082-A99C-4D05-972C-1F4A87B0B101}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{D15D5801-A91E-47EE-AA45-14032AD62D2E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{D50D9C55-2043-4238-A671-B5FE20B0E2F5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{D7AC92F9-B92C-49F4-A2E2-43356D3FC29F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D7BD5239-9BDE-4BF2-8DC4-75A541BC2B00}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{DDF95D82-CC8F-4AE5-8D2A-7E4E8E885C88}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E8F544C2-B823-447E-863A-06D67BEDBF63}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EE3D3C46-1CE9-4651-ABF5-41C17ED5CED1}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\frun.exe |
"{EFB22F24-860E-47F4-9A06-BB3407A519F2}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\frun.exe |
"{F5E4803F-0C88-4208-AADF-315D4E06EFC0}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{FB74CDB9-E1D7-4E6C-972C-CD746FDB0A98}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxduamon.exe |
"{FCAEF5B1-6F29-4D96-A059-4917CEA19D65}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AACE096-CF1C-4FCE-BB60-6F3F914006C9}" = HP Officejet 6700 Product Improvement Study
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{68451E5C-0A9C-4D5C-8D06-6E296242E908}" = 64 Bit HP CIO Components Installer
"{6AE1CCC4-E49F-4107-BBCA-7B5984F47AE1}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8F2ED8DE-85EA-4CF2-99E2-5BFCA8103363}" = DellTouchUI_Setup
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C0CA6788-386E-4BE1-B214-629E746A5302}" = HP Officejet 6700 Basic Device Software
"{C4C13E99-C7DE-4D2D-B79B-A0FAA78016F7}" = FastAccess
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F9F83347-8BAA-4651-9D58-BF14F1567A06}" = NextWindow GSA
"{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Dell TouchCam
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{4102037D-E8E0-48E0-B203-E521D194FB71}" = NETGEAR WG111v2 wireless USB 2.0 adapter
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50DA41E2-0701-43E2-A8BB-FAA0CB64B28B}" = HP Officejet 6700 Help
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76CB3301-6463-4D01-8BE2-A3C99692EB31}" = OSD
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C2FF879-37C5-4E19-A2AC-D2D81D1CBA71}" = Application for Payment v7.8.5
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{9262B08F-E183-4FED-A2BD-23FF1A84EB67}" = HPDiagnosticCoreDll
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{A159CF71-A54F-488B-8FC9-7C05F73E8FBC}" = Dell System Tour
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{D0FA2562-DB42-4406-97D0-4B1106A75DBB}" = Dell Touch Zone
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DB3A8AA8-4B1C-435D-AEBC-7F755284C30D}" = Cozi
"{DE13432E-F0C1-4842-A5BA-CC997DA72A70}" = 6500_E709_eDocs
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{EBCCF540-4847-11DF-92B6-005056806466}" = Google Earth Pro
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"alotToolbar" = ALOT Toolbar
"AOL Email Toolbar" = AOL Email Toolbar
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Video Chat" = Dell Video Chat
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist Corporate
"GPL Ghostscript 8.54" = GPL Ghostscript 8.54
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Dell TouchCam
"InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PEM Software Systems, Inc" = PEM Software Systems, Inc
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"TeamViewer 4" = TeamViewer 4
"Tweaking.com - Registry Backup" = Tweaking.com - Registry Backup
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/31/1969 8:00:34 PM | Computer Name = virbitsky | Source = Application Error | ID = 1000
Description = Faulting application HPWUCli.exe, version 5.0.14.0, time stamp 0x4dae134e,
faulting module FWUpdateEDO.dll, version 100.0.1.0, time stamp 0x49011fd3, exception
code 0xc000000d, fault offset 0x0001b18e, process id 0x3ff0, application start time
0x19e4271da6665498.

Error - 12/31/1969 8:00:34 PM | Computer Name = virbitsky | Source = Application Error | ID = 1000
Description = Faulting application WksWP.exe, version 9.7.613.0, time stamp 0x466fad27,
faulting module MSVCR80.dll, version 8.0.50727.6195, time stamp 0x4dcddbf3, exception
code 0xc000000d, fault offset 0x00051f1c, process id 0x4390, application start time
0x19e4271df3fc2598.

Error - 1/15/2013 4:00:23 PM | Computer Name = virbitsky | Source = Windows Backup | ID = 4104
Description =

Error - 1/17/2013 12:13:43 PM | Computer Name = virbitsky | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 9.0.8112.16457, time stamp
0x50a2f9e3, faulting module aolmailtb.dll, version 5.22.20.2, time stamp 0x4a00832f,
exception code 0xc0000005, fault offset 0x0009409e, process id 0x4960, application
start time 0x01cdf4cd9e89afc8.

Error - 1/18/2013 3:46:32 PM | Computer Name = virbitsky | Source = WinMgmt | ID = 10
Description =

Error - 1/19/2013 4:26:13 AM | Computer Name = virbitsky | Source = WinMgmt | ID = 10
Description =

Error - 1/20/2013 8:02:29 PM | Computer Name = virbitsky | Source = Windows Backup | ID = 4104
Description =

Error - 1/23/2013 3:16:39 PM | Computer Name = virbitsky | Source = WinMgmt | ID = 10
Description =

Error - 1/27/2013 8:02:27 PM | Computer Name = virbitsky | Source = Windows Backup | ID = 4104
Description =

Error - 2/1/2013 5:47:00 PM | Computer Name = virbitsky | Source = WinMgmt | ID = 10
Description =


Error encountered while reading event logs.

< End of report >
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm

Re: Low disk space, Computer running slow.

Unread postby virbitsky » February 1st, 2013, 6:22 pm

17:16:42.0300 5944 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:16:42.0753 5944 ============================================================
17:16:42.0753 5944 Current date / time: 2013/02/01 17:16:42.0753
17:16:42.0753 5944 SystemInfo:
17:16:42.0753 5944
17:16:42.0753 5944 OS Version: 6.0.6002 ServicePack: 2.0
17:16:42.0753 5944 Product type: Workstation
17:16:42.0753 5944 ComputerName: VIRBITSKY
17:16:42.0753 5944 UserName: j
17:16:42.0753 5944 Windows directory: C:\Windows
17:16:42.0753 5944 System windows directory: C:\Windows
17:16:42.0753 5944 Running under WOW64
17:16:42.0753 5944 Processor architecture: Intel x64
17:16:42.0753 5944 Number of processors: 2
17:16:42.0753 5944 Page size: 0x1000
17:16:42.0753 5944 Boot type: Normal boot
17:16:42.0753 5944 ============================================================
17:16:43.0533 5944 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:16:43.0533 5944 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:16:43.0533 5944 ============================================================
17:16:43.0533 5944 \Device\Harddisk0\DR0:
17:16:43.0548 5944 MBR partitions:
17:16:43.0548 5944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
17:16:43.0548 5944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
17:16:43.0548 5944 \Device\Harddisk2\DR2:
17:16:43.0548 5944 MBR partitions:
17:16:43.0548 5944 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:16:43.0548 5944 ============================================================
17:16:43.0580 5944 C: <-> \Device\Harddisk0\DR0\Partition2
17:16:43.0611 5944 D: <-> \Device\Harddisk0\DR0\Partition1
17:16:54.0562 5944 G: <-> \Device\Harddisk2\DR2\Partition1
17:16:54.0562 5944 ============================================================
17:16:54.0562 5944 Initialize success
17:16:54.0562 5944 ============================================================
17:16:59.0133 4580 ============================================================
17:16:59.0133 4580 Scan started
17:16:59.0133 4580 Mode: Manual;
17:16:59.0133 4580 ============================================================
17:16:59.0508 4580 ================ Scan system memory ========================
17:16:59.0508 4580 System memory - ok
17:16:59.0508 4580 ================ Scan services =============================
17:16:59.0679 4580 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:16:59.0695 4580 ACPI - ok
17:16:59.0835 4580 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:16:59.0835 4580 AdobeARMservice - ok
17:16:59.0913 4580 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:16:59.0913 4580 adp94xx - ok
17:16:59.0944 4580 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:16:59.0944 4580 adpahci - ok
17:16:59.0960 4580 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:16:59.0976 4580 adpu160m - ok
17:16:59.0991 4580 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:16:59.0991 4580 adpu320 - ok
17:17:00.0038 4580 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:17:00.0038 4580 AeLookupSvc - ok
17:17:00.0100 4580 [ 7394641611EF3AB2D041F104F1E8C1B9 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
17:17:00.0100 4580 AERTFilters - ok
17:17:00.0210 4580 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
17:17:00.0210 4580 AFD - ok
17:17:00.0225 4580 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:17:00.0241 4580 agp440 - ok
17:17:00.0256 4580 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:17:00.0256 4580 aic78xx - ok
17:17:00.0272 4580 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
17:17:00.0272 4580 ALG - ok
17:17:00.0288 4580 [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide C:\Windows\system32\drivers\aliide.sys
17:17:00.0288 4580 aliide - ok
17:17:00.0303 4580 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
17:17:00.0303 4580 amdide - ok
17:17:00.0319 4580 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:17:00.0319 4580 AmdK8 - ok
17:17:00.0334 4580 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
17:17:00.0334 4580 Appinfo - ok
17:17:00.0459 4580 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:17:00.0459 4580 Apple Mobile Device - ok
17:17:00.0475 4580 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
17:17:00.0475 4580 arc - ok
17:17:00.0490 4580 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:17:00.0490 4580 arcsas - ok
17:17:00.0537 4580 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:17:00.0537 4580 AsyncMac - ok
17:17:00.0584 4580 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
17:17:00.0584 4580 atapi - ok
17:17:00.0678 4580 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:17:00.0678 4580 AudioEndpointBuilder - ok
17:17:00.0693 4580 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:17:00.0693 4580 AudioSrv - ok
17:17:00.0724 4580 [ E9517E50E773849AEE7C2AC9BEFE5090 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:17:00.0724 4580 b57nd60a - ok
17:17:00.0787 4580 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:17:00.0787 4580 BBSvc - ok
17:17:00.0880 4580 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:17:00.0880 4580 BBUpdate - ok
17:17:01.0036 4580 [ D32F962B71FEE6BDAAEE630BB2C17280 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:17:01.0068 4580 BCM43XX - ok
17:17:01.0146 4580 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
17:17:01.0161 4580 BFE - ok
17:17:01.0224 4580 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
17:17:01.0255 4580 BITS - ok
17:17:01.0286 4580 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:17:01.0286 4580 blbdrive - ok
17:17:01.0348 4580 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:17:01.0348 4580 Bonjour Service - ok
17:17:01.0411 4580 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:17:01.0426 4580 bowser - ok
17:17:01.0458 4580 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:17:01.0458 4580 BrFiltLo - ok
17:17:01.0473 4580 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:17:01.0473 4580 BrFiltUp - ok
17:17:01.0520 4580 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
17:17:01.0520 4580 Browser - ok
17:17:01.0551 4580 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
17:17:01.0551 4580 Brserid - ok
17:17:01.0551 4580 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:17:01.0567 4580 BrSerWdm - ok
17:17:01.0582 4580 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:17:01.0582 4580 BrUsbMdm - ok
17:17:01.0598 4580 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:17:01.0598 4580 BrUsbSer - ok
17:17:01.0598 4580 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:17:01.0598 4580 BTHMODEM - ok
17:17:01.0629 4580 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:17:01.0629 4580 cdfs - ok
17:17:01.0692 4580 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:17:01.0692 4580 cdrom - ok
17:17:01.0801 4580 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
17:17:01.0801 4580 CertPropSvc - ok
17:17:01.0832 4580 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
17:17:01.0832 4580 circlass - ok
17:17:01.0894 4580 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
17:17:01.0910 4580 CLFS - ok
17:17:01.0972 4580 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:17:01.0972 4580 clr_optimization_v2.0.50727_32 - ok
17:17:02.0004 4580 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:17:02.0004 4580 clr_optimization_v2.0.50727_64 - ok
17:17:02.0082 4580 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:17:02.0082 4580 clr_optimization_v4.0.30319_32 - ok
17:17:02.0128 4580 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:17:02.0128 4580 clr_optimization_v4.0.30319_64 - ok
17:17:02.0160 4580 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:17:02.0160 4580 cmdide - ok
17:17:02.0175 4580 [ 34A6AA82AA36C87FC8816F2097EFA345 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:17:02.0175 4580 Compbatt - ok
17:17:02.0175 4580 COMSysApp - ok
17:17:02.0238 4580 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:17:02.0238 4580 crcdisk - ok
17:17:02.0284 4580 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:17:02.0284 4580 CryptSvc - ok
17:17:02.0362 4580 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:17:02.0378 4580 DcomLaunch - ok
17:17:02.0440 4580 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:17:02.0440 4580 DfsC - ok
17:17:02.0596 4580 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
17:17:02.0674 4580 DFSR - ok
17:17:02.0752 4580 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:17:02.0752 4580 Dhcp - ok
17:17:02.0784 4580 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
17:17:02.0784 4580 disk - ok
17:17:02.0846 4580 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:17:02.0846 4580 Dnscache - ok
17:17:02.0893 4580 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
17:17:02.0893 4580 dot3svc - ok
17:17:02.0940 4580 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:17:02.0940 4580 Dot4 - ok
17:17:02.0971 4580 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:17:02.0971 4580 Dot4Print - ok
17:17:02.0986 4580 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:17:02.0986 4580 dot4usb - ok
17:17:03.0033 4580 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
17:17:03.0033 4580 DPS - ok
17:17:03.0064 4580 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:17:03.0064 4580 drmkaud - ok
17:17:03.0174 4580 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:17:03.0189 4580 DXGKrnl - ok
17:17:03.0252 4580 [ 17D40652EF3E55EEAE187A89DF40965A ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
17:17:03.0252 4580 e1express - ok
17:17:03.0267 4580 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
17:17:03.0267 4580 E1G60 - ok
17:17:03.0298 4580 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
17:17:03.0298 4580 EapHost - ok
17:17:03.0376 4580 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
17:17:03.0392 4580 Ecache - ok
17:17:03.0439 4580 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:17:03.0439 4580 ehRecvr - ok
17:17:03.0454 4580 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
17:17:03.0454 4580 ehSched - ok
17:17:03.0470 4580 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
17:17:03.0470 4580 ehstart - ok
17:17:03.0517 4580 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:17:03.0517 4580 elxstor - ok
17:17:03.0579 4580 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:17:03.0751 4580 EMDMgmt - ok
17:17:03.0782 4580 [ 991FAB6AA066E1214EFB5B496FB7959A ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:17:03.0782 4580 ErrDev - ok
17:17:03.0860 4580 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
17:17:03.0860 4580 EventSystem - ok
17:17:03.0938 4580 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
17:17:03.0938 4580 exfat - ok
17:17:04.0000 4580 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys
17:17:04.0000 4580 FACAP - ok
17:17:04.0125 4580 [ 819A21C36FE78B95ED0FB0828AA4299A ] FAService C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
17:17:04.0141 4580 FAService - ok
17:17:04.0172 4580 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:17:04.0172 4580 fastfat - ok
17:17:04.0203 4580 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:17:04.0203 4580 fdc - ok
17:17:04.0234 4580 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
17:17:04.0234 4580 fdPHost - ok
17:17:04.0250 4580 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
17:17:04.0250 4580 FDResPub - ok
17:17:04.0266 4580 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:17:04.0281 4580 FileInfo - ok
17:17:04.0297 4580 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:17:04.0297 4580 Filetrace - ok
17:17:04.0312 4580 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:17:04.0328 4580 flpydisk - ok
17:17:04.0344 4580 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:17:04.0359 4580 FltMgr - ok
17:17:04.0546 4580 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
17:17:04.0562 4580 FontCache - ok
17:17:04.0640 4580 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:17:04.0640 4580 FontCache3.0.0.0 - ok
17:17:04.0718 4580 [ 89E7F428762ECA1D411BD1524B6846DF ] FOXOSDService C:\Program Files (x86)\DELL\OSD\OSDSvr.exe
17:17:04.0718 4580 FOXOSDService - ok
17:17:04.0780 4580 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:17:04.0780 4580 Fs_Rec - ok
17:17:04.0780 4580 [ 0E0292AB71267C1E3A71A9E43DAB92E1 ] FXOSDDRV C:\Windows\system32\DRIVERS\FxOSDdrv64.sys
17:17:04.0780 4580 FXOSDDRV - ok
17:17:04.0812 4580 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:17:04.0827 4580 gagp30kx - ok
17:17:04.0905 4580 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:17:04.0905 4580 GEARAspiWDM - ok
17:17:05.0061 4580 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
17:17:05.0061 4580 GoogleDesktopManager-051210-111108 - ok
17:17:05.0217 4580 [ 5CC2B1D06AC1962AF5FBBCF88D781DD8 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\570\g2aservice.exe
17:17:05.0217 4580 GoToAssist - ok
17:17:05.0311 4580 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
17:17:05.0311 4580 gpsvc - ok
17:17:05.0467 4580 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:17:05.0467 4580 gupdate - ok
17:17:05.0482 4580 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:17:05.0482 4580 gupdatem - ok
17:17:05.0592 4580 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:17:05.0623 4580 HDAudBus - ok
17:17:05.0638 4580 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:17:05.0654 4580 HidBth - ok
17:17:05.0670 4580 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:17:05.0670 4580 HidIr - ok
17:17:05.0732 4580 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
17:17:05.0732 4580 hidserv - ok
17:17:05.0794 4580 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:17:05.0794 4580 HidUsb - ok
17:17:05.0919 4580 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
17:17:05.0919 4580 hkmsvc - ok
17:17:05.0950 4580 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:17:05.0950 4580 HpCISSs - ok
17:17:06.0091 4580 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:17:06.0091 4580 hpqcxs08 - ok
17:17:06.0138 4580 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:17:06.0153 4580 hpqddsvc - ok
17:17:06.0200 4580 [ 298A6890A7AC415DABB35047D168F13B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:17:06.0216 4580 HPSLPSVC - ok
17:17:06.0294 4580 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:17:06.0294 4580 HTTP - ok
17:17:06.0325 4580 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:17:06.0325 4580 i2omp - ok
17:17:06.0340 4580 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:17:06.0356 4580 i8042prt - ok
17:17:06.0372 4580 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:17:06.0372 4580 iaStorV - ok
17:17:06.0481 4580 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:17:06.0496 4580 idsvc - ok
17:17:06.0528 4580 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:17:06.0528 4580 iirsp - ok
17:17:06.0590 4580 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
17:17:06.0590 4580 IKEEXT - ok
17:17:06.0637 4580 [ 49A1C3833AF724B2555C0689347DCD05 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:17:06.0668 4580 IntcAzAudAddService - ok
17:17:06.0684 4580 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
17:17:06.0684 4580 intelide - ok
17:17:06.0699 4580 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:17:06.0699 4580 intelppm - ok
17:17:06.0730 4580 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:17:06.0730 4580 IPBusEnum - ok
17:17:06.0793 4580 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:17:06.0793 4580 IpFilterDriver - ok
17:17:06.0855 4580 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:17:06.0855 4580 iphlpsvc - ok
17:17:06.0871 4580 IpInIp - ok
17:17:06.0886 4580 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:17:06.0902 4580 IPMIDRV - ok
17:17:06.0902 4580 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:17:06.0918 4580 IPNAT - ok
17:17:07.0011 4580 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:17:07.0027 4580 iPod Service - ok
17:17:07.0058 4580 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:17:07.0058 4580 IRENUM - ok
17:17:07.0089 4580 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:17:07.0089 4580 isapnp - ok
17:17:07.0183 4580 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:17:07.0183 4580 iScsiPrt - ok
17:17:07.0198 4580 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:17:07.0198 4580 iteatapi - ok
17:17:07.0214 4580 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:17:07.0230 4580 iteraid - ok
17:17:07.0245 4580 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:17:07.0245 4580 kbdclass - ok
17:17:07.0261 4580 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:17:07.0261 4580 kbdhid - ok
17:17:07.0292 4580 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
17:17:07.0292 4580 KeyIso - ok
17:17:07.0386 4580 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:17:07.0386 4580 KSecDD - ok
17:17:07.0386 4580 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:17:07.0386 4580 ksthunk - ok
17:17:07.0464 4580 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
17:17:07.0464 4580 KtmRm - ok
17:17:07.0542 4580 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:17:07.0542 4580 LanmanServer - ok
17:17:07.0588 4580 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:17:07.0588 4580 LanmanWorkstation - ok
17:17:07.0604 4580 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:17:07.0604 4580 lltdio - ok
17:17:07.0635 4580 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:17:07.0651 4580 lltdsvc - ok
17:17:07.0666 4580 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:17:07.0666 4580 lmhosts - ok
17:17:07.0713 4580 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:17:07.0713 4580 LSI_FC - ok
17:17:07.0729 4580 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:17:07.0729 4580 LSI_SAS - ok
17:17:07.0760 4580 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:17:07.0760 4580 LSI_SCSI - ok
17:17:07.0776 4580 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
17:17:07.0776 4580 luafv - ok
17:17:07.0776 4580 lxdu_device - ok
17:17:07.0791 4580 McShield - ok
17:17:07.0807 4580 McSysmon - ok
17:17:07.0869 4580 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:17:07.0885 4580 Mcx2Svc - ok
17:17:07.0916 4580 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
17:17:07.0916 4580 megasas - ok
17:17:07.0994 4580 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:17:07.0994 4580 MegaSR - ok
17:17:08.0010 4580 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
17:17:08.0025 4580 MMCSS - ok
17:17:08.0041 4580 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
17:17:08.0041 4580 Modem - ok
17:17:08.0056 4580 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:17:08.0056 4580 monitor - ok
17:17:08.0088 4580 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:17:08.0088 4580 mouclass - ok
17:17:08.0103 4580 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:17:08.0103 4580 mouhid - ok
17:17:08.0119 4580 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:17:08.0119 4580 MountMgr - ok
17:17:08.0181 4580 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:17:08.0181 4580 MozillaMaintenance - ok
17:17:08.0212 4580 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:17:08.0228 4580 MpFilter - ok
17:17:08.0259 4580 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
17:17:08.0259 4580 mpio - ok
17:17:08.0275 4580 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:17:08.0290 4580 mpsdrv - ok
17:17:08.0353 4580 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
17:17:08.0353 4580 MpsSvc - ok
17:17:08.0368 4580 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:17:08.0368 4580 Mraid35x - ok
17:17:08.0400 4580 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:17:08.0400 4580 MRxDAV - ok
17:17:08.0478 4580 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:17:08.0478 4580 mrxsmb - ok
17:17:08.0540 4580 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:17:08.0556 4580 mrxsmb10 - ok
17:17:08.0556 4580 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:17:08.0571 4580 mrxsmb20 - ok
17:17:08.0587 4580 [ 730B784962D22D2C6481EAE2370E7C8C ] msahci C:\Windows\system32\drivers\msahci.sys
17:17:08.0587 4580 msahci - ok
17:17:08.0602 4580 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:17:08.0618 4580 msdsm - ok
17:17:08.0618 4580 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
17:17:08.0618 4580 MSDTC - ok
17:17:08.0649 4580 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:17:08.0649 4580 Msfs - ok
17:17:08.0665 4580 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:17:08.0665 4580 msisadrv - ok
17:17:08.0696 4580 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:17:08.0696 4580 MSiSCSI - ok
17:17:08.0712 4580 msiserver - ok
17:17:08.0727 4580 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:17:08.0743 4580 MSKSSRV - ok
17:17:08.0774 4580 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:17:08.0774 4580 MsMpSvc - ok
17:17:08.0821 4580 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:17:08.0821 4580 MSPCLOCK - ok
17:17:08.0836 4580 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:17:08.0836 4580 MSPQM - ok
17:17:08.0914 4580 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:17:08.0914 4580 MsRPC - ok
17:17:08.0930 4580 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:17:08.0930 4580 mssmbios - ok
17:17:08.0961 4580 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:17:08.0961 4580 MSTEE - ok
17:17:08.0977 4580 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
17:17:08.0992 4580 Mup - ok
17:17:09.0055 4580 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
17:17:09.0055 4580 napagent - ok
17:17:09.0133 4580 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:17:09.0133 4580 NativeWifiP - ok
17:17:09.0258 4580 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:17:09.0273 4580 NDIS - ok
17:17:09.0320 4580 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:17:09.0320 4580 NdisTapi - ok
17:17:09.0351 4580 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:17:09.0351 4580 Ndisuio - ok
17:17:09.0367 4580 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:17:09.0367 4580 NdisWan - ok
17:17:09.0382 4580 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:17:09.0382 4580 NDProxy - ok
17:17:09.0414 4580 [ BD94210175C488F18ADD3E189EE9304C ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:17:09.0414 4580 Net Driver HPZ12 - ok
17:17:09.0429 4580 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:17:09.0445 4580 NetBIOS - ok
17:17:09.0507 4580 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:17:09.0507 4580 netbt - ok
17:17:09.0523 4580 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
17:17:09.0523 4580 Netlogon - ok
17:17:09.0554 4580 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
17:17:09.0570 4580 Netman - ok
17:17:09.0585 4580 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
17:17:09.0585 4580 netprofm - ok
17:17:09.0601 4580 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:17:09.0601 4580 NetTcpPortSharing - ok
17:17:09.0632 4580 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:17:09.0632 4580 nfrd960 - ok
17:17:09.0663 4580 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:17:09.0663 4580 NisDrv - ok
17:17:09.0710 4580 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:17:09.0710 4580 NisSrv - ok
17:17:09.0726 4580 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
17:17:09.0726 4580 NlaSvc - ok
17:17:09.0788 4580 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:17:09.0788 4580 Npfs - ok
17:17:09.0819 4580 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
17:17:09.0819 4580 nsi - ok
17:17:09.0835 4580 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:17:09.0835 4580 nsiproxy - ok
17:17:09.0913 4580 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:17:09.0944 4580 Ntfs - ok
17:17:09.0960 4580 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
17:17:09.0960 4580 Null - ok
17:17:09.0991 4580 [ 2B0885148F27B49365D3AD489F7D7B70 ] nvamacpi C:\Windows\system32\DRIVERS\NVAMACPI.sys
17:17:09.0991 4580 nvamacpi - ok
17:17:10.0365 4580 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:17:10.0599 4580 nvlddmkm - ok
17:17:10.0662 4580 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:17:10.0662 4580 nvraid - ok
17:17:10.0693 4580 [ A3AC469AD99AC3FD63AFCCFC29A90FA9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
17:17:10.0693 4580 nvsmu - ok
17:17:10.0724 4580 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:17:10.0724 4580 nvstor - ok
17:17:10.0755 4580 [ 581286807B5832503FD700A3217B589F ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
17:17:10.0755 4580 nvstor64 - ok
17:17:10.0833 4580 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
17:17:10.0849 4580 nvsvc - ok
17:17:11.0067 4580 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:17:11.0083 4580 nvUpdatusService - ok
17:17:11.0177 4580 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:17:11.0177 4580 nv_agp - ok
17:17:11.0192 4580 NwlnkFlt - ok
17:17:11.0192 4580 NwlnkFwd - ok
17:17:11.0223 4580 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:17:11.0223 4580 ohci1394 - ok
17:17:11.0333 4580 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:17:11.0348 4580 p2pimsvc - ok
17:17:11.0348 4580 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
17:17:11.0364 4580 p2psvc - ok
17:17:11.0426 4580 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
17:17:11.0442 4580 Parport - ok
17:17:11.0504 4580 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:17:11.0504 4580 partmgr - ok
17:17:11.0535 4580 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
17:17:11.0535 4580 PcaSvc - ok
17:17:11.0754 4580 [ 58C1CD52347C4835DC3606CD4723F426 ] PCD5SRVC{048DBD20-445E8C82-05040104} C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms
17:17:11.0816 4580 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
17:17:11.0894 4580 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
17:17:11.0894 4580 pci - ok
17:17:11.0925 4580 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
17:17:11.0925 4580 pciide - ok
17:17:11.0941 4580 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:17:11.0941 4580 pcmcia - ok
17:17:11.0972 4580 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:17:11.0988 4580 PEAUTH - ok
17:17:12.0066 4580 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:17:12.0081 4580 PerfHost - ok
17:17:12.0191 4580 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
17:17:12.0222 4580 pla - ok
17:17:12.0284 4580 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:17:12.0284 4580 PlugPlay - ok
17:17:12.0315 4580 [ 7FE2AFB17D91CF39843D6766EA31CFC7 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:17:12.0315 4580 Pml Driver HPZ12 - ok
17:17:12.0347 4580 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:17:12.0347 4580 PNRPAutoReg - ok
17:17:12.0362 4580 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:17:12.0378 4580 PNRPsvc - ok
17:17:12.0456 4580 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:17:12.0456 4580 PolicyAgent - ok
17:17:12.0518 4580 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:17:12.0518 4580 PptpMiniport - ok
17:17:12.0534 4580 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
17:17:12.0549 4580 Processor - ok
17:17:12.0596 4580 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
17:17:12.0612 4580 ProfSvc - ok
17:17:12.0659 4580 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
17:17:12.0674 4580 ProtectedStorage - ok
17:17:12.0705 4580 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:17:12.0705 4580 PSched - ok
17:17:12.0768 4580 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:17:12.0768 4580 PxHlpa64 - ok
17:17:12.0893 4580 [ 65D9E440F351EF710F5598DDF9612F19 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
17:17:12.0893 4580 QBCFMonitorService - ok
17:17:13.0002 4580 [ 2241EAF40E472C471CB80CF6B97CCA11 ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
17:17:13.0002 4580 QBFCService - ok
17:17:13.0049 4580 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:17:13.0064 4580 ql2300 - ok
17:17:13.0095 4580 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:17:13.0095 4580 ql40xx - ok
17:17:13.0142 4580 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
17:17:13.0142 4580 QWAVE - ok
17:17:13.0158 4580 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:17:13.0158 4580 QWAVEdrv - ok
17:17:13.0267 4580 [ 2A09A6B271D1F50ADF5E33B37D460DE6 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
17:17:13.0298 4580 R300 - ok
17:17:13.0329 4580 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:17:13.0329 4580 RasAcd - ok
17:17:13.0345 4580 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
17:17:13.0345 4580 RasAuto - ok
17:17:13.0407 4580 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:17:13.0407 4580 Rasl2tp - ok
17:17:13.0439 4580 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
17:17:13.0454 4580 RasMan - ok
17:17:13.0501 4580 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:17:13.0517 4580 RasPppoe - ok
17:17:13.0563 4580 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:17:13.0579 4580 RasSstp - ok
17:17:13.0610 4580 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:17:13.0610 4580 rdbss - ok
17:17:13.0657 4580 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:17:13.0657 4580 RDPCDD - ok
17:17:13.0735 4580 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:17:13.0751 4580 rdpdr - ok
17:17:13.0751 4580 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:17:13.0751 4580 RDPENCDD - ok
17:17:13.0797 4580 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:17:13.0797 4580 RDPWD - ok
17:17:13.0829 4580 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:17:13.0829 4580 RemoteAccess - ok
17:17:13.0891 4580 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:17:13.0907 4580 RemoteRegistry - ok
17:17:13.0922 4580 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
17:17:13.0922 4580 RpcLocator - ok
17:17:13.0985 4580 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
17:17:13.0985 4580 RpcSs - ok
17:17:14.0016 4580 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:17:14.0016 4580 rspndr - ok
17:17:14.0110 4580 [ A48B769DEC76629BD1A021D33C257B17 ] RTL8187 C:\Windows\system32\DRIVERS\wg111v2.sys
17:17:14.0110 4580 RTL8187 - ok
17:17:14.0142 4580 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
17:17:14.0142 4580 SamSs - ok
17:17:14.0173 4580 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:17:14.0173 4580 sbp2port - ok
17:17:14.0220 4580 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:17:14.0235 4580 SCardSvr - ok
17:17:14.0298 4580 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
17:17:14.0313 4580 Schedule - ok
17:17:14.0344 4580 [ 6011CDF54BB6F4C69F38FACCDAD73D7E ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
17:17:14.0344 4580 SCMNdisP - ok
17:17:14.0344 4580 [ 42660BBED859AC22DFD12AE598A8FFAA ] SCM_Service C:\Windows\SysWOW64\WinService.exe
17:17:14.0360 4580 SCM_Service - ok
17:17:14.0407 4580 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:17:14.0407 4580 SCPolicySvc - ok
17:17:14.0454 4580 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:17:14.0469 4580 SDRSVC - ok
17:17:14.0500 4580 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:17:14.0500 4580 secdrv - ok
17:17:14.0500 4580 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
17:17:14.0516 4580 seclogon - ok
17:17:14.0516 4580 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
17:17:14.0532 4580 SENS - ok
17:17:14.0547 4580 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:17:14.0547 4580 Serenum - ok
17:17:14.0563 4580 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
17:17:14.0563 4580 Serial - ok
17:17:14.0578 4580 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:17:14.0578 4580 sermouse - ok
17:17:14.0610 4580 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
17:17:14.0610 4580 SessionEnv - ok
17:17:14.0625 4580 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:17:14.0625 4580 sffdisk - ok
17:17:14.0641 4580 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:17:14.0641 4580 sffp_mmc - ok
17:17:14.0656 4580 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:17:14.0656 4580 sffp_sd - ok
17:17:14.0672 4580 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:17:14.0672 4580 sfloppy - ok
17:17:14.0703 4580 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:17:14.0719 4580 SharedAccess - ok
17:17:14.0797 4580 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:17:14.0812 4580 ShellHWDetection - ok
17:17:14.0828 4580 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:17:14.0828 4580 SiSRaid2 - ok
17:17:14.0859 4580 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:17:14.0859 4580 SiSRaid4 - ok
17:17:15.0015 4580 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
17:17:15.0063 4580 slsvc - ok
17:17:15.0157 4580 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:17:15.0157 4580 SLUINotify - ok
17:17:15.0219 4580 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:17:15.0219 4580 Smb - ok
17:17:15.0250 4580 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:17:15.0266 4580 SNMPTRAP - ok
17:17:15.0313 4580 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
17:17:15.0313 4580 spldr - ok
17:17:15.0391 4580 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
17:17:15.0391 4580 Spooler - ok
17:17:15.0453 4580 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
17:17:15.0453 4580 sprtsvc_DellSupportCenter - ok
17:17:15.0547 4580 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
17:17:15.0562 4580 srv - ok
17:17:15.0578 4580 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:17:15.0593 4580 srv2 - ok
17:17:15.0593 4580 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:17:15.0593 4580 srvnet - ok
17:17:15.0640 4580 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:17:15.0640 4580 SSDPSRV - ok
17:17:15.0656 4580 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:17:15.0656 4580 SstpSvc - ok
17:17:15.0749 4580 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:17:15.0749 4580 Stereo Service - ok
17:17:15.0796 4580 [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:17:15.0796 4580 StillCam - ok
17:17:15.0859 4580 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
17:17:15.0874 4580 stisvc - ok
17:17:15.0921 4580 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:17:15.0921 4580 stllssvr - ok
17:17:15.0952 4580 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:17:15.0952 4580 swenum - ok
17:17:16.0047 4580 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
17:17:16.0078 4580 swprv - ok
17:17:16.0094 4580 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:17:16.0094 4580 Symc8xx - ok
17:17:16.0109 4580 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:17:16.0109 4580 Sym_hi - ok
17:17:16.0125 4580 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:17:16.0125 4580 Sym_u3 - ok
17:17:16.0234 4580 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
17:17:16.0250 4580 SysMain - ok
17:17:16.0328 4580 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:17:16.0328 4580 TabletInputService - ok
17:17:16.0437 4580 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:17:16.0437 4580 TapiSrv - ok
17:17:16.0499 4580 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
17:17:16.0515 4580 TBS - ok
17:17:16.0608 4580 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:17:16.0640 4580 Tcpip - ok
17:17:16.0686 4580 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:17:16.0686 4580 Tcpip6 - ok
17:17:16.0749 4580 [ FD8FDE859E38E40A20085EBB0C22B416 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:17:16.0749 4580 tcpipreg - ok
17:17:16.0780 4580 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:17:16.0780 4580 TDPIPE - ok
17:17:16.0796 4580 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:17:16.0796 4580 TDTCP - ok
17:17:16.0858 4580 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:17:16.0858 4580 tdx - ok
17:17:16.0920 4580 [ BEE7ED7A5EDB006F6FE2A40736E7C753 ] TeamViewer4 C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
17:17:16.0920 4580 TeamViewer4 - ok
17:17:16.0936 4580 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:17:16.0936 4580 TermDD - ok
17:17:17.0014 4580 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
17:17:17.0014 4580 TermService - ok
17:17:17.0030 4580 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
17:17:17.0045 4580 Themes - ok
17:17:17.0092 4580 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
17:17:17.0092 4580 THREADORDER - ok
17:17:17.0123 4580 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
17:17:17.0139 4580 TrkWks - ok
17:17:17.0279 4580 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:17:17.0295 4580 TrustedInstaller - ok
17:17:17.0357 4580 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:17:17.0373 4580 tssecsrv - ok
17:17:17.0388 4580 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:17:17.0388 4580 tunmp - ok
17:17:17.0451 4580 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:17:17.0451 4580 tunnel - ok
17:17:17.0482 4580 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:17:17.0482 4580 uagp35 - ok
17:17:17.0544 4580 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:17:17.0544 4580 udfs - ok
17:17:17.0576 4580 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:17:17.0576 4580 UI0Detect - ok
17:17:17.0591 4580 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:17:17.0591 4580 uliagpkx - ok
17:17:17.0622 4580 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:17:17.0638 4580 uliahci - ok
17:17:17.0654 4580 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:17:17.0654 4580 UlSata - ok
17:17:17.0669 4580 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:17:17.0669 4580 ulsata2 - ok
17:17:17.0700 4580 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:17:17.0700 4580 umbus - ok
17:17:17.0716 4580 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
17:17:17.0732 4580 upnphost - ok
17:17:17.0763 4580 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:17:17.0778 4580 USBAAPL64 - ok
17:17:17.0841 4580 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:17:17.0841 4580 usbccgp - ok
17:17:17.0903 4580 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:17:17.0903 4580 usbcir - ok
17:17:17.0966 4580 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:17:17.0966 4580 usbehci - ok
17:17:18.0028 4580 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:17:18.0044 4580 usbhub - ok
17:17:18.0090 4580 [ E406B003A354776D317762694956B0FC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:17:18.0106 4580 usbohci - ok
17:17:18.0168 4580 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:17:18.0168 4580 usbprint - ok
17:17:18.0231 4580 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:17:18.0231 4580 usbscan - ok
17:17:18.0262 4580 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:17:18.0262 4580 USBSTOR - ok
17:17:18.0340 4580 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:17:18.0340 4580 usbuhci - ok
17:17:18.0371 4580 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:17:18.0371 4580 usbvideo - ok
17:17:18.0434 4580 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
17:17:18.0434 4580 UxSms - ok
17:17:18.0512 4580 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
17:17:18.0512 4580 vds - ok
17:17:18.0527 4580 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:17:18.0543 4580 vga - ok
17:17:18.0558 4580 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:17:18.0558 4580 VgaSave - ok
17:17:18.0574 4580 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
17:17:18.0574 4580 viaide - ok
17:17:18.0605 4580 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:17:18.0605 4580 volmgr - ok
17:17:18.0699 4580 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:17:18.0714 4580 volmgrx - ok
17:17:18.0746 4580 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:17:18.0761 4580 volsnap - ok
17:17:18.0777 4580 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:17:18.0777 4580 vsmraid - ok
17:17:18.0870 4580 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
17:17:18.0902 4580 VSS - ok
17:17:18.0980 4580 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
17:17:18.0980 4580 W32Time - ok
17:17:19.0026 4580 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:17:19.0026 4580 WacomPen - ok
17:17:19.0089 4580 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:17:19.0089 4580 Wanarp - ok
17:17:19.0104 4580 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:17:19.0104 4580 Wanarpv6 - ok
17:17:19.0182 4580 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:17:19.0198 4580 wcncsvc - ok
17:17:19.0229 4580 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:17:19.0229 4580 WcsPlugInService - ok
17:17:19.0245 4580 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
17:17:19.0245 4580 Wd - ok
17:17:19.0307 4580 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:17:19.0338 4580 Wdf01000 - ok
17:17:19.0354 4580 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:17:19.0354 4580 WdiServiceHost - ok
17:17:19.0370 4580 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:17:19.0370 4580 WdiSystemHost - ok
17:17:19.0494 4580 [ 4D2071018D48039F3A992F3830FA88BD ] WeatherBlinkService C:\PROGRA~2\WEATHE~2\bar\2.bin\gcbarsvc.exe
17:17:19.0510 4580 WeatherBlinkService - ok
17:17:19.0572 4580 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
17:17:19.0572 4580 WebClient - ok
17:17:19.0650 4580 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:17:19.0650 4580 Wecsvc - ok
17:17:19.0682 4580 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:17:19.0682 4580 wercplsupport - ok
17:17:19.0697 4580 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
17:17:19.0713 4580 WerSvc - ok
17:17:19.0728 4580 WinDefend - ok
17:17:19.0728 4580 WinHttpAutoProxySvc - ok
17:17:19.0900 4580 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:17:19.0900 4580 Winmgmt - ok
17:17:20.0056 4580 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
17:17:20.0103 4580 WinRM - ok
17:17:20.0181 4580 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:17:20.0197 4580 Wlansvc - ok
17:17:20.0243 4580 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:17:20.0243 4580 WmiAcpi - ok
17:17:20.0321 4580 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:17:20.0321 4580 wmiApSrv - ok
17:17:20.0353 4580 WMPNetworkSvc - ok
17:17:20.0399 4580 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:17:20.0399 4580 WPCSvc - ok
17:17:20.0462 4580 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:17:20.0462 4580 WPDBusEnum - ok
17:17:20.0493 4580 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:17:20.0509 4580 WpdUsb - ok
17:17:20.0711 4580 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:17:20.0743 4580 WPFFontCache_v0400 - ok
17:17:20.0789 4580 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:17:20.0805 4580 ws2ifsl - ok
17:17:20.0867 4580 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
17:17:20.0867 4580 wscsvc - ok
17:17:20.0867 4580 WSearch - ok
17:17:20.0977 4580 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:17:21.0023 4580 wuauserv - ok
17:17:21.0070 4580 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:17:21.0070 4580 WudfPf - ok
17:17:21.0086 4580 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:17:21.0101 4580 WUDFRd - ok
17:17:21.0101 4580 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:17:21.0101 4580 wudfsvc - ok
17:17:21.0133 4580 ================ Scan global ===============================
17:17:21.0179 4580 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
17:17:21.0242 4580 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:17:21.0257 4580 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:17:21.0351 4580 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
17:17:21.0367 4580 [Global] - ok
17:17:21.0367 4580 ================ Scan MBR ==================================
17:17:21.0382 4580 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
17:17:21.0757 4580 \Device\Harddisk0\DR0 - ok
17:17:22.0147 4580 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
17:17:22.0147 4580 \Device\Harddisk2\DR2 - ok
17:17:22.0147 4580 ================ Scan VBR ==================================
17:17:22.0193 4580 [ 37D0E85AAF898B480DAA3466033DC416 ] \Device\Harddisk0\DR0\Partition1
17:17:22.0193 4580 \Device\Harddisk0\DR0\Partition1 - ok
17:17:22.0193 4580 [ 191589481AAAD8D517A62F2FE8FEAA37 ] \Device\Harddisk0\DR0\Partition2
17:17:22.0193 4580 \Device\Harddisk0\DR0\Partition2 - ok
17:17:22.0209 4580 [ 2D62DC8697A828A388878F71D8750B50 ] \Device\Harddisk2\DR2\Partition1
17:17:22.0209 4580 \Device\Harddisk2\DR2\Partition1 - ok
17:17:22.0209 4580 ============================================================
17:17:22.0209 4580 Scan finished
17:17:22.0209 4580 ============================================================
17:17:22.0225 3032 Detected object count: 0
17:17:22.0225 3032 Actual detected object count: 0
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm

Re: Low disk space, Computer running slow.

Unread postby virbitsky » February 1st, 2013, 6:27 pm

I'm not sure if it matters or not, but I had my external hard drive 1tb plugged in when I ran those tools. I can re-do the logs, if necessary. Thank you
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm

Re: Low disk space, Computer running slow.

Unread postby Gary R » February 1st, 2013, 7:17 pm

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Java(TM) 6 Update 29


Reboot your computer when finished.

Next

There are number of "questionable" Words files on your computer, most of very similar or identical sizes, did you create these ? (I've illustrated some of them below)

[2076/01/03 12:03:52 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Dave Lee- Bill for driveway.wps
[2075/09/21 06:48:32 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Grimm- Lackawaxen township Rate changes.wps
[2075/09/20 13:40:17 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Grimm-Dunkin Donuts.wps
[2075/09/20 13:40:02 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Rock Bottom- YMCA.wps
[2075/09/20 10:16:02 | 000,016,384 | ---- | M] () -- C:\Users\j\Documents\Guzzi- Moffit house.wps
[2075/09/16 11:16:33 | 000,016,384 | ---- | M] () -- C:\Users\j\Documents\Archbald ambulance.wps
[2075/09/14 10:52:47 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\KBA- Buras Cottage.wps
[2075/09/14 10:23:42 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\J.J Palumbo- 5th bill.wps
[2075/09/13 09:19:35 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Keystone college-Gym floor.wps
[2075/09/10 06:41:22 | 000,016,384 | ---- | M] () -- C:\Users\j\Documents\Grimm- Comfort inn.wps
[2075/09/09 09:22:14 | 000,016,384 | ---- | M] () -- C:\Users\j\Documents\Grimm- Cedar ave 629-631.wps
[2075/09/07 06:51:59 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Guzzi- Keystone College landscape bill.wps
[2075/09/07 06:49:41 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Grimm- Bill for chimney.wps
[2075/09/07 06:45:43 | 000,018,944 | ---- | M] () -- C:\Users\j\Documents\Grimm- Bill for Susan.wps
[2075/09/07 06:36:03 | 000,017,920 | ---- | M] () -- C:\Users\j\Documents\Keystone Community Resources- Bill for sanderson.wps


Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
PRC - [2011/02/18 13:52:31 | 000,036,864 | ---- | M] (WeatherBlink) -- C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbarsvc.exe
SRV - [2011/02/18 13:52:31 | 000,036,864 | ---- | M] (WeatherBlink) [Auto | Running] -- C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbarsvc.exe -- (WeatherBlinkService)
IE - HKLM\..\URLSearchHook: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/sli ... 843&query= {SearchTerms}&invocationType=tb50-ie-aolmailtb-chromesbox-en-us
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor= {searchTerms}
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\URLSearchHook: {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcSrcAs.dll (WeatherBlink)
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\URLSearchHook: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/sli ... 843&query= {SearchTerms}&invocationType=tb50-ie-aolmailtb-chromesbox-en-us
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor= {searchTerms}
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q= {searchTerms}&pr=prov&client_id=140FD68001CA990C197882FA&install_time=19-01-2010:08:34&src_id=11009&camp_id=861&tb_version=2.5.7002.477
IE - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=HODaWdOf ... DwM3wM4?q= {searchTerms}
FF - prefs.js..extensions.enabledAddons: gcffxtbr%40WeatherBlink.com:1.2
FF - prefs.js..extensions.enabledItems: gcffxtbr@WeatherBlink.com :1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XNxdm003YYUS&ptb=980DD49E-1E3E-4D19-A04F-D23ADA40ECB0&psa=&ind=2010110110&ptnrS=XNxdm003YYUS&si=&st=kwd&n=77cfd89e&searchfor="
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files (x86)\WeatherBlink\bar\2.bin [2011/08/15 06:17:57 | 000,000,000 | ---D | M]
[2010/03/03 11:43:46 | 000,010,039 | ---- | M] () -- C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\searchplugins\WeatherBlink.xml
[2011/08/15 06:17:57 | 000,000,000 | ---D | M] (WeatherBlink) -- C:\PROGRAM FILES (X86)\WEATHERBLINK\BAR\2.BIN
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Assistant BHO) - {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcSrcAs.dll (WeatherBlink)
O2 - BHO: (Toolbar BHO) - {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbar.dll (WeatherBlink)
O2 - BHO: (AOL Email Toolbar Loader) - {fbea8524-8c72-4208-9d12-7fb73e9926eb} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O2 - BHO: (AOL Email Toolbar Loader) - {fbea8524-8c72-4208-9d12-7fb73e9926eb} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (AOL Email Toolbar) - {a3704fa3-dbf6-46b5-b95e-0677dfd39577} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (WeatherBlink) - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbar.dll (WeatherBlink)
O3 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3994122028-4133472215-4079814351-1000\..\Toolbar\WebBrowser: (AOL Email Toolbar) - {A3704FA3-DBF6-46B5-B95E-0677DFD39577} - C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O8:64bit: - Extra context menu item: &AOL Email Toolbar Search - C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &AOL Email Toolbar Search - C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

:Commands
[emptytemp]
[resethosts]
[createrestorepoint]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Next

Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Please post the contents of JRT.txt into your next reply.

Next

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on: Image
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log in your next reply please.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)

Summary of the logs I need from you in your next post:
  • Let me know about those files I asked about.
  • OTL fix log
  • JRT.txt
  • E-Set log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Low disk space, Computer running slow.

Unread postby virbitsky » February 2nd, 2013, 10:58 pm

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.8 (01.31.2013:1)
OS: Windows (TM) Vista Home Premium x64
Ran by j on Sat 02/02/2013 at 13:39:01.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\dnu.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdate
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\imside1egate.application.1
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{14ceeaff-96dd-4101-ae37-d5ecdc23c3f6}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{14ceeaff-96dd-4101-ae37-d5ecdc23c3f6}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\j\appdata\locallow\alot"
Successfully deleted: [Folder] "C:\Program Files (x86)\alot"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility"



~~~ FireFox

Successfully deleted: [File] C:\Users\j\AppData\Roaming\mozilla\firefox\profiles\wjl247c5.default\invalidprefs.js
Successfully deleted the following from C:\Users\j\AppData\Roaming\mozilla\firefox\profiles\wjl247c5.default\prefs.js

user_pref("browser.newtabpage.blocked", "{\"/5CCH+6ysCozpvn8jl8/zQ==\":1,\"arAWstrXukmpkroCE6kc+A==\":1,\"h0aMB8AuNw74TUt+OmaFiQ==\":1,\"ZRgeP73f9wQFbkX5z+IDTQ==\":1,\"VCxv4B3
user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=XNxdm003YYUS&ptb=980DD49E-1E3E-4D19-A04F-D23ADA40ECB0");
user_pref("extensions.WeatherBlink.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=XNxdm003YYUS&ptb=980DD49E-1E3E-4D19-A04F-D23ADA40ECB0&ind=201



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/02/2013 at 13:46:47.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm

Re: Low disk space, Computer running slow.

Unread postby virbitsky » February 2nd, 2013, 10:59 pm

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=309a9b15af919c46bf99fd4a1487f925
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-02-03 02:24:52
# local_time=2013-02-02 09:24:52 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 39123096 196456998 0 0
# scanned=168655
# found=15
# cleaned=0
# scan_time=8441
C:\Users\j\AppData\LocalLow\WeatherBlink\bar\setups\WeatherBlink Installer(0001846b).exe a variant of Win32/AdInstaller application 5B428F67C1E069AE5620C498C6A7C2C357987734 I
C:\Users\j\Downloads\MapsGalaxy.exe Win32/AdInstaller application A8C27F6B4ACEDAACD1DFA823AA1D846632376630 I
C:\Users\j\Downloads\registrybooster.exe Win32/RegistryBooster application D7DCBE2ED66CCD32D7BD8B5365696FBD82FE174A I
C:\Users\j\Downloads\WeatherBlink(2).exe Win32/AdInstaller application 63BA0FE89F223D39076913C3D4943740D2E4EBA8 I
C:\Users\j\Downloads\WeatherBlink.exe Win32/AdInstaller application 63BA0FE89F223D39076913C3D4943740D2E4EBA8 I
C:\Users\j\Downloads\WeatherBugSetup(2).msi a variant of Win32/Bundled.Toolbar.Ask application 070C25554B0F86C5E50051FEE4995EAA1EC09F7D I
C:\Users\j\Downloads\WeatherBugSetup.msi a variant of Win32/Bundled.Toolbar.Ask application C1ADD732DA4CF6E8F210CBCCAB481870C3FB0ED8 I
C:\_OTL\MovedFiles\02022013_132256\C_Program Files (x86)\WeatherBlink\bar\2.bin\gcdatact.dll a variant of Win32/Toolbar.MyWebSearch.A application 685120EEF86D25C5491E0B7141D1DB61C7656888 I
C:\_OTL\MovedFiles\02022013_132256\C_Program Files (x86)\WeatherBlink\bar\2.bin\gchtml.dll probably a variant of Win32/Toolbar.MyWebSearch.F application D148EA8EB26A7A50AFC684DCC060366DD03F03C8 I
C:\_OTL\MovedFiles\02022013_132256\C_Program Files (x86)\WeatherBlink\bar\2.bin\gchtmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application B1A7202E376F3CEF3651C07CD548AEBC24ABF6F9 I
C:\_OTL\MovedFiles\02022013_132256\C_Program Files (x86)\WeatherBlink\bar\2.bin\gcPlugin.dll a variant of Win32/Toolbar.MyWebSearch application 89425A6D5B2314FEB28DE43E60F401F4CF919CD7 I
C:\_OTL\MovedFiles\02022013_132256\C_Program Files (x86)\WeatherBlink\bar\2.bin\gcskin.dll a variant of Win32/Toolbar.MyWebSearch.P application E52E373C0FFB24F441D23A5F1CE85706CAF8D16F I
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2011-10-24 102902\Backup files 5.zip multiple threats 61EFF17FBF02B1E5329BD582AF66663A741D6BDD I
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2011-12-04 190000\Backup files 1.zip Win32/AdInstaller application 19C1C83FF85AEE4B69D0562E174CD0B35AA831F5 I
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2012-01-08 190000\Backup files 1.zip Win32/AdInstaller application 52FB7BFE552B50C3C27CC0ACFCDFAFAD818D0408 I
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm

Re: Low disk space, Computer running slow.

Unread postby Gary R » February 3rd, 2013, 3:12 am

Can you post me the OTL fix log I asked for, and also let me know about the files I asked about please.

If you don't have the log, in C:\_OTL\MovedFiles you'll find files of the form mmddyyyy_hhmmss.log (where dmyhms represent the date and time the fix was run).

If you double-click them they'll open in Notepad

Post me the appropriate logfile please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Low disk space, Computer running slow.

Unread postby virbitsky » February 3rd, 2013, 3:45 pm

sorry, could of sworn I posted them.
Yes those files you are talking about are mine.

All processes killed
========== OTL ==========
Process gcbarsvc.exe killed successfully!
Service WeatherBlinkService stopped successfully!
Service WeatherBlinkService deleted successfully!
C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbarsvc.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{98572e47-b5fe-43de-9aea-492a1d3064cd} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98572e47-b5fe-43de-9aea-492a1d3064cd}\ deleted successfully.
C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ not found.
Registry value HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ba2cfef-a1bc-4964-aadc-33be1ae5a33c}\ deleted successfully.
C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcSrcAs.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{98572e47-b5fe-43de-9aea-492a1d3064cd} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98572e47-b5fe-43de-9aea-492a1d3064cd}\ not found.
File C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll not found.
Registry key HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}\ not found.
Registry key HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ not found.
Registry key HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Prefs.js: gcffxtbr%40WeatherBlink.com:1.2 removed from extensions.enabledAddons
Prefs.js: gcffxtbr@WeatherBlink.com :1.2 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29 removed from extensions.enabledItems
Prefs.js: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XNxdm003YYUS&ptb=980DD49E-1E3E-4D19-A04F-D23ADA40ECB0&psa=&ind=2010110110&ptnrS=XNxdm003YYUS&si=&st=kwd&n=77cfd89e&searchfor=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com deleted successfully.
C:\Program Files (x86)\WeatherBlink\bar\2.bin\chrome folder moved successfully.
C:\Program Files (x86)\WeatherBlink\bar\2.bin folder moved successfully.
C:\Users\j\AppData\Roaming\Mozilla\Firefox\Profiles\wjl247c5.default\searchplugins\WeatherBlink.xml moved successfully.
Folder C:\PROGRAM FILES (X86)\WEATHERBLINK\BAR\2.BIN\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9b9dcae3-be34-424c-8d73-75e305a9e091}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9b9dcae3-be34-424c-8d73-75e305a9e091}\ deleted successfully.
File C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcSrcAs.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc9051c2-8f55-479a-97a4-747980d9047f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dc9051c2-8f55-479a-97a4-747980d9047f}\ deleted successfully.
File C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbea8524-8c72-4208-9d12-7fb73e9926eb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbea8524-8c72-4208-9d12-7fb73e9926eb}\ deleted successfully.
File C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbea8524-8c72-4208-9d12-7fb73e9926eb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbea8524-8c72-4208-9d12-7fb73e9926eb}\ not found.
File C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}\ not found.
C:\Program Files (x86)\alot\bin\alot.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a3704fa3-dbf6-46b5-b95e-0677dfd39577} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a3704fa3-dbf6-46b5-b95e-0677dfd39577}\ deleted successfully.
File C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{f20de5e0-2a6e-4c54-985f-1cf59551ce39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f20de5e0-2a6e-4c54-985f-1cf59551ce39}\ deleted successfully.
File C:\Program Files (x86)\WeatherBlink\bar\2.bin\gcbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found.
Registry value HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-3994122028-4133472215-4079814351-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A3704FA3-DBF6-46B5-B95E-0677DFD39577} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3704FA3-DBF6-46B5-B95E-0677DFD39577}\ not found.
File C:\Program Files (x86)\AOL Email Toolbar\aolmailtb.dll not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&AOL Email Toolbar Search\ deleted successfully.
C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&AOL Email Toolbar Search\ not found.
File C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\ProgramData\SPL252B.tmp deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 83 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: j
->Temp folder emptied: 565820527 bytes
->Temporary Internet Files folder emptied: 180890122 bytes
->Java cache emptied: 15691520 bytes
->FireFox cache emptied: 373388045 bytes
->Google Chrome cache emptied: 57644674 bytes
->Flash cache emptied: 184507 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 83 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 855744630 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,955.00 mb

File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 02022013_132256

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm

Re: Low disk space, Computer running slow.

Unread postby Gary R » February 4th, 2013, 3:08 am

sorry, could of sworn I posted them.


No problem. It's easily done. :)


  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:Files
C:\Users\j\AppData\LocalLow\WeatherBlink\bar\setups\WeatherBlink Installer(0001846b).exe
C:\Users\j\Downloads\MapsGalaxy.exe
C:\Users\j\Downloads\registrybooster.exe
C:\Users\j\Downloads\WeatherBlink(2).exe
C:\Users\j\Downloads\WeatherBlink.exe
C:\Users\j\Downloads\WeatherBugSetup(2).msi
C:\Users\j\Downloads\WeatherBugSetup.msi 
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2011-10-24 102902\Backup files 5.zip
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2011-12-04 190000\Backup files 1.zip
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2012-01-08 190000\Backup files 1.zip

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Please let me know how your computer is behaving now.

.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Low disk space, Computer running slow.

Unread postby virbitsky » February 4th, 2013, 10:56 am

========== FILES ==========
C:\Users\j\AppData\LocalLow\WeatherBlink\bar\setups\WeatherBlink Installer(0001846b).exe moved successfully.
C:\Users\j\Downloads\MapsGalaxy.exe moved successfully.
C:\Users\j\Downloads\registrybooster.exe moved successfully.
C:\Users\j\Downloads\WeatherBlink(2).exe moved successfully.
C:\Users\j\Downloads\WeatherBlink.exe moved successfully.
C:\Users\j\Downloads\WeatherBugSetup(2).msi moved successfully.
C:\Users\j\Downloads\WeatherBugSetup.msi moved successfully.
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2011-10-24 102902\Backup files 5.zip moved successfully.
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2011-12-04 190000\Backup files 1.zip moved successfully.
D:\VIRBITSKY\Backup Set 2011-10-24 102902\Backup Files 2012-01-08 190000\Backup files 1.zip moved successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 02042013_095548
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm

Re: Low disk space, Computer running slow.

Unread postby Gary R » February 4th, 2013, 12:57 pm

Please let me know how your computer is behaving now.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Low disk space, Computer running slow.

Unread postby virbitsky » February 4th, 2013, 6:14 pm

seems to be fine now, still having low disk space, would a external hard drive help me out?
virbitsky
Active Member
 
Posts: 10
Joined: January 23rd, 2013, 4:05 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 18 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware