Dell Laptop Dog - Used for school

View previous topic View next topic Go down

Dell Laptop Dog - Used for school

Post by jseiler on Tue 19 Feb 2013, 4:24 pm

Daughter uses this computer for high school. Really bogging down. OTL below:

OTL logfile created on: 2/18/2013 10:54:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Joni Seiler\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 24.97% Memory free
5.30 Gb Paging File | 2.72 Gb Available in Paging File | 51.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 238.52 Gb Free Space | 85.66% Space Free | Partition Type: NTFS
Drive D: | 4.38 Gb Total Space | 1.13 Gb Free Space | 25.84% Space Free | Partition Type: UDF

Computer Name: JONISEILER-PC | User Name: Joni Seiler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/18 22:52:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Joni Seiler\Desktop\OTL.com
PRC - [2013/02/12 15:22:51 | 000,353,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe
PRC - [2013/02/12 15:20:47 | 000,107,520 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2013/01/31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/01/24 11:22:50 | 002,231,040 | ---- | M] (Conduit) -- C:\Users\Joni Seiler\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/01/24 11:22:50 | 000,093,440 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2012/12/17 19:50:28 | 016,328,976 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/11/14 20:15:53 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Joni Seiler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/10/24 20:30:30 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
PRC - [2012/09/19 03:00:48 | 000,383,648 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe
PRC - [2012/09/18 03:46:42 | 000,394,392 | ---- | M] (PCRx.com, LLC) -- C:\Program Files (x86)\24x7Help\App24x7Svc.exe
PRC - [2012/09/18 03:46:30 | 000,041,624 | ---- | M] (PCRx.com, LLC) -- C:\Program Files (x86)\24x7Help\App24x7Hook.exe
PRC - [2012/09/18 03:46:28 | 001,685,144 | ---- | M] (PCRx.com, LLC) -- C:\Program Files (x86)\24x7Help\App24x7Help.exe
PRC - [2012/06/11 16:22:16 | 000,425,040 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingBar.exe
PRC - [2012/06/11 16:22:16 | 000,267,856 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingApp.exe
PRC - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2012/06/11 16:22:16 | 000,141,904 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe
PRC - [2012/02/16 11:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2012/01/27 15:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2012/01/26 20:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/04/13 09:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2011/01/12 17:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/12 17:00:38 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/07/02 05:10:28 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/07/02 05:10:24 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2007/01/16 22:36:48 | 000,304,624 | ---- | M] () -- C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe
PRC - [2007/01/16 22:36:28 | 000,431,600 | ---- | M] (Dell) -- C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/18 16:47:36 | 000,096,256 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32api.pyd
MOD - [2013/02/18 16:47:36 | 000,086,016 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\_elementtree.pyd
MOD - [2013/02/18 16:47:36 | 000,040,448 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\_socket.pyd
MOD - [2013/02/18 16:47:35 | 001,024,616 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\windows._cacheinvalidation.pyd
MOD - [2013/02/18 16:47:35 | 000,792,576 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\wx._gdi_.pyd
MOD - [2013/02/18 16:47:35 | 000,731,136 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\wx._misc_.pyd
MOD - [2013/02/18 16:47:35 | 000,571,392 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\pysqlite2._sqlite.pyd
MOD - [2013/02/18 16:47:35 | 000,354,304 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\pythoncom26.dll
MOD - [2013/02/18 16:47:35 | 000,263,168 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32com.shell.shell.pyd
MOD - [2013/02/18 16:47:35 | 000,153,088 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\pyexpat.pyd
MOD - [2013/02/18 16:47:35 | 000,110,592 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32security.pyd
MOD - [2013/02/18 16:47:35 | 000,110,592 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\PyWinTypes26.dll
MOD - [2013/02/18 16:47:35 | 000,073,728 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\_ctypes.pyd
MOD - [2013/02/18 16:47:35 | 000,070,656 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\wx._html2.pyd
MOD - [2013/02/18 16:47:35 | 000,023,040 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32ts.pyd
MOD - [2013/02/18 16:47:35 | 000,017,920 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32profile.pyd
MOD - [2013/02/18 16:47:35 | 000,011,776 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32crypt.pyd
MOD - [2013/02/18 16:47:34 | 001,169,408 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\wx._core_.pyd
MOD - [2013/02/18 16:47:34 | 001,056,256 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\wx._controls_.pyd
MOD - [2013/02/18 16:47:34 | 000,807,424 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\wx._windows_.pyd
MOD - [2013/02/18 16:47:34 | 000,645,120 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\_ssl.pyd
MOD - [2013/02/18 16:47:34 | 000,311,808 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\_hashlib.pyd
MOD - [2013/02/18 16:47:34 | 000,121,856 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\wx._wizard.pyd
MOD - [2013/02/18 16:47:34 | 000,111,104 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32file.pyd
MOD - [2013/02/18 16:47:34 | 000,039,424 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32inet.pyd
MOD - [2013/02/18 16:47:34 | 000,036,352 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32process.pyd
MOD - [2013/02/18 16:47:34 | 000,022,528 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32pdh.pyd
MOD - [2013/02/18 16:47:33 | 000,585,728 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\unicodedata.pyd
MOD - [2013/02/18 16:47:33 | 000,017,920 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\win32event.pyd
MOD - [2013/02/18 16:47:33 | 000,011,776 | ---- | M] () -- C:\Users\Joni Seiler\AppData\Local\Temp\_MEI32722\select.pyd
MOD - [2013/02/17 18:35:31 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/02/17 18:35:01 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/11 12:31:59 | 001,707,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
MOD - [2013/01/11 12:31:53 | 000,401,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll
MOD - [2013/01/11 12:30:41 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013/01/11 12:29:23 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\09a468fb987e5a5f345346b0910c89ca\IAStorCommon.ni.dll
MOD - [2013/01/11 12:29:22 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\27649bdc3da750e2e072dedbff56cc0b\IAStorUtil.ni.dll
MOD - [2013/01/11 12:07:18 | 017,478,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll
MOD - [2013/01/11 12:07:01 | 002,347,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013/01/11 12:06:58 | 001,084,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013/01/11 12:06:57 | 000,256,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013/01/11 12:06:39 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/11 12:06:15 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/11 12:06:00 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/11 12:05:32 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/11 12:05:28 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/11 12:05:17 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/11 12:05:10 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\571b85634abf2fba6bab80c21a347081\System.Xml.ni.dll
MOD - [2013/01/11 12:05:06 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/11 12:05:04 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/11 12:04:57 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/04/24 22:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtgui4.dll
MOD - [2011/04/24 22:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtsql4.dll
MOD - [2011/04/24 22:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtscript4.dll
MOD - [2011/04/24 22:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtnetwork4.dll
MOD - [2011/04/24 22:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtcore4.dll
MOD - [2011/04/24 22:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtdeclarative4.dll
MOD - [2011/04/20 18:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll
MOD - [2010/11/20 21:24:52 | 000,507,904 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
MOD - [2007/01/16 22:36:48 | 000,304,624 | ---- | M] () -- C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe
MOD - [2006/12/20 20:12:18 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdcfg.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/05/27 13:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/01/13 14:56:40 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2007/01/16 22:35:02 | 000,566,768 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlcdcoms.exe -- (dlcd_device)
SRV - [2013/02/12 15:20:47 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Joni Seiler\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2013/01/31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/01/24 11:22:50 | 000,093,440 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/24 20:30:30 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)
SRV - [2012/09/18 03:46:42 | 000,394,392 | ---- | M] (PCRx.com, LLC) [Auto | Running] -- C:\Program Files (x86)\24x7Help\App24x7Svc.exe -- (24x7HelpSvc)
SRV - [2012/08/02 15:06:28 | 000,173,056 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/02/16 11:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/01/12 17:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/08/25 19:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/07/02 05:10:28 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/07/02 05:10:24 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/01/16 22:34:36 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\dlcdcoms.exe -- (dlcd_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/24 20:32:38 | 000,637,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012/08/17 15:26:48 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/18 16:40:08 | 004,719,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/08/18 16:39:52 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/08/18 16:39:52 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/08/18 16:39:50 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/08/18 16:39:50 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/08/18 16:39:50 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/05/27 13:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/05/17 00:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/31 21:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/25 20:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 17:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011/03/04 12:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011/03/04 12:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2011/01/20 10:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/12 16:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 18:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/15 03:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/02/26 18:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/18 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {f0e59437-6148-4a98-b0a6-60d557ef57f4} - C:\Program Files (x86)\WhiteSmoke_B\prxtbWhit.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {f0e59437-6148-4a98-b0a6-60d557ef57f4} - C:\Program Files (x86)\WhiteSmoke_B\prxtbWhit.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{4B2E815E-3DE4-493D-B35F-F5B0BB70B693}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [You must be registered and logged in to see this link.] 10:00:47&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{CEC71AAF-D53F-48D6-A27C-26B84FFD0C3D}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Joni Seiler\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Joni Seiler\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012/10/24 20:32:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/10/24 20:32:41 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: [You must be registered and logged in to see this link.]
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = [You must be registered and logged in to see this link.]
CHR - default_search_provider: suggest_url =
CHR - homepage: [You must be registered and logged in to see this link.]
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\npSkypeChromePlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Shopping Sidekick Plugin = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlopielgodpjhkbapdlbbicpiefpaack\1.21.24_0\crossrider
CHR - Extension: Shopping Sidekick Plugin = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlopielgodpjhkbapdlbbicpiefpaack\1.21.24_0\
CHR - Extension: Shopping Sidekick Plugin = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlopielgodpjhkbapdlbbicpiefpaack\1.21.24_1\crossrider
CHR - Extension: Shopping Sidekick Plugin = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlopielgodpjhkbapdlbbicpiefpaack\1.21.24_1\
CHR - Extension: Virtual Keyboard = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Skype Click to Call = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\
CHR - Extension: WhiteSmoke B = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp\10.14.251.3_0\
CHR - Extension: Anti-Banner = C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Shopping Sidekick Plugin) - {11111111-1111-1111-1111-110211181102} - C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.dll (215 Apps)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Joni Seiler\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (WhiteSmoke B Toolbar) - {f0e59437-6148-4a98-b0a6-60d557ef57f4} - C:\Program Files (x86)\WhiteSmoke_B\prxtbWhit.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (WhiteSmoke B Toolbar) - {f0e59437-6148-4a98-b0a6-60d557ef57f4} - C:\Program Files (x86)\WhiteSmoke_B\prxtbWhit.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WhiteSmoke B Toolbar) - {F0E59437-6148-4A98-B0A6-60D557EF57F4} - C:\Program Files (x86)\WhiteSmoke_B\prxtbWhit.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [DLCDCATS] C:\windows\SysNative\spool\DRIVERS\x64\3\DLCDtime.DLL ()
O4:64bit: - HKLM..\Run: [dlcdmon.exe] C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MemoryCardManager] C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [24x7HELP] C:\Program Files (x86)\24x7Help\App24x7Help.exe (PCRx.com, LLC)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PCFixSpeed] C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe (Crawler.com)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Joni Seiler\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [Spotify] C:\Users\Joni Seiler\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Joni Seiler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41765D3B-A8D7-4BE5-BF38-93379EE7A929}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/02/18 22:52:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Joni Seiler\Desktop\OTL.com
[2013/02/18 20:31:57 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Local\{13288BCE-29DE-4758-AE8B-4C27929ED9DF}
[2013/02/14 21:23:41 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/02/14 21:23:41 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/02/14 21:23:40 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/02/14 21:22:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/02/14 21:22:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/02/14 21:22:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/02/14 21:22:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/02/14 21:22:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/02/14 21:22:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/02/14 21:22:08 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2013/02/12 15:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
[2013/02/12 15:22:40 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\Documents\Flash Player Pro
[2013/02/12 15:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flash Player Pro
[2013/02/12 15:20:47 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Roaming\DefaultTab
[2013/02/12 15:20:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help
[2013/02/12 15:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\24x7Help
[2013/02/12 15:20:12 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Roaming\PCFixSpeed
[2013/02/12 15:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PCFixSpeed
[2013/02/12 15:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed
[2013/02/12 15:20:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFixSpeed
[2013/02/12 15:19:46 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Local\Updater21802
[2013/02/12 15:19:35 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Local\Shopping Sidekick Plugin
[2013/02/12 15:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shopping Sidekick Plugin
[2013/02/12 15:18:42 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Local\SwvUpdater
[2013/02/12 15:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/02/12 15:17:58 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Local\Conduit
[2013/02/12 15:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke_B
[2013/02/12 15:17:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/02/12 15:17:35 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Roaming\SearchProtect
[2013/02/12 15:17:32 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\AppData\Local\CRE
[2013/01/24 20:14:20 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\Documents\SanDiskSecureAccess
[2013/01/24 20:13:56 | 000,000,000 | ---D | C] -- C:\Users\Joni Seiler\Documents\club_application
[2 C:\Users\Joni Seiler\Documents\*.tmp files -> C:\Users\Joni Seiler\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/18 22:52:50 | 000,000,107 | ---- | M] () -- C:\Users\Joni Seiler\Desktop\Yahoo!.url
[2013/02/18 22:52:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Joni Seiler\Desktop\OTL.com
[2013/02/18 22:44:03 | 000,000,932 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2784060838-1555932679-2798245614-1000UA.job
[2013/02/18 22:14:18 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/18 21:26:49 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/18 20:26:50 | 000,795,384 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/02/18 20:26:50 | 000,672,290 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/02/18 20:26:50 | 000,125,268 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/02/18 19:47:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/18 18:36:12 | 000,000,380 | ---- | M] () -- C:\windows\tasks\AmiUpdXp.job
[2013/02/18 17:44:03 | 000,000,880 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2784060838-1555932679-2798245614-1000Core.job
[2013/02/18 16:55:38 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/18 16:55:38 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/18 16:46:46 | 1502,621,696 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/17 18:30:16 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/02/12 15:22:51 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/02/12 15:22:51 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/02/12 15:20:49 | 000,000,258 | RHS- | M] () -- C:\Users\Joni Seiler\ntuser.pol
[2013/02/12 15:18:36 | 000,000,009 | ---- | M] () -- C:\END
[2 C:\Users\Joni Seiler\Documents\*.tmp files -> C:\Users\Joni Seiler\Documents\*.tmp -> ]

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Tue 19 Feb 2013, 4:27 pm


========== Files Created - No Company Name ==========

[2013/02/12 15:20:49 | 000,000,258 | RHS- | C] () -- C:\Users\Joni Seiler\ntuser.pol
[2013/02/12 15:18:43 | 000,000,380 | ---- | C] () -- C:\windows\tasks\AmiUpdXp.job
[2013/02/12 15:17:22 | 000,000,009 | ---- | C] () -- C:\END
[2012/10/21 23:28:32 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012/09/07 00:22:22 | 000,000,048 | ---- | C] () -- C:\windows\WinInit.Ini
[2012/09/06 22:29:04 | 000,643,072 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdpmui.dll
[2012/09/06 22:29:04 | 000,434,176 | ---- | C] () -- C:\windows\SysWow64\dlcdutil.dll
[2012/09/06 22:29:04 | 000,413,696 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdinpa.dll
[2012/09/06 22:29:04 | 000,397,312 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdiesc.dll
[2012/09/06 22:29:04 | 000,323,584 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdhcp.dll
[2012/09/06 22:29:04 | 000,274,432 | ---- | C] () -- C:\windows\SysWow64\dlcdinst.dll
[2012/09/06 22:29:04 | 000,176,128 | ---- | C] () -- C:\windows\SysWow64\dlcdinsb.dll
[2012/09/06 22:29:04 | 000,159,744 | ---- | C] () -- C:\windows\SysWow64\dlcdins.dll
[2012/09/06 22:29:04 | 000,135,168 | ---- | C] () -- C:\windows\SysWow64\dlcdjswr.dll
[2012/09/06 22:29:04 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\dlcdinsr.dll
[2012/09/06 22:29:04 | 000,086,016 | ---- | C] () -- C:\windows\SysWow64\dlcdcub.dll
[2012/09/06 22:29:04 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\dlcdcu.dll
[2012/09/06 22:29:04 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\dlcdcur.dll
[2012/09/06 22:29:03 | 001,224,704 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdserv.dll
[2012/09/06 22:29:03 | 000,991,232 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdusb1.dll
[2012/09/06 22:29:03 | 000,696,320 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdhbn3.dll
[2012/09/06 22:29:03 | 000,684,032 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdcomc.dll
[2012/09/06 22:29:03 | 000,585,728 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdlmpm.dll
[2012/09/06 22:29:03 | 000,538,096 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdcoms.exe
[2012/09/06 22:29:03 | 000,421,888 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdcomm.dll
[2012/09/06 22:29:03 | 000,386,544 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdih.exe
[2012/09/06 22:29:03 | 000,382,448 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdcfg.exe
[2012/09/06 22:29:03 | 000,181,744 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdppls.exe
[2012/09/06 22:29:03 | 000,163,840 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdprox.dll
[2012/09/06 22:29:03 | 000,094,208 | ---- | C] ( ) -- C:\windows\SysWow64\dlcdpplc.dll
[2012/09/06 22:29:03 | 000,069,632 | ---- | C] () -- C:\windows\SysWow64\dlcdcfg.dll
[2012/08/11 15:50:35 | 000,017,408 | ---- | C] () -- C:\Users\Joni Seiler\AppData\Local\WebpageIcons.db
[2012/04/20 22:25:20 | 000,867,020 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2012/04/20 22:25:20 | 000,105,428 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2012/04/20 22:25:19 | 000,128,204 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2012/04/20 19:58:01 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2012/02/26 06:02:17 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2012/02/26 06:02:12 | 000,000,325 | ---- | C] () -- C:\windows\Prelaunch.ini
[2012/02/26 06:02:12 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2012/02/26 06:02:12 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2012/02/26 06:02:12 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2012/02/26 06:02:12 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2012/02/26 06:02:12 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2012/02/26 06:02:12 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2012/02/26 04:54:12 | 000,789,600 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\chrome.exe" [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/04/20 19:57:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/04/20 19:57:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/04/20 19:57:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/28 19:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/06/28 19:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\JONI SEILER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\JONI SEILER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\JONI SEILER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\JONI SEILER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/01/25 20:35:08 | 001,248,208 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/04/20 19:57:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/04/20 19:57:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/04/20 19:57:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/28 19:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/06/28 19:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.exe /md5 >

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\ /s >

< %PROGRAMFILES%\*. >
[2013/02/12 15:20:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\24x7Help
[2012/04/20 20:20:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/07/03 08:58:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2012/11/14 17:56:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2013/02/12 15:18:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2012/10/16 15:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Coupons
[2012/04/20 19:50:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Creative
[2012/04/20 19:49:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Creative Live! Cam
[2012/04/20 20:16:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell
[2013/02/18 16:47:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell DataSafe Local Backup
[2012/08/06 08:53:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Digital Delivery
[2012/09/07 00:12:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Photo AIO Printer 944
[2012/04/20 19:50:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Webcam
[2013/02/12 15:22:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Flash Player Pro
[2012/10/03 09:07:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2012/04/20 20:21:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/04/20 19:55:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/08/26 08:08:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/09/06 23:53:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2012/08/11 15:48:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kaspersky Lab
[2012/04/20 20:20:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2012/08/27 02:04:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/08/26 07:42:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/08/27 02:21:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/04/20 20:18:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/02/26 04:49:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2013/02/12 15:20:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PCFixSpeed
[2012/04/20 19:59:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2013/02/12 15:17:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SearchProtect
[2013/02/12 15:20:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Shopping Sidekick Plugin
[2012/11/14 17:56:55 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2009/07/13 22:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2013/02/12 15:18:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WhiteSmoke_B
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2012/04/20 20:19:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/20 21:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar

< %appdata%\*.* >

< MD5 for: AFD.SYS >
[2011/12/27 21:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\windows\SysNative\drivers\afd.sys
[2011/12/27 21:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011/12/27 22:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2010/11/20 21:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/04/24 20:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011/04/24 21:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2012/06/01 22:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/23 22:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 21:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/23 22:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/23 23:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/06/04 01:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012/06/01 22:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012/06/01 22:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/01 23:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\windows\SysNative\cryptsvc.dll
[2012/06/01 23:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010/11/20 21:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/23 23:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2011/03/03 00:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\windows\SysNative\dnsrslvr.dll
[2011/03/03 00:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsrslvr.dll
[2011/03/03 00:12:55 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=B2205BAEAE4C178ABEB1B149751FC2B9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsrslvr.dll
[2010/11/20 21:24:15 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=CD55F5355D8F55D44C9F4ED875705BD6 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsrslvr.dll

< MD5 for: ES.DLL >
[2013/01/25 20:34:29 | 000,009,168 | ---- | M] () MD5=1D3E71BC0FF12F94D2479F85E9290146 -- C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\24.0.1312.57\Locales\es.dll
[2009/07/13 19:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\windows\SysNative\es.dll
[2009/07/13 19:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[2013/01/18 02:06:26 | 000,009,168 | ---- | M] () MD5=6BF736F8BBC6EFEFEC53703E5F4EF987 -- C:\Users\Joni Seiler\AppData\Local\Google\Chrome\Application\24.0.1312.56\Locales\es.dll
[2009/07/13 19:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\SysWOW64\es.dll
[2009/07/13 19:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll

< MD5 for: EXPLORER.EXE >
[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 00:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 21:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 21:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2009/07/13 19:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\windows\SysNative\ipnathlp.dll
[2009/07/13 19:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\ipnathlp.dll

< MD5 for: NETBT.SYS >
[2010/11/20 21:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\windows\SysNative\drivers\netbt.sys
[2010/11/20 21:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys

< MD5 for: NETMAN.DLL >
[2009/07/13 19:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\windows\SysNative\netman.dll
[2009/07/13 19:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll

< MD5 for: QMGR.DLL >
[2010/11/20 21:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\windows\SysNative\qmgr.dll
[2010/11/20 21:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: RPCSS.DLL >
[2010/11/20 21:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\windows\SysNative\rpcss.dll
[2010/11/20 21:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 11:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 11:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 21:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 12:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 04:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/04/24 23:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012/03/30 05:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/01/03 00:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\windows\SysNative\drivers\tcpip.sys
[2013/01/03 00:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/04/25 00:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/03 23:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011/03/19 01:45:16 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012/10/03 11:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/03/19 01:39:54 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2012/08/22 12:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 10:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: TDX.SYS >
[2010/11/20 21:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\windows\SysNative\drivers\tdx.sys
[2010/11/20 21:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2010/11/20 21:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\windows\SysNative\drivers\volsnap.sys
[2010/11/20 21:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 21:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 19:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\windows\SysNative\wininit.exe
[2009/07/13 19:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/13 19:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/13 19:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WMISVC.DLL >
[2009/07/13 19:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\windows\SysNative\wbem\WMIsvc.dll
[2009/07/13 19:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_fed8c13f0d90a8cf\WMIsvc.dll

< MD5 for: WSCSVC.DLL >
[2009/07/13 19:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\windows\SysNative\wscsvc.dll
[2009/07/13 19:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_78666321c8b86082\wscsvc.dll

< End of report >

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Tue 19 Feb 2013, 4:27 pm


EXTRAS:

OTL Extras logfile created on: 2/18/2013 10:54:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Joni Seiler\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 24.97% Memory free
5.30 Gb Paging File | 2.72 Gb Available in Paging File | 51.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 238.52 Gb Free Space | 85.66% Space Free | Partition Type: NTFS
Drive D: | 4.38 Gb Total Space | 1.13 Gb Free Space | 25.84% Space Free | Partition Type: UDF

Computer Name: JONISEILER-PC | User Name: Joni Seiler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B9268B5-A1F5-422E-8B92-C5F88FF98F78}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18262FA9-8B68-4E9B-A695-360B23F4305B}" = lport=138 | protocol=17 | dir=in | app=system |
"{1F6FE4B7-41E6-4428-BE94-E6A348C182F6}" = rport=445 | protocol=6 | dir=out | app=system |
"{2068284A-AF67-4EFB-B08F-58A13C608721}" = rport=139 | protocol=6 | dir=out | app=system |
"{265E6A22-D3EC-4477-AD6A-8DC525710636}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{267F130D-5F40-4E60-994C-98D240A034D2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3C972B44-B468-42A9-BAFB-09BC03B95336}" = lport=2869 | protocol=6 | dir=in | app=system |
"{44F2234A-0607-4CCC-96A9-3FC49178E91D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6F483C1D-7266-4295-AC42-130CACFFCD76}" = lport=445 | protocol=6 | dir=in | app=system |
"{7760D670-AAD7-441C-B6C4-B41C603B905B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78CA3C21-8A73-4102-A470-69A1D52D25FB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{89296C15-1E70-49E6-8B3F-BABB096585CF}" = lport=137 | protocol=17 | dir=in | app=system |
"{90D515AE-2CEB-44A4-8CB0-761006BAFE96}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{94410FB2-0C7D-485C-B969-A8F37842E963}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9AE29503-F6E7-4139-9752-E39F5C164013}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A093A2B2-04F4-490E-9858-2B0063EBDF51}" = lport=139 | protocol=6 | dir=in | app=system |
"{B80B4654-26AC-47E6-AD17-B2CB3F4006F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BBCC5ADC-1E95-47C5-B7C3-62BAB526D28A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CB27214D-61F7-48A1-9BE7-789A1E0785B8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CC36B222-5A7E-4F81-AE1C-0D2550866F98}" = rport=137 | protocol=17 | dir=out | app=system |
"{D147CB43-1913-4F1D-9225-04B7593C9205}" = rport=138 | protocol=17 | dir=out | app=system |
"{D4ED141A-7B4C-47F5-B6F4-94CB6AFEE6AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E59BAD78-D1C2-43ED-83F1-D4EF6D977F2A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0786C446-205D-42D3-95D6-C5AB5A0C56B7}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlcdpswx.exe |
"{0CDE20FE-5987-4A4B-8685-31C490120FFD}" = protocol=6 | dir=in | app=c:\program files (x86)\dell photo aio printer 944\dlcdaiox.exe |
"{0DE47701-96E6-47CC-B5EC-B6E1EB443911}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{186704D2-D9AF-470E-B26B-FEAA37C508ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D6798E9-2A4A-4F6B-8F54-075C14492BB9}" = protocol=17 | dir=in | app=c:\program files (x86)\dell photo aio printer 944\dlcdmon.exe |
"{1E980078-54E0-42AA-BD1F-D28A45A369EB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1F0E7273-6C5F-4258-87F2-0CB90ADE30A0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2161775C-5016-427D-8651-28BA9803B18F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2C9A27F8-94BB-40E9-B045-33C79BCC8B33}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3062C61F-E23C-459D-B8B4-EACEA5A615EC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{30FE629B-B9E1-4A28-9D85-213E474D6EFB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3D9C3F65-6B70-40B1-BE09-15F772258935}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E5313BC-94AD-4E97-AFC8-1F0250230E6F}" = protocol=6 | dir=in | app=c:\windows\syswow64\dlcdcoms.exe |
"{41FD9B29-94B6-44FC-B0C0-D516B0DB8915}" = protocol=17 | dir=in | app=c:\program files (x86)\dell photo aio printer 944\dlcdaiox.exe |
"{47BE9068-082A-4A9B-94E4-3CAE4BF43007}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5C1419C6-70B0-4204-913C-2B22178CD60F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{69FE686F-6972-4974-98C8-76BB5912E7B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E50AF10-C5F8-46C3-AC13-186A91BC6DEA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E712AA7-68A5-409A-99D2-940E431988E2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{6F8C5480-577B-4A3D-BB57-585DCBDAA6ED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{799A6A03-0599-496E-8AE5-59D667CD705E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8111ED33-4EB8-48CE-B839-831442563DB6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{85B4ADB5-7F20-401F-AD0A-C202939AFE8F}" = protocol=17 | dir=in | app=c:\windows\system32\dlcdcoms.exe |
"{8683638F-0BF5-424C-A867-B880C43F59B6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{86E905C9-B2B4-43D0-9D95-304F504B1A82}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8B48956D-58DE-4685-91D9-56D57E230507}" = protocol=6 | dir=out | app=system |
"{A19FFAEC-B555-487D-95C3-9CB2D401CACB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{B17046C0-20CD-4DE7-9E7C-AF65DF8D50E5}" = protocol=17 | dir=in | app=c:\windows\syswow64\dlcdcoms.exe |
"{B7EFAE80-39B6-4E3A-85C4-9864B56961F8}" = protocol=6 | dir=in | app=c:\program files (x86)\dell photo aio printer 944\dlcdmon.exe |
"{B8BF101A-5C85-4956-BB4B-960C05C15DE3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C8613623-451B-4519-891E-4D95A0A90D5A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D57423A5-16FD-41FA-B013-F8EEAAB82443}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{D7E9CF40-E154-4043-BB2A-9A93F9B25372}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC78D25D-17F0-4A2B-B30C-F53FEA1DB288}" = protocol=6 | dir=in | app=c:\windows\system32\dlcdcoms.exe |
"{EA57BE0E-5E26-465A-9431-C099D5CE8403}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlcdpswx.exe |
"TCP Query User{5A41F19E-4FE3-4617-AF30-57F404E2DB50}C:\users\joni seiler\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\joni seiler\appdata\roaming\spotify\spotify.exe |
"TCP Query User{A9258CFD-C001-413A-8B3C-D80501DBEC5C}C:\users\joni seiler\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\joni seiler\appdata\roaming\spotify\spotify.exe |
"UDP Query User{5823C62F-F97A-43B0-907F-174A0EC60334}C:\users\joni seiler\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\joni seiler\appdata\roaming\spotify\spotify.exe |
"UDP Query User{87D86C87-6FAB-491C-9614-29D34794DDEA}C:\users\joni seiler\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\joni seiler\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Dell Photo AIO Printer 944" = Dell Photo AIO Printer 944
"DW WLAN Card" = DW WLAN Card
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = Dell Support Center

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1" = 24x7 Help
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F5E43D09-96AF-4CA0-85AE-9134E7FFA7FC}" = Dell Digital Delivery
"{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1" = PC Fix Speed 1.2.0.24
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"DefaultTab" = DefaultTab
"Dell Webcam Central" = Dell Webcam Central
"Flash Player Pro_is1" = Flash Player Pro V5.4
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"SearchProtect" = Search Protect by conduit
"Shopping Sidekick Plugin" = Shopping Sidekick Plugin
"WhiteSmoke_B Toolbar" = WhiteSmoke B Toolbar
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/11/2012 10:21:26 AM | Computer Name = JoniSeiler-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/11/2012 10:51:24 PM | Computer Name = JoniSeiler-PC | Source = ESENT | ID = 623
Description = wuaueng.dll (372) SUS20ClientDataStore: The version store for this
instance (0) has reached its maximum size of 32Mb. It is likely that a long-running
transaction is preventing cleanup of the version store and causing it to build
up in size. Updates will be rejected until the long-running transaction has been
completely committed or rolled back. Possible long-running transaction: SessionId:
0x00000000010104A0 Session-context: 0x00000000 Session-context ThreadId: 0x00000000000005E8

Cleanup:
1

Error - 12/12/2012 11:18:27 AM | Computer Name = JoniSeiler-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/12/2012 3:24:05 PM | Computer Name = JoniSeiler-PC | Source = Application Error | ID = 1000
Description = Faulting application name: spoolsv.exe, version: 6.1.7601.17777, time
stamp: 0x4f35fc1d Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x00000000000532d0 Faulting
process id: 0x604 Faulting application start time: 0x01cdd89e231be8ca Faulting application
path: C:\windows\System32\spoolsv.exe Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report
Id: 7d8c43b8-4491-11e2-8e23-642737ee2eee

Error - 12/12/2012 3:24:51 PM | Computer Name = JoniSeiler-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/12/2012 3:33:50 PM | Computer Name = JoniSeiler-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
DownloadLatest Failed: HTTP status 500: An unexpected condition prevented the server
from fulfilling the request.

Error - 12/13/2012 8:50:41 PM | Computer Name = JoniSeiler-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/14/2012 12:06:37 PM | Computer Name = JoniSeiler-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/16/2012 12:23:20 PM | Computer Name = JoniSeiler-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/10/2013 8:00:29 PM | Computer Name = JoniSeiler-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 1/24/2013 5:00:33 AM | Computer Name = JoniSeiler-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 1/24/2013 5:05:32 AM | Computer Name = JoniSeiler-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based
Systems.

Error - 1/24/2013 9:12:40 AM | Computer Name = JoniSeiler-PC | Source = DCOM | ID = 10010
Description =

Error - 1/24/2013 10:38:29 AM | Computer Name = JoniSeiler-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:12:18 AM on ?1/?24/?2013 was unexpected.

Error - 1/24/2013 10:41:41 AM | Computer Name = JoniSeiler-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 1/24/2013 7:17:10 PM | Computer Name = JoniSeiler-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:11:04 AM on ?1/?24/?2013 was unexpected.

Error - 1/24/2013 7:20:23 PM | Computer Name = JoniSeiler-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 1/24/2013 7:39:33 PM | Computer Name = JoniSeiler-PC | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 1/28/2013 11:10:49 PM | Computer Name = JoniSeiler-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR6.

Error - 1/29/2013 5:04:45 AM | Computer Name = JoniSeiler-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based
Systems.


< End of report >

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by Superdave on Thu 21 Feb 2013, 6:46 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
Please explain what sort of problems you are encountering.

Please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

*********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Superdave
Tech Staff


Tech Staff

Posts : 4192
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Thu 21 Feb 2013, 5:55 pm

Adwcleaner first:
# AdwCleaner v2.112 - Logfile created 02/20/2013 at 23:46:17
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Joni Seiler - JONISEILER-PC
# Boot Mode : Normal
# Running from : C:\Users\Joni Seiler\Downloads\adwcleaner0.exe
# Option [Search]


***** [Services] *****

Found : 24x7HelpSvc
Found : CltMngSvc
Found : DefaultTabUpdate

***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Found : C:\windows\Tasks\AmiUpdXp.job
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Program Files (x86)\WhiteSmoke_B
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help
Folder Found : C:\Users\Joni Seiler\AppData\Local\Conduit
Folder Found : C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Folder Found : C:\Users\Joni Seiler\AppData\Local\SwvUpdater
Folder Found : C:\Users\Joni Seiler\AppData\LocalLow\Conduit
Folder Found : C:\Users\Joni Seiler\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Joni Seiler\AppData\LocalLow\WhiteSmoke_B
Folder Found : C:\Users\Joni Seiler\AppData\Roaming\DefaultTab
Folder Found : C:\Users\Joni Seiler\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Found : HKCU\Software\24x7HELP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\WhiteSmoke_B
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181102}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0E59437-6148-4A98-B0A6-60D557EF57F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181102}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97A5591D-4C09-4E06-9228-AC433B73650C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0E59437-6148-4A98-B0A6-60D557EF57F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\SearchProtect
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\Software\24x7HELP
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021802.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021802.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181102}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{97A5591D-4C09-4E06-9228-AC433B73650C}
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\WhiteSmoke_B
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110211181102}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97A5591D-4C09-4E06-9228-AC433B73650C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0E59437-6148-4A98-B0A6-60D557EF57F4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181102}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181102}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A679908A-9D19-46B7-94E1-EB7B14A555A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A76635BE-536A-454B-89BE-77D1B0CD99A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181102}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0E59437-6148-4A98-B0A6-60D557EF57F4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_B Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKU\S-1-5-21-2784060838-1555932679-2798245614-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F0E59437-6148-4A98-B0A6-60D557EF57F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F0E59437-6148-4A98-B0A6-60D557EF57F4}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F0E59437-6148-4A98-B0A6-60D557EF57F4}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [24x7HELP]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F0E59437-6148-4A98-B0A6-60D557EF57F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16448

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [You must be registered and logged in to see this link.]

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.8] : homepage = "hxxp://search.conduit.com/?CUI=UN41476848466471977&ctid=CT3279141&SearchSource=48",
Found [l.12] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?CUI=UN41476848466471977&ctid=CT3279141&SearchSource=48" ]
Found [l.46] : icon_url = "hxxp://search.conduit.com/fav.ico",
Found [l.49] : keyword = "search.conduit.com",
Found [l.52] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN41476848466471977&ctid=CT3279141",
Found [l.1803] : homepage = "hxxp://search.conduit.com/?CUI=UN41476848466471977&ctid=CT3279141&SearchSource=48",
Found [l.2388] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?CUI=UN41476848466471977&ctid=CT3279141&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [9828 octets] - [20/02/2013 23:46:17]

########## EOF - C:\AdwCleaner[R1].txt - [9888 octets] ##########

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Thu 21 Feb 2013, 5:56 pm

Malware output:

Malwarebytes Anti-Malware 1.70.0.1100
[You must be registered and logged in to see this link.]

Database version: v2013.02.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Joni Seiler :: JONISEILER-PC [administrator]

2/20/2013 11:51:06 PM
mbam-log-2013-02-20 (23-51-06).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 319882
Time elapsed: 50 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.dll (PUP.215Apps) -> Delete on reboot.

Registry Keys Detected: 16
HKCR\CLSID\{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440244184402} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550255185502} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0021802.BHO.1 (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick Plugin (PUP.215Apps) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 7
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.dll (PUP.215Apps) -> Delete on reboot.
C:\Users\Joni Seiler\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin-bg.exe (PUP.215Apps) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.exe (PUP.215Apps) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick PluginGui.exe (PUP.215Apps) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick Plugin\Uninstall.exe (PUP.215Apps) -> Quarantined and deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.

(end)

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Thu 21 Feb 2013, 5:57 pm

This computer would not let mee run the security check by screen 317,

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by Superdave on Fri 22 Feb 2013, 7:27 am

Remove the Adware:

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

************************************************
Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Tech Staff


Tech Staff

Posts : 4192
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Wed 27 Feb 2013, 4:36 pm

adwclean log

# AdwCleaner v2.113 - Logfile created 02/26/2013 at 22:27:32
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Joni Seiler - JONISEILER-PC
# Boot Mode : Normal
# Running from : C:\Users\Joni Seiler\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : 24x7HelpSvc
Stopped & Deleted : CltMngSvc
Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\WhiteSmoke_B
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help
Folder Deleted : C:\Users\Joni Seiler\AppData\Local\Conduit
Folder Deleted : C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Folder Deleted : C:\Users\Joni Seiler\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Joni Seiler\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Joni Seiler\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Joni Seiler\AppData\LocalLow\WhiteSmoke_B
Folder Deleted : C:\Users\Joni Seiler\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Joni Seiler\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Deleted : HKCU\Software\24x7HELP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_B
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0E59437-6148-4A98-B0A6-60D557EF57F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97A5591D-4C09-4E06-9228-AC433B73650C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0E59437-6148-4A98-B0A6-60D557EF57F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\24x7HELP
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{97A5591D-4C09-4E06-9228-AC433B73650C}
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\WhiteSmoke_B
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97A5591D-4C09-4E06-9228-AC433B73650C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0E59437-6148-4A98-B0A6-60D557EF57F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A679908A-9D19-46B7-94E1-EB7B14A555A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A76635BE-536A-454B-89BE-77D1B0CD99A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0E59437-6148-4A98-B0A6-60D557EF57F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_B Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F0E59437-6148-4A98-B0A6-60D557EF57F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F0E59437-6148-4A98-B0A6-60D557EF57F4}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F0E59437-6148-4A98-B0A6-60D557EF57F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [24x7HELP]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F0E59437-6148-4A98-B0A6-60D557EF57F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16448

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [You must be registered and logged in to see this link.] --> [You must be registered and logged in to see this link.]

-\\ Google Chrome v25.0.1364.97

File : C:\Users\Joni Seiler\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.33] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.36] : keyword = "search.conduit.com",
Deleted [l.39] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN41[...]
Deleted [l.1909] : homepage = "hxxp://search.conduit.com/?CUI=UN41476848466471977&ctid=CT3279141&SearchSource=48",
Deleted [l.2393] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?CUI=UN41476848466471977&ctid=CT327[...]

*************************

AdwCleaner[R1].txt - [9949 octets] - [20/02/2013 23:46:17]
AdwCleaner[S1].txt - [8254 octets] - [26/02/2013 22:27:32]

########## EOF - C:\AdwCleaner[S1].txt - [8314 octets] ##########

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Wed 27 Feb 2013, 4:37 pm

combofix log

ComboFix 13-02-26.01 - Joni Seiler 02/26/2013 22:44:35.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1911.682 [GMT -6:00]
Running from: c:\users\Joni Seiler\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Anti-Virus *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\0276115d-b6c6-4a1b-8e6b-68bc9dbe4f93.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1abc6cc6-7642-443e-ad9d-336734fd2832.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5b35a8f1-54bf-4743-8fd7-358ffc15372a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\63acf506-979e-4b72-a7ce-2af6dc2b98c4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9192d3e9-aa66-4560-a2e3-209867aafd30.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d4ffe1c0-8021-4dfa-bf52-cb9224f001ce.dll
c:\programdata\PCDr\6032\AddOnDownloaded\dfc97e68-74cd-4807-807f-ac146d81ec5d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e238f8f5-5f0a-478f-b96a-d15f6f6cac94.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f8b3befb-ca07-4bff-8777-f565b237979f.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\_ctypes.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\_elementtree.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\_hashlib.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\_socket.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\_ssl.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\pyexpat.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\pysqlite2._sqlite.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\python26.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\pythoncom26.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\PyWinTypes26.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\select.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\unicodedata.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32api.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32com.shell.shell.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32crypt.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32event.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32file.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32inet.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32pdh.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32process.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32profile.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32security.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\win32ts.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\windows._cacheinvalidation.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wx._controls_.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wx._core_.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wx._gdi_.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wx._html2.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wx._misc_.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wx._windows_.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wx._wizard.pyd
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wxbase293u_net_vc.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wxbase293u_vc.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wxmsw293u_adv_vc.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wxmsw293u_core_vc.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wxmsw293u_html_vc.dll
c:\users\Joni Seiler\AppData\Local\Temp\_MEI32802\wxmsw293u_webview_vc.dll
c:\users\Joni Seiler\Documents\~WRL0005.tmp
c:\users\Joni Seiler\Documents\~WRL1977.tmp
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\_ctypes.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\_elementtree.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\_hashlib.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\_socket.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\_ssl.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\pyexpat.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\pysqlite2._sqlite.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\python26.dll
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\pythoncom26.dll
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\PyWinTypes26.dll
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\select.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\unicodedata.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32api.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32com.shell.shell.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32crypt.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32event.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32file.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32inet.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32pdh.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32process.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32profile.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32security.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\win32ts.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\windows._cacheinvalidation.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wx._controls_.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wx._core_.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wx._gdi_.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wx._html2.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wx._misc_.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wx._windows_.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wx._wizard.pyd
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wxbase293u_net_vc.dll
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wxbase293u_vc.dll
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wxmsw293u_adv_vc.dll
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wxmsw293u_core_vc.dll
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wxmsw293u_html_vc.dll
c:\users\JONISE~1\AppData\Local\Temp\_MEI32802\wxmsw293u_webview_vc.dll
c:\windows\RPSETUP.EXE.LOG
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-01-27 to 2013-02-27 )))))))))))))))))))))))))))))))
.
.
2013-02-27 05:02 . 2013-02-27 05:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-27 02:37 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DBC10C29-0F08-4C2C-8884-8737BAE281A1}\mpengine.dll
2013-02-25 16:29 . 2013-02-25 16:29 -------- d-----w- C:\found.001
2013-02-21 05:50 . 2013-02-21 05:50 -------- d-----w- c:\users\Joni Seiler\AppData\Roaming\Malwarebytes
2013-02-21 05:49 . 2013-02-21 05:49 -------- d-----w- c:\programdata\Malwarebytes
2013-02-21 05:49 . 2013-02-21 05:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-21 05:49 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-21 05:48 . 2013-02-21 05:48 -------- d-----w- c:\users\Joni Seiler\AppData\Local\Programs
2013-02-15 03:23 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-15 03:23 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-15 03:23 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-15 03:23 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-15 03:22 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-15 03:22 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-15 03:22 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-15 03:22 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-15 03:22 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-15 03:22 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-15 03:22 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-15 03:22 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 21:22 . 2013-02-12 21:22 -------- d-----w- c:\program files (x86)\Flash Player Pro
2013-02-12 21:20 . 2013-02-12 21:20 -------- d-----w- c:\program files (x86)\24x7Help
2013-02-12 21:20 . 2013-02-15 02:58 -------- d-----w- c:\users\Joni Seiler\AppData\Roaming\PCFixSpeed
2013-02-12 21:20 . 2013-02-16 00:52 -------- d-----w- c:\programdata\PCFixSpeed
2013-02-12 21:20 . 2013-02-12 21:20 -------- d-----w- c:\program files (x86)\PCFixSpeed
2013-02-12 21:19 . 2013-02-12 21:19 -------- d-----w- c:\users\Joni Seiler\AppData\Local\Updater21802
2013-02-12 21:19 . 2013-02-12 21:19 -------- d-----w- c:\users\Joni Seiler\AppData\Local\Shopping Sidekick Plugin
2013-02-12 21:19 . 2013-02-21 06:45 -------- d-----w- c:\program files (x86)\Shopping Sidekick Plugin
2013-02-12 21:17 . 2013-02-12 21:17 -------- d-----w- c:\users\Joni Seiler\AppData\Local\CRE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-12 21:22 . 2012-04-21 01:56 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 21:22 . 2012-04-21 01:56 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-05 04:49 . 2012-09-07 05:41 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-17 07:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-15 03:22 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2013-01-11 00:16 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2013-01-11 00:16 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2013-01-11 00:16 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2013-01-11 00:16 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 18:25 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 18:25 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 18:25 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 18:25 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 18:25 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 18:25 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 18:25 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 18:25 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 18:25 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 18:25 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 18:25 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 18:25 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 18:25 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 18:25 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 18:25 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 18:25 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 18:25 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 18:25 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 18:25 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 18:25 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 18:25 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 18:25 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 18:25 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 18:25 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 18:25 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 18:25 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 18:25 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 18:25 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 18:25 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 18:25 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 18:25 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-07 10:46 . 2013-01-09 18:25 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-11-30 05:45 . 2013-01-09 18:23 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 18:23 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 18:23 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-09 18:23 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 18:23 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 18:23 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 18:23 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-09 18:23 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 18:23 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-12-18 16328976]
"Spotify Web Helper"="c:\users\Joni Seiler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-15 1199576]
"Spotify"="c:\users\Joni Seiler\AppData\Roaming\Spotify\Spotify.exe" [2012-11-15 7880664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-16 932288]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe" [2012-10-25 206448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"PCFixSpeed"="c:\program files (x86)\PCFixSpeed\PCFixTray.exe" [2012-09-19 383648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-1-13 1138464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-08-02 173056]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-08-18 349736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-08-18 39464]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-30 250984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-21 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 dlcd_device;dlcd_device;c:\windows\system32\dlcdcoms.exe [2007-01-17 566768]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2012-02-16 1695040]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-02 2533400]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-18 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 22544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-17 533096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-12 13:47]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-12 13:47]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2784060838-1555932679-2798245614-1000Core.job
- c:\users\Joni Seiler\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-03 15:27]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2784060838-1555932679-2798245614-1000UA.job
- c:\users\Joni Seiler\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-03 15:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-18 01:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-18 01:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-18 01:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-18 01:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"DLCDCATS"="c:\windows\system32\spool\DRIVERS\x64\3\DLCDtime.dll" [2006-02-24 28672]
"dlcdmon.exe"="c:\program files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe" [2007-01-17 431600]
"MemoryCardManager"="c:\program files (x86)\Dell Photo AIO Printer 944\memcard.exe" [2007-01-17 304624]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2013-02-26 23:22:12 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-27 05:22
.
Pre-Run: 256,745,775,104 bytes free
Post-Run: 256,832,225,280 bytes free
.
- - End Of File - - 410443411948764A90582F78608FCCFC

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by Superdave on Thu 28 Feb 2013, 6:20 am

Please download Rooter and Save it to your desktop.

  • Double click it to start the tool.Vista and Windows7 run as administrator.
  • Click Scan.
  • Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.

******************************************

  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again


Superdave
Tech Staff


Tech Staff

Posts : 4192
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Tue 05 Mar 2013, 4:21 pm

Thank you for your paptience:

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 9.0.8112.16421
.
C:\ [Fixed-NTFS] .. ( Total:278 Go - Free:239 Go )
D:\ [CD_Rom]
F:\ [Removable]
Q:\ [Fixed-FAT32] .. ( Total:0 Go - Free:0 Go )
.
Scan : 23:18.25
Path : C:\Users\Joni Seiler\Desktop\Rooter.exe
User : Joni Seiler ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ ????????? (416)
______ ????????? (512)
______ ????????? (564)
______ ????????? (588)
______ ????????? (624)
______ ????????? (648)
______ ????????? (656)
______ ????????? (780)
______ ????????? (860)
______ ????????? (920)
______ ????????? (948)
______ ????????? (988)
______ ????????? (1016)
______ ????????? (436)
______ ????????? (508)
Locked audiodg.exe (1036)
______ ????????? (1176)
______ ????????? (1400)
______ ????????? (1408)
______ ????????? (1492)
______ ????????? (1540)
______ ????????? (1624)
______ ????????? (1652)
______ C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (1760)
______ ????????? (1788)
______ ????????? (1840)
______ ????????? (1148)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (2136)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2160)
______ C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (2192)
______ ????????? (2264)
______ ????????? (2340)
______ ????????? (2428)
______ ????????? (2588)
______ ????????? (2660)
______ ????????? (2688)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2784)
______ ????????? (3004)
______ ????????? (3064)
______ ????????? (2304)
______ ????????? (3084)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (3316)
______ ????????? (3396)
______ ????????? (3404)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (3532)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (3644)
______ C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3660)
______ C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe (3708)
______ C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe (3740)
______ ????????? (3752)
______ C:\Program Files (x86)\Google\Drive\googledrivesync.exe (3764)
______ ????????? (2868)
______ ????????? (3524)
______ C:\Users\Joni Seiler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (1072)
______ ????????? (3872)
______ C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (1896)
______ C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (3416)
______ C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (4112)
______ ????????? (4120)
______ ????????? (4188)
______ C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4220)
______ ????????? (4360)
______ ????????? (4376)
______ ????????? (4400)
______ C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe (4584)
______ C:\Program Files (x86)\Google\Drive\googledrivesync.exe (4924)
______ ????????? (2992)
______ ????????? (5560)
______ ????????? (5820)
______ C:\windows\SysWOW64\RunDll32.exe (1956)
______ C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (5596)
______ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (3044)
______ ????????? (4532)
______ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (6948)
______ ????????? (5168)
______ C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (5088)
______ ????????? (2368)
______ ????????? (6160)
______ ????????? (3848)
______ C:\windows\SysWOW64\notepad.exe (572)
______ ????????? (7084)
______ ????????? (7108)
______ C:\Users\Joni Seiler\Desktop\Rooter.exe (3924)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:1048576 | Length:104857600)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:105906176 | Length:20971520000)
\Device\Harddisk0\Partition3 (Start_Offset:21077426176 | Length:298994458624)
.
----------------------\\ Scheduled Tasks
.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2784060838-1555932679-2798245614-1000Core.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2784060838-1555932679-2798245614-1000UA.job
C:\windows\Tasks\SA.DAT
C:\windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 23:18.27
.
C:\Rooter$\Rooter_2.txt - (04/03/2013 | 23:18.27)

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Tue 05 Mar 2013, 4:22 pm

I meant patience:

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRKgmailcom
Feedback : [You must be registered and logged in to see this link.]
Website : [You must be registered and logged in to see this link.]
Blog : [You must be registered and logged in to see this link.]

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Joni Seiler [Admin rights]
Mode : Remove -- Date : 03/04/2013 23:17:26
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[TASK][SUSP PATH] Updater21802.exe : C:\Users\Joni Seiler\AppData\Local\Updater21802\Updater21802.exe /extensionid=21802 /extensionname="Shopping Sidekick Plugin" /chromeid=dlopielgodpjhkbapdlbbicpiefpaack [-] -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BPVT-75JJ5T0 +++++
--- User ---
[MBR] 394c5eafa55c443150e33f90103add3d
[BSP] 226bfcb163189296763242f68bd00bfa : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 20000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41166848 | Size: 285143 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SD Card +++++
--- User ---
[MBR] ce9e9ece43a0949d9aad2d1892c1ab34
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7883 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_03042013_02d2317.txt >>
RKreport[1]_S_03042013_02d2315.txt ; RKreport[2]_D_03042013_02d2317.txt

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by Superdave on Wed 06 Mar 2013, 5:57 am

How's your computer running now?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.

  • Leave the check mark next to Remove found threats.

•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Tech Staff


Tech Staff

Posts : 4192
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Thu 07 Mar 2013, 2:27 pm

Computer is still sluggish. I had to restart this application a few times. This is all the log file had:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by Superdave on Fri 08 Mar 2013, 4:44 am

Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply.

Superdave
Tech Staff


Tech Staff

Posts : 4192
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Fri 08 Mar 2013, 3:01 pm

Here you go:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-07 21:54:43
-----------------------------
21:54:43.947 OS Version: Windows x64 6.1.7601 Service Pack 1
21:54:43.947 Number of processors: 4 586 0x2505
21:54:43.947 ComputerName: JONISEILER-PC UserName: Joni Seiler
21:54:49.173 Initialize success
21:58:18.511 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:58:18.511 Disk 0 Vendor: WDC_WD32 03.0 Size: 305245MB BusType: 3
21:58:18.542 Disk 0 MBR read successfully
21:58:18.557 Disk 0 MBR scan
21:58:18.557 Disk 0 Windows 7 default MBR code
21:58:18.573 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
21:58:18.604 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 206848
21:58:18.635 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 285143 MB offset 41166848
21:58:18.667 Disk 0 scanning C:\windows\system32\drivers
21:58:24.735 Service scanning
21:58:31.115 Service KL1 C:\windows\system32\DRIVERS\kl1.sys **LOCKED** 5
21:58:31.193 Service kl2 C:\windows\system32\DRIVERS\kl2.sys **LOCKED** 5
21:58:31.287 Service KLIM6 C:\windows\system32\DRIVERS\klim6.sys **LOCKED** 5
21:58:31.365 Service klmouflt C:\windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
21:58:42.675 Modules scanning
21:58:42.691 Disk 0 trace - called modules:
21:58:42.706
21:58:42.706 Scan finished successfully
21:59:19.429 Disk 0 MBR has been saved successfully to "C:\Users\Joni Seiler\Desktop\MBR.dat"
21:59:19.429 The log file has been saved successfully to "C:\Users\Joni Seiler\Desktop\aswMBR.txt"



jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by Superdave on Sat 09 Mar 2013, 5:47 am


  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

  • If an infected file is detected, the default action will be Cure, click on Continue.

  • If a suspicious file is detected, the default action will be Skip, click on Continue.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..

Superdave
Tech Staff


Tech Staff

Posts : 4192
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Tue 12 Mar 2013, 1:20 pm

No threats found. Part 1 of 2 reply posts.

21:13:58.0340 6372 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:13:59.0089 6372 ============================================================
21:13:59.0089 6372 Current date / time: 2013/03/11 21:13:59.0089
21:13:59.0089 6372 SystemInfo:
21:13:59.0089 6372
21:13:59.0089 6372 OS Version: 6.1.7601 ServicePack: 1.0
21:13:59.0089 6372 Product type: Workstation
21:13:59.0089 6372 ComputerName: JONISEILER-PC
21:13:59.0089 6372 UserName: Joni Seiler
21:13:59.0089 6372 Windows directory: C:\windows
21:13:59.0089 6372 System windows directory: C:\windows
21:13:59.0089 6372 Running under WOW64
21:13:59.0089 6372 Processor architecture: Intel x64
21:13:59.0089 6372 Number of processors: 4
21:13:59.0089 6372 Page size: 0x1000
21:13:59.0089 6372 Boot type: Normal boot
21:13:59.0089 6372 ============================================================
21:14:01.0039 6372 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:14:01.0070 6372 ============================================================
21:14:01.0070 6372 \Device\Harddisk0\DR0:
21:14:01.0070 6372 MBR partitions:
21:14:01.0070 6372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2710000
21:14:01.0070 6372 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2742800, BlocksNum 0x22CEBAB0
21:14:01.0070 6372 ============================================================
21:14:01.0133 6372 C: <-> \Device\Harddisk0\DR0\Partition2
21:14:01.0148 6372 ============================================================
21:14:01.0148 6372 Initialize success
21:14:01.0148 6372 ============================================================
21:14:05.0953 1156 ============================================================
21:14:05.0953 1156 Scan started
21:14:05.0953 1156 Mode: Manual;
21:14:05.0953 1156 ============================================================
21:14:06.0187 1156 ================ Scan system memory ========================
21:14:06.0187 1156 System memory - ok
21:14:06.0187 1156 ================ Scan services =============================
21:14:06.0827 1156 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:14:06.0827 1156 1394ohci - ok
21:14:06.0874 1156 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:14:06.0874 1156 ACPI - ok
21:14:06.0905 1156 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:14:06.0920 1156 AcpiPmi - ok
21:14:06.0967 1156 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
21:14:06.0967 1156 adp94xx - ok
21:14:06.0998 1156 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
21:14:07.0014 1156 adpahci - ok
21:14:07.0014 1156 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
21:14:07.0030 1156 adpu320 - ok
21:14:07.0061 1156 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:14:07.0076 1156 AeLookupSvc - ok
21:14:07.0170 1156 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
21:14:07.0186 1156 AESTFilters - ok
21:14:07.0248 1156 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
21:14:07.0248 1156 AFD - ok
21:14:07.0310 1156 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:14:07.0310 1156 agp440 - ok
21:14:07.0342 1156 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:14:07.0342 1156 ALG - ok
21:14:07.0373 1156 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:14:07.0388 1156 aliide - ok
21:14:07.0388 1156 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:14:07.0388 1156 amdide - ok
21:14:07.0404 1156 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
21:14:07.0404 1156 AmdK8 - ok
21:14:07.0420 1156 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
21:14:07.0420 1156 AmdPPM - ok
21:14:07.0451 1156 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:14:07.0451 1156 amdsata - ok
21:14:07.0466 1156 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
21:14:07.0466 1156 amdsbs - ok
21:14:07.0498 1156 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:14:07.0498 1156 amdxata - ok
21:14:07.0560 1156 [ 6690E42CED5D067233ABAD42DA141213 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
21:14:07.0560 1156 ApfiltrService - ok
21:14:07.0622 1156 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:14:07.0622 1156 AppID - ok
21:14:07.0669 1156 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:14:07.0669 1156 AppIDSvc - ok
21:14:07.0685 1156 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:14:07.0685 1156 Appinfo - ok
21:14:07.0716 1156 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
21:14:07.0716 1156 arc - ok
21:14:07.0732 1156 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
21:14:07.0732 1156 arcsas - ok
21:14:07.0903 1156 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:14:07.0919 1156 aspnet_state - ok
21:14:07.0919 1156 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:14:07.0934 1156 AsyncMac - ok
21:14:07.0966 1156 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:14:07.0966 1156 atapi - ok
21:14:08.0059 1156 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:14:08.0075 1156 AudioEndpointBuilder - ok
21:14:08.0090 1156 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:14:08.0106 1156 AudioSrv - ok
21:14:08.0215 1156 [ 6C9D5BADC8F83D410A278717C2EEA6F6 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
21:14:08.0215 1156 AVP - ok
21:14:08.0262 1156 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:14:08.0262 1156 AxInstSV - ok
21:14:08.0324 1156 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
21:14:08.0340 1156 b06bdrv - ok
21:14:08.0402 1156 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:14:08.0418 1156 b57nd60a - ok
21:14:08.0496 1156 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
21:14:08.0496 1156 BBSvc - ok
21:14:08.0527 1156 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
21:14:08.0527 1156 BBUpdate - ok
21:14:08.0730 1156 [ 783F1C7ED6B39454A8D1028D4F30768D ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
21:14:08.0870 1156 BCM43XX - ok
21:14:09.0026 1156 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:14:09.0026 1156 BDESVC - ok
21:14:09.0167 1156 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:14:09.0167 1156 Beep - ok
21:14:09.0463 1156 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:14:09.0479 1156 BFE - ok
21:14:09.0838 1156 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
21:14:09.0853 1156 BITS - ok
21:14:09.0978 1156 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:14:09.0978 1156 blbdrive - ok
21:14:10.0087 1156 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:14:10.0087 1156 bowser - ok
21:14:10.0134 1156 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
21:14:10.0150 1156 BrFiltLo - ok
21:14:10.0150 1156 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
21:14:10.0150 1156 BrFiltUp - ok
21:14:10.0243 1156 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:14:10.0243 1156 BridgeMP - ok
21:14:10.0306 1156 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:14:10.0321 1156 Browser - ok
21:14:10.0508 1156 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:14:10.0524 1156 Brserid - ok
21:14:10.0586 1156 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:14:10.0586 1156 BrSerWdm - ok
21:14:10.0633 1156 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:14:10.0633 1156 BrUsbMdm - ok
21:14:10.0664 1156 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:14:10.0664 1156 BrUsbSer - ok
21:14:10.0774 1156 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
21:14:10.0774 1156 BthEnum - ok
21:14:10.0820 1156 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
21:14:10.0820 1156 BTHMODEM - ok
21:14:10.0914 1156 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
21:14:10.0914 1156 BthPan - ok
21:14:11.0086 1156 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
21:14:11.0101 1156 BTHPORT - ok
21:14:11.0288 1156 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:14:11.0304 1156 bthserv - ok
21:14:11.0366 1156 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
21:14:11.0366 1156 BTHUSB - ok
21:14:11.0585 1156 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys
21:14:11.0600 1156 BTWAMPFL - ok
21:14:11.0741 1156 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
21:14:11.0741 1156 btwaudio - ok
21:14:11.0881 1156 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
21:14:11.0881 1156 btwavdt - ok
21:14:12.0084 1156 [ B7DEA77EE893806859072274EE8EC8FC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:14:12.0131 1156 btwdins - ok
21:14:12.0178 1156 [ 9AD0FA253ED531D39FB2D74FE12A5FA9 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
21:14:12.0178 1156 btwl2cap - ok
21:14:12.0209 1156 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
21:14:12.0224 1156 btwrchid - ok
21:14:12.0256 1156 catchme - ok
21:14:12.0287 1156 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:14:12.0287 1156 cdfs - ok
21:14:12.0349 1156 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:14:12.0349 1156 cdrom - ok
21:14:12.0396 1156 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:14:12.0396 1156 CertPropSvc - ok
21:14:12.0396 1156 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
21:14:12.0412 1156 circlass - ok
21:14:12.0427 1156 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:14:12.0443 1156 CLFS - ok
21:14:12.0536 1156 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:14:12.0536 1156 clr_optimization_v2.0.50727_32 - ok
21:14:12.0583 1156 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:14:12.0583 1156 clr_optimization_v2.0.50727_64 - ok
21:14:12.0677 1156 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:14:12.0677 1156 clr_optimization_v4.0.30319_32 - ok
21:14:12.0724 1156 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:14:12.0724 1156 clr_optimization_v4.0.30319_64 - ok
21:14:12.0770 1156 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:14:12.0770 1156 CmBatt - ok
21:14:12.0786 1156 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:14:12.0786 1156 cmdide - ok
21:14:12.0864 1156 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
21:14:12.0880 1156 CNG - ok
21:14:12.0926 1156 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
21:14:12.0926 1156 Compbatt - ok
21:14:12.0958 1156 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
21:14:12.0958 1156 CompositeBus - ok
21:14:12.0989 1156 COMSysApp - ok
21:14:13.0020 1156 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
21:14:13.0020 1156 crcdisk - ok
21:14:13.0114 1156 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
21:14:13.0114 1156 CryptSvc - ok
21:14:13.0192 1156 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys
21:14:13.0192 1156 CtClsFlt - ok
21:14:13.0285 1156 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:14:13.0301 1156 cvhsvc - ok
21:14:13.0348 1156 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:14:13.0363 1156 DcomLaunch - ok
21:14:13.0426 1156 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:14:13.0426 1156 defragsvc - ok
21:14:13.0488 1156 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
21:14:13.0488 1156 DellDigitalDelivery - ok
21:14:13.0519 1156 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:14:13.0535 1156 DfsC - ok
21:14:13.0582 1156 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:14:13.0597 1156 Dhcp - ok
21:14:13.0644 1156 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:14:13.0644 1156 discache - ok
21:14:13.0660 1156 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
21:14:13.0660 1156 Disk - ok
21:14:13.0722 1156 dlcd_device - ok
21:14:13.0753 1156 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:14:13.0753 1156 Dnscache - ok
21:14:13.0784 1156 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:14:14.0252 1156 dot3svc - ok
21:14:14.0315 1156 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:14:14.0315 1156 DPS - ok
21:14:14.0346 1156 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:14:14.0362 1156 drmkaud - ok
21:14:14.0424 1156 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:14:14.0440 1156 DXGKrnl - ok
21:14:14.0518 1156 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:14:14.0518 1156 EapHost - ok
21:14:14.0720 1156 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
21:14:14.0798 1156 ebdrv - ok
21:14:14.0830 1156 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
21:14:14.0830 1156 EFS - ok
21:14:14.0939 1156 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:14:14.0970 1156 ehRecvr - ok
21:14:15.0001 1156 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:14:15.0017 1156 ehSched - ok
21:14:15.0048 1156 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
21:14:15.0064 1156 elxstor - ok
21:14:15.0110 1156 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:14:15.0110 1156 ErrDev - ok
21:14:15.0173 1156 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:14:15.0173 1156 EventSystem - ok
21:14:15.0251 1156 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:14:15.0251 1156 exfat - ok
21:14:15.0282 1156 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:14:15.0282 1156 fastfat - ok
21:14:15.0329 1156 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:14:15.0329 1156 Fax - ok
21:14:15.0344 1156 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
21:14:15.0344 1156 fdc - ok
21:14:15.0391 1156 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:14:15.0391 1156 fdPHost - ok
21:14:15.0454 1156 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:14:15.0454 1156 FDResPub - ok
21:14:15.0469 1156 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:14:15.0469 1156 FileInfo - ok
21:14:15.0500 1156 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:14:15.0500 1156 Filetrace - ok
21:14:15.0516 1156 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
21:14:15.0516 1156 flpydisk - ok
21:14:15.0610 1156 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:14:15.0610 1156 FltMgr - ok
21:14:15.0750 1156 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
21:14:15.0781 1156 FontCache - ok
21:14:15.0906 1156 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:14:15.0922 1156 FontCache3.0.0.0 - ok
21:14:15.0937 1156 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:14:15.0937 1156 FsDepends - ok
21:14:15.0984 1156 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:14:16.0000 1156 Fs_Rec - ok
21:14:16.0062 1156 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:14:16.0062 1156 fvevol - ok
21:14:16.0093 1156 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
21:14:16.0093 1156 gagp30kx - ok
21:14:16.0140 1156 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:14:16.0171 1156 gpsvc - ok
21:14:16.0249 1156 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:14:16.0249 1156 gupdate - ok
21:14:16.0265 1156 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:14:16.0265 1156 gupdatem - ok
21:14:16.0296 1156 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:14:16.0296 1156 hcw85cir - ok
21:14:16.0343 1156 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:14:16.0343 1156 HdAudAddService - ok
21:14:16.0343 1156 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
21:14:16.0358 1156 HDAudBus - ok
21:14:16.0421 1156 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
21:14:16.0421 1156 HECIx64 - ok
21:14:16.0436 1156 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
21:14:16.0436 1156 HidBatt - ok
21:14:16.0514 1156 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
21:14:16.0530 1156 HidBth - ok
21:14:16.0546 1156 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
21:14:16.0546 1156 HidIr - ok
21:14:16.0577 1156 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
21:14:16.0577 1156 hidserv - ok
21:14:16.0624 1156 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:14:16.0624 1156 HidUsb - ok
21:14:16.0655 1156 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:14:16.0670 1156 hkmsvc - ok
21:14:16.0670 1156 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:14:16.0686 1156 HomeGroupListener - ok
21:14:16.0717 1156 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:14:16.0717 1156 HomeGroupProvider - ok
21:14:16.0733 1156 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:14:16.0733 1156 HpSAMD - ok
21:14:16.0795 1156 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:14:16.0826 1156 HTTP - ok
21:14:16.0842 1156 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:14:16.0842 1156 hwpolicy - ok
21:14:16.0889 1156 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
21:14:16.0889 1156 i8042prt - ok
21:14:16.0951 1156 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
21:14:16.0967 1156 iaStor - ok
21:14:17.0045 1156 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:14:17.0045 1156 IAStorDataMgrSvc - ok
21:14:17.0076 1156 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:14:17.0092 1156 iaStorV - ok
21:14:17.0154 1156 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:14:17.0185 1156 idsvc - ok
21:14:17.0747 1156 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:14:18.0043 1156 igfx - ok
21:14:18.0121 1156 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
21:14:18.0121 1156 iirsp - ok
21:14:18.0418 1156 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:14:18.0449 1156 IKEEXT - ok
21:14:18.0480 1156 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
21:14:18.0496 1156 Impcd - ok
21:14:18.0542 1156 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
21:14:18.0542 1156 IntcDAud - ok
21:14:18.0574 1156 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:14:18.0589 1156 intelide - ok
21:14:18.0620 1156 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:14:18.0620 1156 intelppm - ok
21:14:18.0652 1156 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:14:19.0369 1156 IPBusEnum - ok
21:14:19.0400 1156 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:14:19.0400 1156 IpFilterDriver - ok
21:14:19.0447 1156 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:14:19.0463 1156 iphlpsvc - ok
21:14:19.0478 1156 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:14:19.0494 1156 IPMIDRV - ok
21:14:19.0510 1156 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:14:19.0510 1156 IPNAT - ok
21:14:19.0541 1156 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:14:19.0541 1156 IRENUM - ok
21:14:19.0541 1156 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:14:19.0541 1156 isapnp - ok
21:14:19.0666 1156 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:14:19.0666 1156 iScsiPrt - ok
21:14:19.0697 1156 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:14:19.0697 1156 kbdclass - ok
21:14:19.0712 1156 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:14:19.0728 1156 kbdhid - ok
21:14:19.0744 1156 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
21:14:19.0744 1156 KeyIso - ok
21:14:19.0806 1156 [ E656FE10D6D27794AFA08136685A69E8 ] KL1 C:\windows\system32\DRIVERS\kl1.sys
21:14:19.0822 1156 KL1 - ok
21:14:19.0853 1156 [ D865DD8B0448E3F963D68C04C532858F ] kl2 C:\windows\system32\DRIVERS\kl2.sys
21:14:19.0853 1156 kl2 - ok
21:14:19.0915 1156 [ 8490798365236B6C8E54DEDD27A42D07 ] KLIF C:\windows\system32\DRIVERS\klif.sys
21:14:19.0931 1156 KLIF - ok
21:14:19.0962 1156 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
21:14:19.0962 1156 KLIM6 - ok
21:14:20.0009 1156 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
21:14:20.0009 1156 klmouflt - ok
21:14:20.0056 1156 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:14:20.0056 1156 KSecDD - ok
21:14:20.0071 1156 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:14:20.0071 1156 KSecPkg - ok
21:14:20.0118 1156 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:14:20.0118 1156 ksthunk - ok
21:14:20.0180 1156 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:14:20.0180 1156 KtmRm - ok
21:14:20.0305 1156 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
21:14:20.0305 1156 LanmanServer - ok
21:14:20.0336 1156 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:14:20.0352 1156 LanmanWorkstation - ok
21:14:20.0414 1156 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:14:20.0414 1156 lltdio - ok
21:14:20.0430 1156 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:14:20.0446 1156 lltdsvc - ok
21:14:20.0492 1156 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:14:20.0508 1156 lmhosts - ok
21:14:20.0586 1156 [ 23D990150D56B670A62B21B9ABDD45EE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:14:20.0586 1156 LMS - ok
21:14:20.0633 1156 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
21:14:20.0633 1156 LSI_FC - ok
21:14:20.0664 1156 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
21:14:20.0664 1156 LSI_SAS - ok
21:14:20.0680 1156 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
21:14:20.0680 1156 LSI_SAS2 - ok
21:14:20.0695 1156 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
21:14:20.0695 1156 LSI_SCSI - ok
21:14:20.0726 1156 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:14:20.0726 1156 luafv - ok
21:14:20.0789 1156 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:14:20.0789 1156 Mcx2Svc - ok
21:14:20.0804 1156 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
21:14:20.0804 1156 megasas - ok
21:14:20.0836 1156 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
21:14:20.0851 1156 MegaSR - ok
21:14:20.0914 1156 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:14:20.0929 1156 MMCSS - ok
21:14:20.0929 1156 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:14:20.0945 1156 Modem - ok
21:14:20.0976 1156 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:14:20.0992 1156 monitor - ok
21:14:21.0007 1156 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:14:21.0007 1156 mouclass - ok
21:14:21.0038 1156 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:14:21.0038 1156 mouhid - ok
21:14:21.0070 1156 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:14:21.0070 1156 mountmgr - ok
21:14:21.0085 1156 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:14:21.0101 1156 mpio - ok
21:14:21.0116 1156 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:14:21.0116 1156 mpsdrv - ok
21:14:21.0179 1156 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:14:21.0194 1156 MpsSvc - ok
21:14:21.0210 1156 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:14:21.0210 1156 MRxDAV - ok
21:14:21.0226 1156 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:14:21.0226 1156 mrxsmb - ok
21:14:21.0241 1156 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:14:21.0241 1156 mrxsmb10 - ok
21:14:21.0257 1156 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:14:21.0257 1156 mrxsmb20 - ok
21:14:21.0288 1156 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
21:14:21.0288 1156 msahci - ok
21:14:21.0304 1156 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:14:21.0319 1156 msdsm - ok
21:14:21.0350 1156 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:14:21.0350 1156 MSDTC - ok
21:14:21.0382 1156 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:14:21.0382 1156 Msfs - ok
21:14:21.0413 1156 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:14:21.0413 1156 mshidkmdf - ok
21:14:21.0444 1156 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:14:21.0444 1156 msisadrv - ok
21:14:21.0475 1156 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:14:21.0803 1156 MSiSCSI - ok
21:14:21.0818 1156 msiserver - ok
21:14:21.0865 1156 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:14:21.0865 1156 MSKSSRV - ok
21:14:21.0881 1156 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:14:21.0881 1156 MSPCLOCK - ok
21:14:21.0943 1156 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:14:21.0943 1156 MSPQM - ok
21:14:21.0974 1156 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:14:21.0974 1156 MsRPC - ok
21:14:22.0021 1156 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
21:14:22.0037 1156 mssmbios - ok

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by jseiler on Tue 12 Mar 2013, 1:21 pm

Part 2 of 2.

21:14:22.0052 1156 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:14:22.0052 1156 MSTEE - ok
21:14:22.0052 1156 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
21:14:22.0068 1156 MTConfig - ok
21:14:22.0084 1156 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:14:22.0084 1156 Mup - ok
21:14:22.0115 1156 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:14:22.0130 1156 napagent - ok
21:14:22.0193 1156 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:14:22.0208 1156 NativeWifiP - ok
21:14:22.0271 1156 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
21:14:22.0286 1156 NDIS - ok
21:14:22.0318 1156 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:14:22.0318 1156 NdisCap - ok
21:14:22.0349 1156 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:14:22.0349 1156 NdisTapi - ok
21:14:22.0364 1156 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:14:22.0380 1156 Ndisuio - ok
21:14:22.0396 1156 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:14:22.0396 1156 NdisWan - ok
21:14:22.0411 1156 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:14:22.0411 1156 NDProxy - ok
21:14:22.0427 1156 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:14:22.0442 1156 NetBIOS - ok
21:14:22.0442 1156 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:14:22.0458 1156 NetBT - ok
21:14:22.0489 1156 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
21:14:22.0489 1156 Netlogon - ok
21:14:22.0536 1156 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:14:22.0536 1156 Netman - ok
21:14:22.0583 1156 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:14:22.0598 1156 NetMsmqActivator - ok
21:14:22.0598 1156 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:14:22.0598 1156 NetPipeActivator - ok
21:14:22.0630 1156 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:14:22.0645 1156 netprofm - ok
21:14:22.0645 1156 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:14:22.0645 1156 NetTcpActivator - ok
21:14:22.0661 1156 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:14:22.0661 1156 NetTcpPortSharing - ok
21:14:22.0692 1156 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
21:14:22.0692 1156 nfrd960 - ok
21:14:22.0739 1156 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
21:14:22.0739 1156 NlaSvc - ok
21:14:22.0848 1156 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
21:14:22.0926 1156 NOBU - ok
21:14:22.0957 1156 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:14:22.0957 1156 Npfs - ok
21:14:22.0988 1156 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:14:22.0988 1156 nsi - ok
21:14:23.0020 1156 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:14:23.0020 1156 nsiproxy - ok
21:14:23.0098 1156 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:14:23.0129 1156 Ntfs - ok
21:14:23.0160 1156 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:14:23.0160 1156 Null - ok
21:14:23.0191 1156 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:14:23.0191 1156 nvraid - ok
21:14:23.0207 1156 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:14:23.0207 1156 nvstor - ok
21:14:23.0222 1156 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:14:23.0222 1156 nv_agp - ok
21:14:23.0238 1156 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:14:23.0238 1156 ohci1394 - ok
21:14:23.0269 1156 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:14:23.0285 1156 ose - ok
21:14:23.0410 1156 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:14:23.0503 1156 osppsvc - ok
21:14:23.0534 1156 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:14:23.0550 1156 p2pimsvc - ok
21:14:23.0566 1156 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:14:23.0566 1156 p2psvc - ok
21:14:23.0581 1156 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
21:14:23.0581 1156 Parport - ok
21:14:23.0597 1156 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:14:23.0597 1156 partmgr - ok
21:14:23.0612 1156 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:14:23.0628 1156 PcaSvc - ok
21:14:23.0722 1156 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
21:14:23.0971 1156 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
21:14:24.0002 1156 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:14:24.0002 1156 pci - ok
21:14:24.0018 1156 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
21:14:24.0018 1156 pciide - ok
21:14:24.0034 1156 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
21:14:24.0049 1156 pcmcia - ok
21:14:24.0080 1156 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:14:24.0080 1156 pcw - ok
21:14:24.0096 1156 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:14:24.0112 1156 PEAUTH - ok
21:14:24.0236 1156 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:14:24.0236 1156 PerfHost - ok
21:14:24.0314 1156 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:14:24.0346 1156 pla - ok
21:14:24.0424 1156 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:14:24.0424 1156 PlugPlay - ok
21:14:24.0455 1156 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:14:24.0455 1156 PNRPAutoReg - ok
21:14:24.0486 1156 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:14:24.0486 1156 PNRPsvc - ok
21:14:24.0548 1156 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:14:24.0548 1156 PolicyAgent - ok
21:14:24.0611 1156 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
21:14:24.0626 1156 Power - ok
21:14:24.0658 1156 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:14:24.0673 1156 PptpMiniport - ok
21:14:24.0704 1156 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
21:14:24.0704 1156 Processor - ok
21:14:24.0736 1156 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:14:24.0751 1156 ProfSvc - ok
21:14:24.0767 1156 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
21:14:24.0767 1156 ProtectedStorage - ok
21:14:24.0798 1156 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:14:24.0798 1156 Psched - ok
21:14:24.0907 1156 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
21:14:24.0938 1156 ql2300 - ok
21:14:24.0954 1156 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
21:14:24.0954 1156 ql40xx - ok
21:14:24.0985 1156 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:14:25.0001 1156 QWAVE - ok
21:14:25.0016 1156 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:14:25.0016 1156 QWAVEdrv - ok
21:14:25.0016 1156 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:14:25.0016 1156 RasAcd - ok
21:14:25.0063 1156 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:14:25.0063 1156 RasAgileVpn - ok
21:14:25.0079 1156 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:14:25.0094 1156 RasAuto - ok
21:14:25.0110 1156 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:14:25.0110 1156 Rasl2tp - ok
21:14:25.0126 1156 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:14:25.0141 1156 RasMan - ok
21:14:25.0157 1156 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:14:25.0157 1156 RasPppoe - ok
21:14:25.0172 1156 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:14:25.0172 1156 RasSstp - ok
21:14:25.0188 1156 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:14:25.0188 1156 rdbss - ok
21:14:25.0219 1156 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
21:14:25.0235 1156 rdpbus - ok
21:14:25.0250 1156 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:14:25.0250 1156 RDPCDD - ok
21:14:25.0297 1156 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:14:25.0297 1156 RDPENCDD - ok
21:14:25.0313 1156 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:14:25.0313 1156 RDPREFMP - ok
21:14:25.0344 1156 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:14:25.0360 1156 RDPWD - ok
21:14:25.0375 1156 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:14:25.0375 1156 rdyboost - ok
21:14:25.0406 1156 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:14:25.0422 1156 RemoteAccess - ok
21:14:25.0453 1156 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:14:25.0453 1156 RemoteRegistry - ok
21:14:25.0469 1156 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
21:14:25.0469 1156 RFCOMM - ok
21:14:25.0500 1156 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:14:25.0500 1156 RpcEptMapper - ok
21:14:25.0531 1156 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:14:25.0531 1156 RpcLocator - ok
21:14:25.0562 1156 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
21:14:25.0578 1156 RpcSs - ok
21:14:25.0594 1156 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:14:25.0594 1156 rspndr - ok
21:14:25.0656 1156 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
21:14:25.0672 1156 RSUSBSTOR - ok
21:14:25.0734 1156 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
21:14:25.0734 1156 RTL8167 - ok
21:14:25.0750 1156 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
21:14:25.0750 1156 SamSs - ok
21:14:25.0781 1156 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:14:25.0796 1156 sbp2port - ok
21:14:25.0828 1156 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:14:25.0828 1156 SCardSvr - ok
21:14:25.0859 1156 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:14:25.0859 1156 scfilter - ok
21:14:25.0890 1156 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:14:25.0921 1156 Schedule - ok
21:14:25.0984 1156 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:14:25.0984 1156 SCPolicySvc - ok
21:14:26.0030 1156 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:14:26.0030 1156 SDRSVC - ok
21:14:26.0077 1156 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:14:26.0077 1156 secdrv - ok
21:14:26.0093 1156 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:14:26.0093 1156 seclogon - ok
21:14:26.0108 1156 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
21:14:26.0124 1156 SENS - ok
21:14:26.0140 1156 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:14:26.0155 1156 SensrSvc - ok
21:14:26.0186 1156 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
21:14:26.0186 1156 Serenum - ok
21:14:26.0202 1156 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
21:14:26.0202 1156 Serial - ok
21:14:26.0218 1156 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
21:14:26.0218 1156 sermouse - ok
21:14:26.0280 1156 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:14:26.0296 1156 SessionEnv - ok
21:14:26.0296 1156 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:14:26.0296 1156 sffdisk - ok
21:14:26.0311 1156 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:14:26.0311 1156 sffp_mmc - ok
21:14:26.0327 1156 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:14:26.0327 1156 sffp_sd - ok
21:14:26.0327 1156 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
21:14:26.0342 1156 sfloppy - ok
21:14:26.0420 1156 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
21:14:26.0452 1156 Sftfs - ok
21:14:26.0514 1156 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:14:26.0530 1156 sftlist - ok
21:14:26.0545 1156 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
21:14:26.0545 1156 Sftplay - ok
21:14:26.0561 1156 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
21:14:26.0561 1156 Sftredir - ok
21:14:26.0670 1156 [ 4215C271D6E6898C3F4DABAB4F387DC9 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
21:14:26.0717 1156 SftService - ok
21:14:26.0764 1156 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
21:14:26.0764 1156 Sftvol - ok
21:14:26.0779 1156 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:14:26.0795 1156 sftvsa - ok
21:14:26.0826 1156 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:14:26.0842 1156 SharedAccess - ok
21:14:26.0873 1156 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:14:26.0888 1156 ShellHWDetection - ok
21:14:26.0904 1156 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
21:14:26.0904 1156 SiSRaid2 - ok
21:14:26.0920 1156 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
21:14:26.0920 1156 SiSRaid4 - ok
21:14:27.0169 1156 [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:14:27.0232 1156 Skype C2C Service - ok
21:14:27.0294 1156 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:14:27.0294 1156 SkypeUpdate - ok
21:14:27.0310 1156 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:14:27.0310 1156 Smb - ok
21:14:27.0372 1156 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:14:27.0372 1156 SNMPTRAP - ok
21:14:27.0403 1156 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:14:27.0403 1156 spldr - ok
21:14:27.0450 1156 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:14:27.0450 1156 Spooler - ok
21:14:27.0544 1156 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:14:27.0606 1156 sppsvc - ok
21:14:27.0622 1156 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:14:27.0622 1156 sppuinotify - ok
21:14:27.0653 1156 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:14:27.0653 1156 srv - ok
21:14:27.0668 1156 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:14:27.0684 1156 srv2 - ok
21:14:27.0684 1156 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:14:27.0684 1156 srvnet - ok
21:14:27.0715 1156 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:14:27.0715 1156 SSDPSRV - ok
21:14:27.0731 1156 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:14:27.0731 1156 SstpSvc - ok
21:14:27.0793 1156 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
21:14:27.0809 1156 STacSV - ok
21:14:27.0824 1156 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
21:14:27.0824 1156 stexstor - ok
21:14:27.0856 1156 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
21:14:27.0871 1156 STHDA - ok
21:14:27.0918 1156 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:14:27.0934 1156 stisvc - ok
21:14:27.0965 1156 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
21:14:27.0965 1156 swenum - ok
21:14:27.0996 1156 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:14:27.0996 1156 swprv - ok
21:14:28.0074 1156 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:14:28.0121 1156 SysMain - ok
21:14:28.0121 1156 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:14:28.0136 1156 TabletInputService - ok
21:14:28.0136 1156 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:14:28.0152 1156 TapiSrv - ok
21:14:28.0214 1156 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:14:28.0214 1156 TBS - ok
21:14:28.0308 1156 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:14:28.0355 1156 Tcpip - ok
21:14:28.0402 1156 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:14:28.0417 1156 TCPIP6 - ok
21:14:28.0448 1156 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:14:28.0448 1156 tcpipreg - ok
21:14:28.0480 1156 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:14:28.0480 1156 TDPIPE - ok
21:14:28.0511 1156 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:14:28.0511 1156 TDTCP - ok
21:14:28.0542 1156 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:14:28.0542 1156 tdx - ok
21:14:28.0573 1156 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
21:14:28.0573 1156 TermDD - ok
21:14:28.0651 1156 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:14:28.0667 1156 TermService - ok
21:14:28.0682 1156 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:14:28.0698 1156 Themes - ok
21:14:28.0729 1156 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:14:28.0729 1156 THREADORDER - ok
21:14:28.0760 1156 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:14:28.0760 1156 TrkWks - ok
21:14:28.0807 1156 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:14:28.0807 1156 TrustedInstaller - ok
21:14:28.0823 1156 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:14:28.0838 1156 tssecsrv - ok
21:14:28.0854 1156 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:14:28.0854 1156 TsUsbFlt - ok
21:14:28.0870 1156 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
21:14:28.0885 1156 TsUsbGD - ok
21:14:28.0932 1156 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:14:28.0932 1156 tunnel - ok
21:14:28.0948 1156 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
21:14:28.0948 1156 uagp35 - ok
21:14:29.0057 1156 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:14:29.0057 1156 udfs - ok
21:14:29.0104 1156 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:14:29.0119 1156 UI0Detect - ok
21:14:29.0135 1156 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:14:29.0135 1156 uliagpkx - ok
21:14:29.0150 1156 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:14:29.0166 1156 umbus - ok
21:14:29.0166 1156 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
21:14:29.0166 1156 UmPass - ok
21:14:29.0462 1156 [ CBDEE152D73200EE49031A26310B9D3E ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:14:29.0509 1156 UNS - ok
21:14:29.0572 1156 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:14:29.0572 1156 upnphost - ok
21:14:29.0587 1156 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:14:29.0587 1156 usbccgp - ok
21:14:29.0603 1156 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:14:29.0603 1156 usbcir - ok
21:14:29.0618 1156 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:14:29.0618 1156 usbehci - ok
21:14:29.0665 1156 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:14:29.0681 1156 usbhub - ok
21:14:29.0696 1156 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
21:14:29.0696 1156 usbohci - ok
21:14:29.0728 1156 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:14:29.0728 1156 usbprint - ok
21:14:29.0759 1156 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:14:29.0759 1156 usbscan - ok
21:14:29.0774 1156 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:14:29.0790 1156 USBSTOR - ok
21:14:29.0868 1156 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:14:29.0884 1156 usbuhci - ok
21:14:29.0884 1156 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
21:14:29.0899 1156 usbvideo - ok
21:14:29.0962 1156 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:14:29.0962 1156 UxSms - ok
21:14:29.0993 1156 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
21:14:29.0993 1156 VaultSvc - ok
21:14:30.0040 1156 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:14:30.0040 1156 vdrvroot - ok
21:14:30.0086 1156 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:14:30.0102 1156 vds - ok
21:14:30.0149 1156 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:14:30.0149 1156 vga - ok
21:14:30.0196 1156 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:14:30.0196 1156 VgaSave - ok
21:14:30.0227 1156 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:14:30.0242 1156 vhdmp - ok
21:14:30.0258 1156 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:14:30.0258 1156 viaide - ok
21:14:30.0289 1156 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:14:30.0289 1156 volmgr - ok
21:14:30.0320 1156 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:14:30.0320 1156 volmgrx - ok
21:14:30.0336 1156 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:14:30.0336 1156 volsnap - ok
21:14:30.0367 1156 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
21:14:30.0367 1156 vsmraid - ok
21:14:30.0617 1156 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:14:30.0648 1156 VSS - ok
21:14:30.0664 1156 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:14:30.0664 1156 vwifibus - ok
21:14:30.0679 1156 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:14:30.0679 1156 vwififlt - ok
21:14:30.0726 1156 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:14:30.0726 1156 vwifimp - ok
21:14:30.0757 1156 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:14:30.0773 1156 W32Time - ok
21:14:30.0804 1156 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
21:14:30.0804 1156 WacomPen - ok
21:14:30.0851 1156 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:14:30.0851 1156 WANARP - ok
21:14:30.0866 1156 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:14:30.0882 1156 Wanarpv6 - ok
21:14:31.0069 1156 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:14:31.0303 1156 WatAdminSvc - ok
21:14:31.0428 1156 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:14:31.0459 1156 wbengine - ok
21:14:31.0506 1156 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:14:31.0506 1156 WbioSrvc - ok
21:14:31.0537 1156 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:14:31.0537 1156 wcncsvc - ok
21:14:31.0568 1156 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:14:31.0584 1156 WcsPlugInService - ok
21:14:31.0615 1156 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
21:14:31.0615 1156 Wd - ok
21:14:31.0662 1156 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:14:31.0662 1156 Wdf01000 - ok
21:14:31.0693 1156 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:14:31.0693 1156 WdiServiceHost - ok
21:14:31.0693 1156 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:14:31.0709 1156 WdiSystemHost - ok
21:14:31.0709 1156 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:14:31.0724 1156 WebClient - ok
21:14:31.0740 1156 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:14:31.0740 1156 Wecsvc - ok
21:14:31.0756 1156 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:14:31.0756 1156 wercplsupport - ok
21:14:31.0802 1156 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:14:31.0802 1156 WerSvc - ok
21:14:31.0818 1156 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:14:31.0834 1156 WfpLwf - ok
21:14:31.0880 1156 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
21:14:31.0880 1156 WimFltr - ok
21:14:31.0896 1156 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:14:31.0896 1156 WIMMount - ok
21:14:31.0927 1156 WinDefend - ok
21:14:31.0943 1156 WinHttpAutoProxySvc - ok
21:14:32.0036 1156 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:14:32.0052 1156 Winmgmt - ok
21:14:32.0130 1156 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:14:32.0177 1156 WinRM - ok
21:14:32.0286 1156 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:14:32.0286 1156 WinUsb - ok
21:14:32.0317 1156 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:14:32.0333 1156 Wlansvc - ok
21:14:32.0395 1156 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:14:32.0411 1156 wlcrasvc - ok
21:14:32.0473 1156 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:14:32.0520 1156 wlidsvc - ok
21:14:32.0551 1156 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
21:14:32.0551 1156 WmiAcpi - ok
21:14:32.0614 1156 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:14:32.0614 1156 wmiApSrv - ok
21:14:32.0660 1156 WMPNetworkSvc - ok
21:14:32.0692 1156 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:14:32.0692 1156 WPCSvc - ok
21:14:32.0723 1156 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:14:32.0723 1156 WPDBusEnum - ok
21:14:32.0738 1156 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:14:32.0738 1156 ws2ifsl - ok
21:14:32.0754 1156 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
21:14:32.0754 1156 wscsvc - ok
21:14:32.0770 1156 WSearch - ok
21:14:32.0910 1156 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:14:32.0957 1156 wuauserv - ok
21:14:33.0004 1156 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:14:33.0019 1156 WudfPf - ok
21:14:33.0097 1156 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:14:33.0113 1156 WUDFRd - ok
21:14:33.0144 1156 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:14:33.0144 1156 wudfsvc - ok
21:14:33.0191 1156 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:14:33.0191 1156 WwanSvc - ok
21:14:33.0238 1156 ================ Scan global ===============================
21:14:33.0253 1156 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:14:33.0300 1156 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
21:14:33.0316 1156 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
21:14:33.0347 1156 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:14:33.0378 1156 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:14:33.0394 1156 [Global] - ok
21:14:33.0394 1156 ================ Scan MBR ==================================
21:14:33.0425 1156 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:14:33.0830 1156 \Device\Harddisk0\DR0 - ok
21:14:33.0846 1156 ================ Scan VBR ==================================
21:14:33.0846 1156 [ 5194AFC47CB281A614AE40A6CB9D9B25 ] \Device\Harddisk0\DR0\Partition1
21:14:33.0846 1156 \Device\Harddisk0\DR0\Partition1 - ok
21:14:33.0877 1156 [ 831EE220A0C470415796E9A0A5B0A276 ] \Device\Harddisk0\DR0\Partition2
21:14:33.0877 1156 \Device\Harddisk0\DR0\Partition2 - ok
21:14:33.0877 1156 ============================================================
21:14:33.0877 1156 Scan finished
21:14:33.0877 1156 ============================================================
21:14:33.0893 5608 Detected object count: 0
21:14:33.0893 5608 Actual detected object count: 0

jseiler

Rookie Surfer
Rookie Surfer

Posts : 87
Joined : 2009-06-10
Operating System : Windows 7 (HP)

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by Superdave on Wed 13 Mar 2013, 5:56 am

I can't see anything that would cause your computer to be slow. Please try these tips.

Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.

Superdave
Tech Staff


Tech Staff

Posts : 4192
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Dell Laptop Dog - Used for school

Post by Sponsored content Today at 11:15 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum