Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange "OpenService" Error on bootup


  • This topic is locked This topic is locked
32 replies to this topic

#1 wolfpackfans

wolfpackfans

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 28 May 2012 - 08:45 AM

After running a "Super AntiSpyware" malware scan and rebooting, I am getting a strange popup window upon restarting Windows 7. I have attached it. It has very strange characters such that I can't even search the registry to see what is causing it. I have run multiple malware and virus tools and all are coming up clean. There seems to be no adverse affects from it from a performance standpoint. I am thinking that some piece of malware that was deleted left this straggler behind but it is annoying, and I want to get rid of it. Here is a screen shot of the window:

C:\Users\rol\Pictures\Alecia\OperServiceError.jpg

I ran a HiJackThis scan as well.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:27:44 AM, on 5/28/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
C:\Windows\jmesoft\ServiceLoader.exe
C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\rol\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
O4 - HKLM\..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: intu-help-qb5 - {867FCB77-9823-4CD6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PowerPanel Personal Edition Service (ppped) - Cyber Power Systems, Inc. - C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12703 bytes

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:24 AM

Posted 01 June 2012 - 06:59 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

Thanks and again sorry for the delay.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
And

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#3 wolfpackfans

wolfpackfans
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 04 June 2012 - 10:29 AM

I will do this on Friday as I am traveling out of town until then without access to this PC. Please keep the case open until I can run these tools.

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:24 AM

Posted 04 June 2012 - 06:39 PM

No problem :thumbup2:
Posted Image
m0le is a proud member of UNITE

#5 wolfpackfans

wolfpackfans
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 04 June 2012 - 07:04 PM

Thanks

#6 wolfpackfans

wolfpackfans
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 10 June 2012 - 05:04 PM

OTL logfile created on: 6/10/2012 5:54:38 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\rol\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.85 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 52.42% Memory free
7.70 Gb Paging File | 5.21 Gb Available in Paging File | 67.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.59 Gb Total Space | 400.14 Gb Free Space | 90.82% Space Free | Partition Type: NTFS

Computer Name: ROL-PC | User Name: rol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\rol\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - c:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBDBMgr.exe (Intuit, Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\axlbridge.exe (Intuit Inc.)
PRC - C:\Windows\jmesoft\hotkey.exe (Lenovo)
PRC - C:\Windows\SysWOW64\UMonit.exe ()
PRC - C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (Lenovo)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe (Cyber Power Systems, Inc.)
PRC - C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\7aa839fb16503243d6ae454ab334bcf4\System.Data.Entity.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\d62b53e7a5528b03ff512c624a1fdb83\System.Data.OracleClient.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7046d73435e4cb840cc1afea22aba9a6\Microsoft.VisualBasic.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b1a95b0145ac26d9637b894ee38d5eac\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\79b487ba3d893f59ce7e697d06721dd0\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\1dce8ad4aa93ed395af726c0e510846e\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\35652d0f564409d493f4f2053d40154d\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7e2238b8fa0f33ae39b63de73d5024a0\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e5b4cfcb67e63b4fc7119c4ac1072603\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\568a3f5fb8fba4184c0d60bfb40a205c\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\SiteSafety.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\Webification.DLL ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\ReportBridge.DLL ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBMAPILibrary.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBCompressor.DLL ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QB2WPFBridge.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\mbpopup.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\IPDWidgetInterop.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\IPDWidgetBridge.DLL ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\htmlhelper.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\FeaturesBridge.DLL ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_serialization-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_regex-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\BackupLib.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\zlib1.dll ()
MOD - C:\Windows\SysWOW64\UMonit.exe ()
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Program Files\Lenovo\Lenovo Brightness System\ddcHelperWraper.dll ()
MOD - C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll ()
MOD - C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll ()
MOD - C:\Program Files\Lenovo\Lenovo Eye Distance System\VideoPlayer.dll ()
MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (vToolbarUpdater11.0.2) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (QBVSS) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ppped) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe (Cyber Power Systems, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (GeneStor) -- C:\Windows\SysNative\drivers\GeneStor.sys (GenesysLogic)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (e1cexpress) Intel® -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WinI2C-DDC) -- C:\Windows\SysNative\drivers\ddcdrv.sys (Nicomsoft Ltd.)
DRV - (WinI2C-DDC) -- C:\Windows\SysWOW64\drivers\ddcdrv.sys (Nicomsoft Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LEND
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7LEND_enUS485
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={C575AE5C-D423-4736-807D-2B30AAA766AF}&mid=90cffca49e0347d0a58d19d59a5c9889-3ebd375044053ce9cdaa95f0488378f24c6c8088&lang=en&ds=AVG&pr=fr&d=2012-05-27 09:32:00&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/05/29 09:12:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/27 09:31:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\ [2012/05/27 09:32:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/08 11:22:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/05/27 09:50:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/08 11:22:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/05/27 09:46:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rol\AppData\Roaming\Mozilla\Extensions
[2012/05/28 09:48:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rol\AppData\Roaming\Mozilla\Firefox\Profiles\66xqqyus.default\extensions
[2012/05/27 09:46:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/08 11:22:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/06/08 11:22:03 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/20 21:18:25 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2012/04/20 21:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/20 21:18:25 | 000,001,131 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2012/04/20 21:18:25 | 000,003,413 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012/04/20 21:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/04/20 21:18:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2012/04/20 21:18:25 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - Extension: AVG Safe Search = C:\Users\rol\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: No name found = C:\Users\rol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [UMonit] C:\Windows\SysWOW64\UMonit.exe ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [jmekey] C:\Windows\jmesoft\hotkey.exe (Lenovo)
O4 - HKLM..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe ()
O4 - HKLM..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (Lenovo)
O4 - HKLM..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.25.5.61 24.25.5.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03EE82F6-DC90-4D9A-A5F4-2157B5F2E6C4}: DhcpNameServer = 24.25.5.61 24.25.5.60
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\intu-help-qb5 - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/10 17:55:43 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\rol\Desktop\aswMBR.exe
[2012/06/10 17:51:44 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\rol\Desktop\OTL.exe
[2012/06/10 17:41:46 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\ApplicationHistory
[2012/06/10 17:41:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-DVD Printer
[2012/06/10 17:41:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD-DVD Printer
[2012/06/10 17:40:37 | 000,000,000 | ---D | C] -- C:\Users\rol\EZDupe
[2012/05/30 13:48:21 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Microsoft Help
[2012/05/30 13:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/05/29 09:18:16 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Adobe
[2012/05/29 09:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/28 18:14:54 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/05/28 18:14:54 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/05/28 18:14:52 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/05/28 18:14:52 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/05/28 18:14:52 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/05/28 18:08:51 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\SoftGrid Client
[2012/05/28 18:08:50 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\SoftGrid Client
[2012/05/28 18:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/05/28 18:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/05/28 18:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/05/28 18:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/05/28 18:07:50 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\TP
[2012/05/28 17:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberPower PowerPanel Personal Edition
[2012/05/28 17:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
[2012/05/28 17:34:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Softouch
[2012/05/28 17:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2012/05/28 17:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyWorship
[2012/05/28 17:34:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softouch
[2012/05/28 17:33:35 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Softouch
[2012/05/28 17:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Softouch
[2012/05/28 16:56:33 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Avanquest
[2012/05/28 16:55:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BVRP Software
[2012/05/28 16:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2012/05/28 16:55:15 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2012/05/28 16:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Easy Professional 8
[2012/05/28 16:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest
[2012/05/28 16:43:41 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\InstallShield
[2012/05/28 15:41:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Servant Keeper Version 5
[2012/05/28 15:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Servant Keeper Version 5
[2012/05/28 15:41:13 | 000,562,280 | ---- | C] (Software FX, Inc.) -- C:\windows\SysWow64\CFX4032.OCX
[2012/05/28 15:41:13 | 000,232,464 | ---- | C] (Software FX, Inc.) -- C:\windows\SysWow64\CHART2FX.VBX
[2012/05/28 15:41:13 | 000,128,272 | ---- | C] (Software FX, Inc.) -- C:\windows\SysWow64\SFXBAR.DLL
[2012/05/28 15:41:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Servant PC Resources
[2012/05/28 15:41:09 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\windows\SysWow64\INETWH32.dll
[2012/05/28 15:41:09 | 000,022,528 | ---- | C] (Blue Sky Software Corp.) -- C:\windows\SysWow64\RHMMPLAY.DLL
[2012/05/28 15:41:01 | 000,128,272 | ---- | C] (Software FX, Inc.) -- C:\windows\SFXBAR.DLL
[2012/05/28 13:59:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\skcms50
[2012/05/28 13:50:21 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\ServantKeeper
[2012/05/28 09:49:02 | 000,000,000 | ---D | C] -- C:\Users\rol\Desktop\AleciaTools
[2012/05/28 09:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Startup
[2012/05/28 09:19:39 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\GlarySoft
[2012/05/28 09:19:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quick Startup
[2012/05/28 09:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2012/05/28 09:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2012/05/28 09:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP
[2012/05/28 09:04:35 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\OpenCandy
[2012/05/28 08:25:36 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Malwarebytes
[2012/05/28 08:25:28 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/05/28 08:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/28 08:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/28 08:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/28 08:11:04 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2012/05/28 08:11:04 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2012/05/28 07:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2012/05/28 07:58:06 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/05/28 07:58:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/05/28 07:58:05 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/05/28 07:58:05 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/05/28 07:58:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/05/28 07:58:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/05/28 07:58:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/05/28 07:58:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/05/28 07:58:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/05/28 07:58:04 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/05/28 07:58:04 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/05/28 07:55:00 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Intuit
[2012/05/28 07:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
[2012/05/28 07:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2012/05/28 07:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2012/05/28 07:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intuit
[2012/05/28 07:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intuit
[2012/05/28 07:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SQL Anywhere 11
[2012/05/28 07:49:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Intuit
[2012/05/28 07:47:51 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012/05/28 07:47:51 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012/05/28 07:47:51 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2012/05/28 07:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/05/28 07:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/05/28 07:43:54 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\CutePDF Writer
[2012/05/28 07:43:05 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2012/05/28 07:41:29 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Diagnostics
[2012/05/28 07:40:24 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\ElevatedDiagnostics
[2012/05/28 07:39:19 | 000,000,000 | ---D | C] -- C:\windows\Intuit
[2012/05/28 07:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/05/28 07:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/05/28 04:12:27 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012/05/28 04:12:27 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012/05/28 04:12:27 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012/05/28 04:12:27 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012/05/28 04:12:27 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012/05/28 04:12:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012/05/28 04:12:24 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/05/28 04:12:23 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/05/28 04:12:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/05/28 04:02:37 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/05/28 03:57:49 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/05/28 03:57:49 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/05/28 03:57:49 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/05/28 03:57:49 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/05/28 03:49:40 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2012/05/28 03:48:36 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2012/05/28 03:48:36 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2012/05/28 03:47:28 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012/05/28 03:47:28 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012/05/28 03:24:38 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2012/05/28 03:24:35 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2012/05/28 03:24:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2012/05/28 03:24:15 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012/05/28 03:24:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012/05/28 03:24:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012/05/28 00:48:37 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\WinPatrol
[2012/05/28 00:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2012/05/28 00:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/05/28 00:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2012/05/28 00:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2012/05/28 00:29:05 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\SUPERAntiSpyware.com
[2012/05/28 00:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/05/28 00:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/05/28 00:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/05/27 23:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/05/27 23:05:41 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Publisher Files
[2012/05/27 22:29:19 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/05/27 22:29:19 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/27 22:13:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Mozilla_Bkup
[2012/05/27 22:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cosmi
[2012/05/27 22:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cosmi
[2012/05/27 22:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/05/27 22:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
[2012/05/27 22:01:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acro Software
[2012/05/27 22:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPLGS
[2012/05/27 21:52:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2012/05/27 21:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2012/05/27 21:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Carbonite
[2012/05/27 21:42:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carbonite
[2012/05/27 21:41:36 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\1_addl_underProgramFiles
[2012/05/27 10:24:23 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\AC
[2012/05/27 10:24:05 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\1_ProgramFiles
[2012/05/27 10:24:01 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\WORSHIP SONGS
[2012/05/27 10:24:01 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Words of God
[2012/05/27 10:22:58 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\winzip_source
[2012/05/27 10:22:58 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Website
[2012/05/27 10:22:54 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Web Easy
[2012/05/27 10:22:53 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\VCheck
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Tools
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Signs
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Secretary Notes
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Scriptures
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\SAT Info
[2012/05/27 10:22:48 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\ROLWC
[2012/05/27 10:22:47 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\ROLCA
[2012/05/27 10:22:47 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\ROL Web
[2012/05/27 10:22:47 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\RICOH
[2012/05/27 10:22:46 | 000,000,000 | R--D | C] -- C:\Users\rol\Documents\MYROL_Videos
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\RickyLeonard
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\RegistryBkupIssues
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Ramsey
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\QB_bkup
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Prayer
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Phyllis
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\MyROLFavorites
[2012/05/27 10:22:42 | 000,000,000 | R--D | C] -- C:\Users\rol\Documents\MYROL_Pictures
[2012/05/27 10:22:21 | 000,000,000 | R--D | C] -- C:\Users\rol\Documents\MYROL_Music
[2012/05/27 10:22:12 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\MyROL Webs
[2012/05/27 10:22:12 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Music
[2012/05/27 10:22:11 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Miscellaneous pictures
[2012/05/27 10:22:11 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Minutes
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Microsoft
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Member
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Lotus123r4
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Logitech9791
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Letterheads
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Legal
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Labels
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Inventory
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\FTP
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Forms
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Financial
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Downloads
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Dawson
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Construction
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\CD-DVD Printer
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Carbonite
[2012/05/27 10:21:43 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Brochures
[2012/05/27 10:21:41 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\AveryWizard
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Avast
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Audio CD (D)
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Articles
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Announcements
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Alecia
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Advertisements
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Adobe Reader
[2012/05/27 09:51:01 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Thunderbird
[2012/05/27 09:51:01 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Thunderbird
[2012/05/27 09:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012/05/27 09:46:25 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Mozilla
[2012/05/27 09:46:25 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Mozilla
[2012/05/27 09:46:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/05/27 09:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/27 09:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/05/27 09:39:17 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\URTTEMP
[2012/05/27 09:32:55 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\AVG2012
[2012/05/27 09:32:15 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\AVG Secure Search
[2012/05/27 09:31:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/05/27 09:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/05/27 09:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/05/27 09:31:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/27 09:31:27 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\drivers\AVG
[2012/05/27 09:31:16 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/05/27 09:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/05/27 09:31:16 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\AVG
[2012/05/27 09:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/05/27 09:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/05/27 09:22:13 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Macromedia
[2012/05/27 09:21:19 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Alecia_2012
[2012/05/27 09:17:22 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Adobe
[2012/05/27 09:17:18 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Google
[2012/05/27 09:17:18 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Google
[2012/05/27 09:11:12 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Lenovo
[2012/05/27 09:11:05 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Power2Go
[2012/05/27 09:10:39 | 000,000,000 | R--D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/27 09:10:39 | 000,000,000 | R--D | C] -- C:\Users\rol\Searches
[2012/05/27 09:10:39 | 000,000,000 | R--D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/27 09:10:38 | 000,000,000 | -H-D | C] -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/27 09:10:26 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Identities
[2012/05/27 09:10:25 | 000,000,000 | R--D | C] -- C:\Users\rol\Contacts
[2012/05/27 09:10:22 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\VirtualStore
[2012/05/27 09:10:10 | 000,000,000 | --SD | C] -- C:\Users\rol\AppData\Roaming\Microsoft
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Videos
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Saved Games
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Pictures
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Music
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Links
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Favorites
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Downloads
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Documents
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Desktop
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\AppData\Local\Temporary Internet Files
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Templates
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Start Menu
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\SendTo
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Recent
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\PrintHood
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\NetHood
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Documents\My Videos
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Documents\My Pictures
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Documents\My Music
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\My Documents
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Local Settings
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\AppData\Local\History
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Cookies
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Application Data
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\AppData\Local\Application Data
[2012/05/27 09:10:10 | 000,000,000 | -H-D | C] -- C:\Users\rol\AppData
[2012/05/27 09:10:10 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Temp
[2012/05/27 09:10:10 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Microsoft
[2012/05/27 09:10:10 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Media Center Programs
[2012/05/27 09:10:10 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2012/01/13 15:17:29 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/10 17:55:55 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\rol\Desktop\aswMBR.exe
[2012/06/10 17:51:45 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\rol\Desktop\OTL.exe
[2012/06/10 17:49:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/10 17:43:51 | 000,001,824 | ---- | M] () -- C:\Users\rol\Desktop\EZDupe.lnk
[2012/06/10 17:43:05 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/10 17:41:46 | 000,000,091 | ---- | M] () -- C:\Users\rol\AppData\Local\fusioncache.dat
[2012/06/10 17:41:17 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\CD-DVD Printer.lnk
[2012/06/10 17:35:35 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/06/10 17:27:08 | 000,020,688 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/10 17:27:08 | 000,020,688 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/10 17:20:22 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/10 17:19:44 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/10 17:19:42 | 3101,986,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/10 15:59:22 | 100,143,439 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2012/06/08 18:53:57 | 000,063,109 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
[2012/06/08 13:58:18 | 000,793,008 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/06/08 13:58:18 | 000,669,288 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/06/08 13:58:18 | 000,125,216 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/06/08 10:49:47 | 000,000,017 | ---- | M] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012/05/29 17:59:01 | 000,001,116 | ---- | M] () -- C:\Users\rol\Desktop\Documents - Shortcut.lnk
[2012/05/29 09:12:30 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/28 18:12:45 | 000,002,461 | ---- | M] () -- C:\Users\rol\Desktop\Microsoft Word 2010.lnk
[2012/05/28 18:12:39 | 000,002,463 | ---- | M] () -- C:\Users\rol\Desktop\Microsoft Excel 2010.lnk
[2012/05/28 17:34:15 | 000,001,158 | ---- | M] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyWorship 2009.lnk
[2012/05/28 17:34:15 | 000,001,134 | ---- | M] () -- C:\Users\rol\Desktop\EasyWorship 2009.lnk
[2012/05/28 16:55:15 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\Web Easy Professional 8.lnk
[2012/05/28 16:32:56 | 000,001,179 | ---- | M] () -- C:\Users\rol\Desktop\Admin V5.lnk
[2012/05/28 16:32:43 | 000,001,178 | ---- | M] () -- C:\Users\rol\Desktop\Member V5.lnk
[2012/05/28 16:32:30 | 000,001,187 | ---- | M] () -- C:\Users\rol\Desktop\Contrib V5.lnk
[2012/05/28 15:41:14 | 000,001,525 | ---- | M] () -- C:\windows\SKCMSUSR.INI
[2012/05/28 09:19:39 | 000,001,059 | ---- | M] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Startup.lnk
[2012/05/28 09:05:27 | 000,000,600 | ---- | M] () -- C:\Users\rol\AppData\Roaming\winscp.rnd
[2012/05/28 09:04:36 | 000,001,849 | ---- | M] () -- C:\Users\rol\Desktop\WinSCP.lnk
[2012/05/28 08:42:28 | 000,000,090 | ---- | M] () -- C:\windows\QBChanUtil_Trigger.ini
[2012/05/28 08:12:52 | 000,357,672 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/05/28 08:05:59 | 000,786,388 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/05/28 07:54:19 | 000,002,434 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/05/28 07:54:19 | 000,002,111 | ---- | M] () -- C:\Users\Public\Desktop\QuickBooks Pro 2012.lnk
[2012/05/28 07:54:19 | 000,002,030 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
[2012/05/28 07:54:18 | 000,002,221 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
[2012/05/28 07:29:52 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/28 00:28:44 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/27 22:29:19 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/05/27 22:29:19 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/27 22:10:41 | 000,002,771 | ---- | M] () -- C:\Users\Public\Desktop\Stationery and Brochure Maker.lnk
[2012/05/27 22:10:41 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\Visit Cosmi Online.lnk
[2012/05/27 21:52:42 | 000,002,132 | ---- | M] () -- C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
[2012/05/27 13:57:34 | 000,518,472 | ---- | M] () -- C:\SKBACKUP.ZIP
[2012/05/27 12:09:51 | 000,108,227 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2012/05/27 12:09:51 | 000,108,227 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2012/05/27 09:50:57 | 000,002,110 | ---- | M] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/05/27 09:50:57 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012/05/27 09:46:19 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/05/27 09:31:27 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2012/05/27 09:31:27 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/05/27 09:17:11 | 000,001,437 | ---- | M] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/27 09:11:08 | 000,002,131 | ---- | M] () -- C:\Users\rol\Desktop\Lenovo Rescue System.lnk
[2012/05/27 09:11:08 | 000,002,004 | ---- | M] () -- C:\Users\rol\Desktop\Lenovo Power2Go.lnk
[2012/05/12 12:33:50 | 004,967,114 | ---- | M] () -- C:\Users\rol\Documents\Paula Bender.mp3
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/10 17:42:53 | 000,001,824 | ---- | C] () -- C:\Users\rol\Desktop\EZDupe.lnk
[2012/06/10 17:41:46 | 000,000,091 | ---- | C] () -- C:\Users\rol\AppData\Local\fusioncache.dat
[2012/06/10 17:41:17 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\CD-DVD Printer.lnk
[2012/06/10 17:35:35 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/06/10 17:35:35 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/06/10 15:59:22 | 100,143,439 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2012/06/08 18:53:57 | 000,063,109 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
[2012/06/08 10:49:47 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012/05/29 17:59:01 | 000,001,116 | ---- | C] () -- C:\Users\rol\Desktop\Documents - Shortcut.lnk
[2012/05/28 18:12:45 | 000,002,461 | ---- | C] () -- C:\Users\rol\Desktop\Microsoft Word 2010.lnk
[2012/05/28 18:12:39 | 000,002,463 | ---- | C] () -- C:\Users\rol\Desktop\Microsoft Excel 2010.lnk
[2012/05/28 17:34:19 | 000,210,032 | ---- | C] () -- C:\windows\SysWow64\DBCLIENT.DLL
[2012/05/28 17:34:19 | 000,183,808 | ---- | C] () -- C:\windows\SysWow64\BDEADMIN.CPL
[2012/05/28 17:34:15 | 000,001,158 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyWorship 2009.lnk
[2012/05/28 17:34:15 | 000,001,134 | ---- | C] () -- C:\Users\rol\Desktop\EasyWorship 2009.lnk
[2012/05/28 16:55:15 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\Web Easy Professional 8.lnk
[2012/05/28 16:32:56 | 000,001,179 | ---- | C] () -- C:\Users\rol\Desktop\Admin V5.lnk
[2012/05/28 16:32:43 | 000,001,178 | ---- | C] () -- C:\Users\rol\Desktop\Member V5.lnk
[2012/05/28 16:32:30 | 000,001,187 | ---- | C] () -- C:\Users\rol\Desktop\Contrib V5.lnk
[2012/05/28 15:41:14 | 000,001,525 | ---- | C] () -- C:\windows\SKCMSUSR.INI
[2012/05/28 09:19:39 | 000,001,059 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Startup.lnk
[2012/05/28 09:04:36 | 000,001,849 | ---- | C] () -- C:\Users\rol\Desktop\WinSCP.lnk
[2012/05/28 09:04:36 | 000,000,600 | ---- | C] () -- C:\Users\rol\AppData\Roaming\winscp.rnd
[2012/05/28 07:54:19 | 000,002,434 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/05/28 07:54:19 | 000,002,111 | ---- | C] () -- C:\Users\Public\Desktop\QuickBooks Pro 2012.lnk
[2012/05/28 07:54:19 | 000,002,030 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
[2012/05/28 07:54:18 | 000,002,221 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
[2012/05/28 07:49:56 | 000,000,090 | ---- | C] () -- C:\windows\QBChanUtil_Trigger.ini
[2012/05/28 07:29:52 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/28 07:29:52 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/28 00:28:44 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/27 22:29:23 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/05/27 22:10:41 | 000,002,771 | ---- | C] () -- C:\Users\Public\Desktop\Stationery and Brochure Maker.lnk
[2012/05/27 22:10:41 | 000,002,083 | ---- | C] () -- C:\Users\Public\Desktop\Visit Cosmi Online.lnk
[2012/05/27 22:01:02 | 000,086,608 | ---- | C] () -- C:\windows\SysNative\cpwmon64.dll
[2012/05/27 21:52:42 | 000,002,132 | ---- | C] () -- C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
[2012/05/27 13:57:33 | 000,518,472 | ---- | C] () -- C:\SKBACKUP.ZIP
[2012/05/27 10:24:05 | 018,015,723 | ---- | C] () -- C:\Users\rol\Documents\vlc-1.0.1-win32.exe
[2012/05/27 10:24:04 | 002,949,607 | ---- | C] () -- C:\Users\rol\Documents\Tray Yarborough 4-22-12.mp3
[2012/05/27 10:24:04 | 000,216,556 | ---- | C] () -- C:\Users\rol\Documents\Sample Ballot for Rep. Primary (N.H. Cty).pdf
[2012/05/27 10:24:03 | 004,967,114 | ---- | C] () -- C:\Users\rol\Documents\Paula Bender.mp3
[2012/05/27 10:24:03 | 003,006,842 | ---- | C] () -- C:\Users\rol\Documents\Erin Yarborough 4-22-12.mp3
[2012/05/27 10:24:03 | 001,804,792 | ---- | C] () -- C:\Users\rol\Documents\Erin Yarborough II.mp3
[2012/05/27 10:24:03 | 000,001,519 | ---- | C] () -- C:\Users\rol\Documents\AvRack.lnk
[2012/05/27 09:50:57 | 000,002,110 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/05/27 09:50:57 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012/05/27 09:50:57 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012/05/27 09:46:19 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/05/27 09:46:19 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/05/27 09:39:44 | 000,786,388 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/05/27 09:32:11 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/27 09:31:27 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2012/05/27 09:31:27 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/05/27 09:17:11 | 000,001,437 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/27 09:10:55 | 000,001,409 | ---- | C] () -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/05/27 09:10:44 | 000,001,443 | ---- | C] () -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/27 09:10:10 | 000,002,239 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/27 09:10:10 | 000,002,131 | ---- | C] () -- C:\Users\rol\Desktop\Lenovo Rescue System.lnk
[2012/05/27 09:10:10 | 000,002,004 | ---- | C] () -- C:\Users\rol\Desktop\Lenovo Power2Go.lnk
[2012/05/27 09:10:10 | 000,000,290 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/27 09:10:10 | 000,000,272 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/13 14:46:49 | 000,139,264 | ---- | C] () -- C:\windows\SysWow64\ustor.dll
[2012/01/13 14:46:49 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\UMonit.exe
[2012/01/13 14:46:47 | 000,172,097 | ---- | C] () -- C:\windows\SysWow64\NoMSGuninstall.exe
[2012/01/13 14:46:47 | 000,001,591 | ---- | C] () -- C:\windows\SysWow64\_IconCfg0.ini
[2012/01/13 14:46:47 | 000,000,840 | ---- | C] () -- C:\windows\SysWow64\ProductName.ini
[2012/01/13 14:46:47 | 000,000,187 | ---- | C] () -- C:\windows\SysWow64\IconCfg0.ini
[2012/01/13 14:44:16 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2012/01/13 14:38:28 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2012/01/13 14:38:28 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2011/02/12 15:35:47 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2010/11/19 06:22:36 | 000,960,940 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2010/11/19 06:22:33 | 000,206,952 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2010/11/19 06:22:29 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin

========== LOP Check ==========

[2012/05/28 16:56:34 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\Avanquest
[2012/05/27 09:32:55 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\AVG2012
[2012/05/28 09:19:39 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\GlarySoft
[2012/05/28 09:04:35 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\OpenCandy
[2012/06/08 21:38:41 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\SoftGrid Client
[2012/05/28 17:33:35 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\Softouch
[2012/05/27 09:51:01 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\Thunderbird
[2012/05/28 18:08:58 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\TP
[2012/05/28 00:48:37 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\WinPatrol
[2012/05/28 00:17:15 | 000,013,380 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 6/10/2012 5:54:38 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\rol\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.85 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 52.42% Memory free
7.70 Gb Paging File | 5.21 Gb Available in Paging File | 67.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.59 Gb Total Space | 400.14 Gb Free Space | 90.82% Space Free | Partition Type: NTFS

Computer Name: ROL-PC | User Name: rol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045EF6B4-C55D-45ED-940C-4ACC5F896C95}" = lport=10243 | protocol=6 | dir=in | app=system |
"{116220A0-8F36-41B8-A66C-902CD8A53390}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{14183163-A0A7-4BB6-ADEB-019EF5A6BC4E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{144C0B0D-13AC-4A70-84DF-021997585ED5}" = lport=138 | protocol=17 | dir=in | app=system |
"{2172A0E2-DDF6-49FD-83B5-73F11B5F9FDF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2DD51FAD-7971-4845-9566-319BCB366177}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44EC8105-7E96-430D-9D6B-6B24F01361D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{59332A62-CE34-4176-BBCA-CAB7CB5EFA2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{61FC7B30-5F11-47C5-B91C-8C423E9A34D2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{696F536E-91D8-4D3F-8101-AA610A89D219}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{722CCC82-CB05-4A6C-A418-9F4922CC5150}" = lport=139 | protocol=6 | dir=in | app=system |
"{821F8519-8624-4D64-9E6D-BBAB15B08C22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9CEC4B6B-7605-4D7E-B606-FB6895F3B4D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9F235E13-1FCF-4279-8A6D-1D4EC0B9CF5A}" = lport=445 | protocol=6 | dir=in | app=system |
"{A0375654-6990-449E-A390-B9F6CEB0F16F}" = rport=139 | protocol=6 | dir=out | app=system |
"{A7CB1255-4852-4184-A720-594CE93E4F8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A814BA97-CDF0-4CBC-8B70-E6CA97B052D0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE9DB5B9-2C6B-4AF0-89A8-28BB15F8712F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BC95A789-33E2-44E1-B366-3F58C449C12D}" = rport=138 | protocol=17 | dir=out | app=system |
"{C626828B-5B35-4C76-8021-70177E87F279}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CDC860DB-8B3D-4336-B5C7-9214C43DEBFD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DA6FE7DC-9ED3-4E28-82E5-1574FC79F123}" = rport=137 | protocol=17 | dir=out | app=system |
"{DB156E24-5B36-43CD-B47F-D3C7F4DEC822}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB04834F-96E5-4CB6-A11A-F5F0BE41008A}" = rport=445 | protocol=6 | dir=out | app=system |
"{F6D900CD-7CCA-4329-8227-308FF041B1BB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02CD43C3-4788-4644-8FC8-5EB492D2E475}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{05AA3EEF-852F-4FF4-84F1-F8568CB4768B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{099C29F6-075D-449C-87B0-1273FA403B64}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{13BC58B2-DD3E-4A0D-BF23-663A7AABE4DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2384946A-D45E-4AE7-941F-79B8AEB85D4B}" = protocol=58 | dir=in | app=system |
"{2A304DEF-F6D0-41BC-8C64-E2C247E678EB}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{2D3A89D1-52D9-4683-93FB-E594F148D20F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{3007B8F1-5AAE-449B-BD47-AA855FB3A771}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3232CF2E-D3A1-49F5-BFD4-F5E13E32B152}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{341B7079-FA4C-4227-B5B9-4CCED00F3D95}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{4C129682-0856-4647-B6B8-F71CCFCB175C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F75236A-5755-4B5B-8BB3-B3C9C69B6B93}" = protocol=6 | dir=out | app=system |
"{4F767100-8DE7-4A72-91F6-B1464C5BA4D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6113D850-D52E-4DD3-B85D-67CAC839568B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{64C6644C-3B00-455A-923D-F3908A27A8B1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8A95D672-79A8-486F-A348-B87FA03C5839}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{922FB719-3192-4A2D-8892-E66D801A389A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9A97753A-F14E-41F6-B6B4-850710BA4534}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9DEAB619-2559-4964-B9CE-830DBC016824}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{A1E82055-13EF-4E40-85E1-24BBEB45C7C9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AE5C1A2A-27F7-4A2A-9929-B9F820E3AC84}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B071ECEA-BFC9-480D-8039-F66320419D20}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B6215572-DA87-493E-9294-A35E4B2D1CAA}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{BCB2656E-AF6A-4E6A-9033-9E3F78AFD15A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD8668E4-92E8-4DD8-82E4-A2A7E606A14D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C3776F5B-CE1B-4E00-AC57-D942BDEFC7C1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C8B1A639-B9AB-4443-945E-9C0529546853}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D2F5FF6C-5473-432D-850A-1398F767B6E9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{DA7472B6-A3DE-471D-BA37-EF96EEACD8F1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{DE619BCA-BC6C-4459-AA07-1353A9F5D116}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DE8004E3-E154-425B-85AC-2594CF50EDED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E901ECD9-A233-4093-80D6-BEE9C6D699B9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E937E99B-6C0F-410F-838B-566B7C5520FF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9B18E31-E371-4DEB-9BC3-E2C04077F7B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EB1F7A6B-A9F8-4032-8EA1-C726883F4BCC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{F99EF93E-1500-432A-9582-434BC099B62E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB1DFD94-0D1E-4C97-AEC5-F1CC702B8DBC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{FC7B11DE-D23F-4E94-A039-7887399356A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{302A1E2E-DD58-4673-BC99-9CC10EC2637A}" = WinPatrol
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo Rescue System
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{857B32C1-7C87-40B5-B2A5-D06F49B80002}" = AVG 2012
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BFF4A9FB-75F3-4162-84CD-16CE48C19173}" = AVG 2012
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PROSet" = Intel® Network Connections Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}" = QuickBooks Pro 2012
"{25E202D1-D8E7-46AF-B4B0-157D9993A93E}" = QuickBooks
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35DC9F1E-5E88-4E69-A49A-9F4C2B33DDF3}" = Web Easy Professional
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Lenovo Power2Go
"{45970CD1-D599-47D4-938F-3E9800D54ED1}" = Lenovo Driver and Application Installation
"{46E21083-D598-4217-99B0-2ED3E4152759}" = CyberPower PowerPanel Personal Edition 1.2.3
"{5183D7AB-D09B-411F-A74E-BBAEA61C6505}" = Lenovo Eye Distance System
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = Genesys USB Mass Storage Device
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A6806D86-BFF3-49CD-8E2B-87BB3507E53F}" = Web Easy Professional 8
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92509EA-B526-4869-B8B3-A39E20DBBE7A}_is1" = EasyWorship 2009
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B266E062-D6C5-485B-B426-51B152B041A6}" = Lenovo Blacksilk USB Keyboard Driver
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3063097-EC84-4D21-84A4-9D852E974355}" = LVT
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9ED6D06-6002-495E-A7BC-46E6AE386996}" = Lenovo Dynamic Brightness System
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1BCC6B6-B06A-4A2C-A9C8-F14BA70D21F6}" = CD-DVD Printer
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8FD83C8-7ECA-4362-A4C9-E0F19849574B}" = Stationery and Brochure Maker
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Carbonite Backup" = Carbonite
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Lenovo Power2Go
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo Rescue System
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 13.0 (x86 en-US)" = Mozilla Firefox 13.0 (x86 en-US)
"Mozilla Thunderbird 13.0 (x86 en-US)" = Mozilla Thunderbird 13.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Quick Startup_is1" = Quick Startup 2.9.0.823
"TeamViewer 7" = TeamViewer 7
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.7

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/4/2012 2:55:08 PM | Computer Name = rol-PC | Source = VSS | ID = 13
Description =

Error - 6/4/2012 2:55:08 PM | Computer Name = rol-PC | Source = VSS | ID = 13
Description =

Error - 6/4/2012 2:55:08 PM | Computer Name = rol-PC | Source = VSS | ID = 8193
Description =

Error - 6/4/2012 2:56:21 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand

Error - 6/4/2012 2:56:21 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand

Error - 6/4/2012 2:56:21 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand

Error - 6/4/2012 2:56:48 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": Connection
Error:Invalid user ID or passwo

Error - 6/4/2012 2:56:48 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": Connection
String:CON=QBConnectionPool-Probe-QB_data_engine_22; ;DBF=C:\Documents and Settings\All
Users\Documents\Intuit\QuickBooks\Company Files\New Jerusalem Ministries, Inc..QBW;ENG=QB_data_engine_22;DBN=758f1bf87640485c8d50e518dc7c5e

Error - 6/4/2012 2:56:48 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": DBConnPool::HandleConnectionError
errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from
function:'DBMgr::DBConnPool::ini

Error - 6/4/2012 2:57:19 PM | Computer Name = rol-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 6/4/2012 1:53:02 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/4/2012 2:16:22 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/4/2012 2:30:05 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/4/2012 2:49:46 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/4/2012 3:05:46 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/4/2012 3:28:56 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/4/2012 3:38:56 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/4/2012 3:51:41 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/4/2012 4:05:19 PM | Computer Name = rol-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.

Error - 6/6/2012 9:07:12 AM | Computer Name = rol-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:08:02 PM on ?6/?5/?2012 was unexpected.


< End of report >

#7 wolfpackfans

wolfpackfans
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 10 June 2012 - 05:09 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-10 18:06:37
-----------------------------
18:06:37.662 OS Version: Windows x64 6.1.7601 Service Pack 1
18:06:37.663 Number of processors: 2 586 0x2A07
18:06:37.663 ComputerName: ROL-PC UserName: rol
18:06:38.538 Initialize success
18:06:51.459 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:06:51.461 Disk 0 Vendor: WDC_WD5000AAKX-083CA1 19.01H19 Size: 476940MB BusType: 11
18:06:51.468 Disk 0 MBR read successfully
18:06:51.471 Disk 0 MBR scan
18:06:51.473 Disk 0 Windows 7 default MBR code
18:06:51.476 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:06:51.487 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 451164 MB offset 206848
18:06:51.515 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 924190720
18:06:51.572 Disk 0 scanning C:\windows\system32\drivers
18:06:55.457 Service scanning
18:07:05.698 Modules scanning
18:07:05.705 Disk 0 trace - called modules:
18:07:05.718 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:07:05.722 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bf4060]
18:07:05.727 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8004726090]
18:07:05.732 5 ACPI.sys[fffff88000ed67a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003cc5060]
18:07:05.737 Scan finished successfully
18:07:51.975 Disk 0 MBR has been saved successfully to "C:\Users\rol\Desktop\MBR.dat"
18:07:51.979 The log file has been saved successfully to "C:\Users\rol\Desktop\aswMBR.txt"

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:24 AM

Posted 10 June 2012 - 05:48 PM

I am getting a strange popup window upon restarting Windows 7. I have attached it.


I can't find this attachment can you attach it again?
Posted Image
m0le is a proud member of UNITE

#9 wolfpackfans

wolfpackfans
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 10 June 2012 - 09:16 PM

Attached File  StrangeErrorMessage.pdf   25.01KB   7 downloads

The pdf is a screen shot of the strange popup window we are getting on bootup.

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:24 AM

Posted 11 June 2012 - 07:21 PM

Click Start, type msconfig.exe and click the icon that appears above the search bar

Click the Startup tab and check if you have that entry.

Uncheck the box next to it and that should disable it.

Reboot and run OTL

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Edited by m0le, 11 June 2012 - 07:23 PM.

Posted Image
m0le is a proud member of UNITE

#11 wolfpackfans

wolfpackfans
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 12 June 2012 - 11:23 PM

Ok! I'm traveling again this week but will try to remotely access that of tomorrow!

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:24 AM

Posted 13 June 2012 - 02:17 PM

:thumbup2:
Posted Image
m0le is a proud member of UNITE

#13 wolfpackfans

wolfpackfans
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 17 June 2012 - 10:15 AM

OTL logfile created on: 6/17/2012 10:32:02 AM - Run 2
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\rol\Desktop\AleciaTools
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.85 Gb Total Physical Memory | 2.13 Gb Available Physical Memory | 55.34% Memory free
7.70 Gb Paging File | 5.29 Gb Available in Paging File | 68.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.59 Gb Total Space | 400.73 Gb Free Space | 90.95% Space Free | Partition Type: NTFS

Computer Name: ROL-PC | User Name: rol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (All) ==========

PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Users\rol\Desktop\AleciaTools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - c:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
PRC - C:\Windows\jmesoft\hotkey.exe (Lenovo)
PRC - C:\Windows\SysWOW64\UMonit.exe ()
PRC - C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (Lenovo)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe (Cyber Power Systems, Inc.)
PRC - C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)


========== Modules (All) ==========

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Users\rol\Desktop\AleciaTools\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
MOD - C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\freebl3.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll (sqlite.org)
MOD - C:\Program Files (x86)\Mozilla Firefox\nss3.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\nspr4.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\mozglue.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\xul.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\softokn3.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\ssl3.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\smime3.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\plc4.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\plds4.dll (Mozilla Foundation)
MOD - C:\Program Files (x86)\Mozilla Firefox\xpcom.dll (Mozilla Foundation)
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\jscript9.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wininet.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\jscript.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\iertutil.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
MOD - C:\Windows\SysWOW64\crypt32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cryptnet.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\AVG\AVG2012\avgsrmx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
MOD - C:\Windows\SysWOW64\msi.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll (Malwarebytes Corporation)
MOD - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll (Malwarebytes Corporation)
MOD - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
MOD - C:\Program Files (x86)\AVG\AVG2012\avgdecider.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Resource_en.dll (TeamViewer GmbH)
MOD - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_StaticRes.dll (TeamViewer GmbH)
MOD - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
MOD - C:\Program Files (x86)\TeamViewer\Version7\tv_w32.dll (TeamViewer GmbH)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\QBUServiceMgr.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgRequestMgr.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbuchannel.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgrps.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\TXNFORM.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\txncore.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\ui.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\UM.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\TEJ32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\TRACKING.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\skucore.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\sdkutil.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\ReportInterop.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBWRPT32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBWMain.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBWIN32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbwfls32.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbutilities.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbtxn32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBSTYL32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbtool32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBSendError20.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\QBSendError20.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBQWUT32.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBSDKNotify.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBONLI32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBOESD32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbmsintg.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbot.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qblist32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBINTR32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBInstanceFinder.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBMAS32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBITools.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBMAPILibrary.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBMFCT32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbdomain.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbform32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBInbox.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBCONV32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbci32.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBCompressor.DLL ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBCHAO32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbbrow32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBATTR32.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\PortFile.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\PREFS.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\PRLoader.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\PRNotificationLoader.dll (TODO: <Company name>)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\PAYRES.DLL (Intuit, Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\PAYSERV.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\PAYUTIL.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\payxsgen.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\PM.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\paycore.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\OPAQUEBUFFER.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\msgDBAddIn.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\NAAuthTool.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\mbpopup.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\FEATURES.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\FileManifest.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\ELCORE.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\FeatureMgr.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\ESHELL.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\dmtxn.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DocumentManagement.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMUSERS.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMUI.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMTIME.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMEDL.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMdqe.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMPAYROLL.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMGenPrefs.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMInventory.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMMemorizedTransaction.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\dmolb.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMPREFS.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMAUDIT.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMCore.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMAttachedDoc.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMCustomerNotes.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMBUDGET.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMDATASYNC.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DatabaseManager.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\CoLocator2.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMAccountant.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\DMALIAS.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\cindexdb.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_serialization-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_regex-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\APPCORE.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\BackupLib.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\ADR.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\addinmgr2.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\BizUtil.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\Accountant.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\abmapi.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\ACE.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\ACM.DLL (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\SSCE5232.dll (Wintertree Software Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBXLAdin.dll (Intuit, Inc.)
MOD - C:\Windows\SysWOW64\DWrite.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wintrust.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\imagehlp.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\AVG\AVG2012\avglogx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\AVG\AVG2012\avgidpsdkx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\AVG\AVG2012\avguires.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\AVG\AVG2012\avgsysx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\AVG\AVG2012\avgntopensslx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\AVG\AVG2012\avgcfgx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\AVG\AVG2012\avglngx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Program Files (x86)\AVG\AVG2012\avgidpmx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msls31.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msvcrt.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntdll.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\webio.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\schannel.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\secur32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\oleaut32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\oleacc.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\InetClnt.dll (Intuit Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\zlib1.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\dbicudt11.dll (iAnywhere Solutions, Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\dbtool11.dll (iAnywhere Solutions, Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\dbicu11.dll (iAnywhere Solutions, Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\dblgen11.dll (iAnywhere Solutions, Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\dblib11.dll (iAnywhere Solutions, Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\stlport_r50.dll (STLport Consulting, Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\stlport_r50.dll (STLport Consulting, Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\qbwpsrun.dll (Intuit Inc.)
MOD - C:\Windows\SysWOW64\kernel32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\odbccp32.dll (Microsoft Corporation)
MOD - C:\Windows\jmesoft\hotkey.exe (Lenovo)
MOD - C:\Windows\SysWOW64\UMonit.exe ()
MOD - C:\Windows\SysWOW64\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Windows\SysWOW64\mfc42.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dnsapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\d2d1.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\usp10.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\d3d10_1.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\spp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wmploc.DLL (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wmp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wpdshext.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\mscms.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\WindowsCodecs.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\credssp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ksproxy.ax (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\IPHLPAPI.DLL (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\browcli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msxml3.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\advapi32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\riched20.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msvfw32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\avifil32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\riched32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\vssapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wbem\fastprox.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\imm32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\d3d9.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ExplorerFrame.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\user32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\d3d10warp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\sxs.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\Wldap32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winmm.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\srvcli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\userenv.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\gdi32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\apphelp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\RpcRtRemote.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\rpcrt4.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\upnp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dbghelp.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\propsys.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dxgi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wbemcomn.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winhttp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winspool.drv (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\FWPUCLNT.DLL (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\mapi32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\netshell.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\shdocvw.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\olepro32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\netapi32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cscapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msdmo.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ole32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\odbc32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\rtutils.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wdmaud.drv (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ws2_32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\AudioSes.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winsta.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wtsapi32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\setupapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\MMDevAPI.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wkscli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\shlwapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\d3d10_1core.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msasn1.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\igdumd32.dll (Intel Corporation)
MOD - C:\Windows\SysWOW64\igdumdx32.dll (Intel Corporation)
MOD - C:\Windows\SysWOW64\igd10umd32.dll (Intel Corporation)
MOD - C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (Lenovo)
MOD - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
MOD - C:\Program Files\Lenovo\Lenovo Brightness System\ddcHelperWraper.dll ()
MOD - C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll ()
MOD - C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll ()
MOD - C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo)
MOD - C:\Program Files\Lenovo\Lenovo Eye Distance System\VideoPlayer.dll ()
MOD - C:\Windows\SysWOW64\KeyStone.ax (Vimicro Corporation)
MOD - C:\Windows\SysWOW64\msvcr100_clr0400.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\Lenovo\Power2Go\msvcr71.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Lenovo\Power2Go\msvcp71.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
MOD - c:\Windows\SysWOW64\msxml4.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\bcryptprimitives.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\rsaenh.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\Wpc.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wship6.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\WSHTCPIP.DLL (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wbem\wmiutils.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winnsi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wevtapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\WindowsCodecsExt.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\vsstrace.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wbem\wbemsvc.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wbem\wbemprox.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\version.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\srclient.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ssdpapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\slc.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\shfolder.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\samlib.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\SensApi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\rasapi32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\powrprof.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\oledlg.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\rasman.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\rasadhlp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\psapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntmarta.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntdsapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\npmproxy.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\nsi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\netprofm.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ncrypt.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msvbvm60.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msimtf.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msiltcfg.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msimg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msctf.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msctfui.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msacm32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\mpr.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\mlang.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\midimap.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\Magnification.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\linkinfo.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ksuser.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\icm32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\hnetcfg.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\gpapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\feclient.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dui70.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\duser.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dxva2.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dhcpcsvc.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dhcpcsvc6.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\devenum.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\d3d8thk.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\d3d10.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\d3d10core.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\crtdll.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cryptsp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\clbcatq.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\avrt.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\atl.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\avicap32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\hhctrl.ocx (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msacm32.drv (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\uxtheme.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\lpk.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\bcrypt.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\odbcint.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\PresentationNative_v0300.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)
MOD - C:\Program Files (x86)\Common Files\Intuit\Entitlement Client\v6.0\Client\EntitlementClientBootstrap.dll (Intuit, Inc.)
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\dbghelp.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll (Microsoft Corporation)


========== Win32 Services (All) ==========

SRV:64bit: - (WatAdminSvc) -- C:\Windows\SysNative\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV:64bit: - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
SRV:64bit: - (ProfSvc) -- C:\Windows\SysNative\profsvc.dll (Microsoft Corporation)
SRV:64bit: - (CryptSvc) -- C:\Windows\SysNative\cryptsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (SamSs) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (ProtectedStorage) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (PlugPlay) -- C:\Windows\SysNative\umpnpmgr.dll (Microsoft Corporation)
SRV:64bit: - (WSearch) -- C:\windows\SysNative\SearchIndexer.exe (Microsoft Corporation)
SRV:64bit: - (Dnscache) -- C:\Windows\SysNative\dnsrslvr.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (TabletInputService) -- C:\Windows\SysNative\TabSvc.dll (Microsoft Corporation)
SRV:64bit: - (SDRSVC) -- C:\Windows\SysNative\sdrsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV:64bit: - (WPDBusEnum) -- C:\Windows\SysNative\wpdbusenum.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (stisvc) -- C:\Windows\SysNative\wiaservc.dll (Microsoft Corporation)
SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation)
SRV:64bit: - (SysMain) -- C:\Windows\SysNative\sysmain.dll (Microsoft Corporation)
SRV:64bit: - (wcncsvc) -- C:\Windows\SysNative\wcncsvc.dll (Microsoft Corporation)
SRV:64bit: - (WebClient) -- C:\Windows\SysNative\WebClnt.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (SessionEnv) -- C:\Windows\SysNative\SessEnv.dll (Microsoft Corporation)
SRV:64bit: - (gpsvc) -- C:\Windows\SysNative\gpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioSrv) -- C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation)
SRV:64bit: - (TapiSrv) -- C:\Windows\SysNative\tapisrv.dll (Microsoft Corporation)
SRV:64bit: - (LanmanWorkstation) -- C:\Windows\SysNative\wkssvc.dll (Microsoft Corporation)
SRV:64bit: - (MpsSvc) -- C:\Windows\SysNative\MPSSVC.dll (Microsoft Corporation)
SRV:64bit: - (Spooler) -- C:\Windows\SysNative\spoolsv.exe (Microsoft Corporation)
SRV:64bit: - (wuauserv) -- C:\Windows\SysNative\wuaueng.dll (Microsoft Corporation)
SRV:64bit: - (WinRM) -- C:\Windows\SysNative\WsmSvc.dll (Microsoft Corporation)
SRV:64bit: - (RasMan) -- C:\Windows\SysNative\rasmans.dll (Microsoft Corporation)
SRV:64bit: - (Schedule) -- C:\Windows\SysNative\schedsvc.dll (Microsoft Corporation)
SRV:64bit: - (DPS) -- C:\Windows\SysNative\dps.dll (Microsoft Corporation)
SRV:64bit: - (Browser) -- C:\Windows\SysNative\browser.dll (Microsoft Corporation)
SRV:64bit: - (hkmsvc) -- C:\Windows\SysNative\KMSVC.DLL (Microsoft Corporation)
SRV:64bit: - (seclogon) -- C:\Windows\SysNative\seclogon.dll (Microsoft Corporation)
SRV:64bit: - (msiserver) -- C:\windows\SysNative\msiexec.exe (Microsoft Corporation)
SRV:64bit: - (iphlpsvc) -- C:\Windows\SysNative\iphlpsvc.dll (Microsoft Corporation)
SRV:64bit: - (dot3svc) -- C:\Windows\SysNative\dot3svc.dll (Microsoft Corporation)
SRV:64bit: - (SCPolicySvc) -- C:\Windows\SysNative\certprop.dll (Microsoft Corporation)
SRV:64bit: - (CertPropSvc) -- C:\Windows\SysNative\certprop.dll (Microsoft Corporation)
SRV:64bit: - (Appinfo) -- C:\Windows\SysNative\appinfo.dll (Microsoft Corporation)
SRV:64bit: - (TermService) -- C:\Windows\SysNative\termsrv.dll (Microsoft Corporation)
SRV:64bit: - (RpcSs) -- C:\Windows\SysNative\rpcss.dll (Microsoft Corporation)
SRV:64bit: - (DcomLaunch) -- C:\Windows\SysNative\rpcss.dll (Microsoft Corporation)
SRV:64bit: - (pla) -- C:\Windows\SysNative\pla.dll (Microsoft Corporation)
SRV:64bit: - (IKEEXT) -- C:\Windows\SysNative\IKEEXT.DLL (Microsoft Corporation)
SRV:64bit: - (BFE) -- C:\Windows\SysNative\BFE.DLL (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (WinHttpAutoProxySvc) -- C:\windows\SysNative\winhttp.dll (Microsoft Corporation)
SRV:64bit: - (eventlog) -- C:\Windows\SysNative\wevtsvc.dll (Microsoft Corporation)
SRV:64bit: - (VSS) -- C:\Windows\SysNative\VSSVC.exe (Microsoft Corporation)
SRV:64bit: - (ShellHWDetection) -- C:\Windows\SysNative\shsvcs.dll (Microsoft Corporation)
SRV:64bit: - (NlaSvc) -- C:\Windows\SysNative\nlasvc.dll (Microsoft Corporation)
SRV:64bit: - (BITS) -- C:\Windows\SysNative\qmgr.dll (Microsoft Corporation)
SRV:64bit: - (vds) -- C:\Windows\SysNative\vds.exe (Microsoft Corporation)
SRV:64bit: - (wudfsvc) -- C:\Windows\SysNative\WUDFSvc.dll (Microsoft Corporation)
SRV:64bit: - (PolicyAgent) -- C:\Windows\SysNative\IPSECSVC.DLL (Microsoft Corporation)
SRV:64bit: - (napagent) -- C:\Windows\SysNative\QAGENTRT.DLL (Microsoft Corporation)
SRV:64bit: - (LanmanServer) -- C:\Windows\SysNative\srvsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV:64bit: - (osppsvc) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (wscsvc) -- C:\Windows\SysNative\wscsvc.dll (Microsoft Corporation)
SRV:64bit: - (WPCSvc) -- C:\Windows\SysNative\wpcsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wlansvc) -- C:\Windows\SysNative\wlansvc.dll (Microsoft Corporation)
SRV:64bit: - (W32Time) -- C:\Windows\SysNative\w32time.dll (Microsoft Corporation)
SRV:64bit: - (upnphost) -- C:\Windows\SysNative\upnphost.dll (Microsoft Corporation)
SRV:64bit: - (Winmgmt) -- C:\Windows\SysNative\wbem\WMIsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wecsvc) -- C:\Windows\SysNative\wecsvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (WdiSystemHost) -- C:\Windows\SysNative\wdi.dll (Microsoft Corporation)
SRV:64bit: - (WdiServiceHost) -- C:\Windows\SysNative\wdi.dll (Microsoft Corporation)
SRV:64bit: - (wercplsupport) -- C:\Windows\SysNative\wercplsupport.dll (Microsoft Corporation)
SRV:64bit: - (WerSvc) -- C:\Windows\SysNative\wersvc.dll (Microsoft Corporation)
SRV:64bit: - (WcsPlugInService) -- C:\Windows\SysNative\WcsPlugInService.dll (Microsoft Corporation)
SRV:64bit: - (UxSms) -- C:\Windows\SysNative\uxsms.dll (Microsoft Corporation)
SRV:64bit: - (TrkWks) -- C:\Windows\SysNative\trkwks.dll (Microsoft Corporation)
SRV:64bit: - (TBS) -- C:\Windows\SysNative\tbssvc.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (swprv) -- C:\Windows\SysNative\swprv.dll (Microsoft Corporation)
SRV:64bit: - (SSDPSRV) -- C:\Windows\SysNative\ssdpsrv.dll (Microsoft Corporation)
SRV:64bit: - (SstpSvc) -- C:\Windows\SysNative\sstpsvc.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2psvc) -- C:\Windows\SysNative\p2psvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (QWAVE) -- C:\Windows\SysNative\qwave.dll (Microsoft Corporation)
SRV:64bit: - (SCardSvr) -- C:\Windows\SysNative\SCardSvr.dll (Microsoft Corporation)
SRV:64bit: - (PcaSvc) -- C:\Windows\SysNative\pcasvc.dll (Microsoft Corporation)
SRV:64bit: - (RemoteRegistry) -- C:\Windows\SysNative\regsvc.dll (Microsoft Corporation)
SRV:64bit: - (RasAuto) -- C:\Windows\SysNative\rasauto.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (SENS) -- C:\Windows\SysNative\Sens.dll (Microsoft Corporation)
SRV:64bit: - (nsi) -- C:\Windows\SysNative\nsisvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofm.dll (Microsoft Corporation)
SRV:64bit: - (Netman) -- C:\Windows\SysNative\netman.dll (Microsoft Corporation)
SRV:64bit: - (KtmRm) -- C:\Windows\SysNative\msdtckrm.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
SRV:64bit: - (THREADORDER) -- C:\Windows\SysNative\mmcss.dll (Microsoft Corporation)
SRV:64bit: - (MMCSS) -- C:\Windows\SysNative\mmcss.dll (Microsoft Corporation)
SRV:64bit: - (lltdsvc) -- C:\Windows\SysNative\lltdsvc.dll (Microsoft Corporation)
SRV:64bit: - (lmhosts) -- C:\Windows\SysNative\lmhsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSiSCSI) -- C:\Windows\SysNative\iscsiexe.dll (Microsoft Corporation)
SRV:64bit: - (SharedAccess) -- C:\Windows\SysNative\ipnathlp.dll (Microsoft Corporation)
SRV:64bit: - (IPBusEnum) -- C:\Windows\SysNative\IPBusEnum.dll (Microsoft Corporation)
SRV:64bit: - (hidserv) -- C:\Windows\SysNative\hidserv.dll (Microsoft Corporation)
SRV:64bit: - (FDResPub) -- C:\Windows\SysNative\FDResPub.dll (Microsoft Corporation)
SRV:64bit: - (fdPHost) -- C:\Windows\SysNative\fdPHost.dll (Microsoft Corporation)
SRV:64bit: - (EventSystem) -- C:\Windows\SysNative\es.dll (Microsoft Corporation)
SRV:64bit: - (EapHost) -- C:\Windows\SysNative\eapsvc.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AeLookupSvc) -- C:\Windows\SysNative\aelupsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wmiApSrv) -- C:\Windows\SysNative\wbem\WmiApSrv.exe (Microsoft Corporation)
SRV:64bit: - (UI0Detect) -- C:\Windows\SysNative\UI0Detect.exe (Microsoft Corporation)
SRV:64bit: - (SNMPTRAP) -- C:\Windows\SysNative\snmptrap.exe (Microsoft Corporation)
SRV:64bit: - (MSDTC) -- C:\Windows\SysNative\msdtc.exe (Microsoft Corporation)
SRV:64bit: - (RpcLocator) -- C:\Windows\SysNative\Locator.exe (Microsoft Corporation)
SRV:64bit: - (COMSysApp) -- C:\windows\SysNative\dllhost.exe (Microsoft Corporation)
SRV:64bit: - (ALG) -- C:\Windows\SysNative\alg.exe (Microsoft Corporation)
SRV - (vToolbarUpdater11.1.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (CryptSvc) -- C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (gupdatem) Google Update Service (gupdatem) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (cvhsvc) -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (QBVSS) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (WSearch) -- C:\windows\SysWow64\SearchIndexer.exe (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (wcncsvc) -- C:\Windows\SysWOW64\wcncsvc.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\Windows\SysWOW64\WebClnt.dll (Microsoft Corporation)
SRV - (ehRecvr) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (WinRM) -- C:\Windows\SysWOW64\WsmSvc.dll (Microsoft Corporation)
SRV - (msiserver) -- C:\windows\SysWow64\msiexec.exe (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (pla) -- C:\Windows\SysWOW64\pla.dll (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- C:\windows\SysWow64\winhttp.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\Windows\SysWOW64\shsvcs.dll (Microsoft Corporation)
SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
SRV - (TapiSrv) -- C:\Windows\SysWOW64\tapisrv.dll (Microsoft Corporation)
SRV - (SessionEnv) -- C:\Windows\SysWOW64\SessEnv.dll (Microsoft Corporation)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ose) -- C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ehSched) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (WPCSvc) -- C:\Windows\SysWOW64\wpcsvc.dll (Microsoft Corporation)
SRV - (WdiSystemHost) -- C:\Windows\SysWOW64\wdi.dll (Microsoft Corporation)
SRV - (WdiServiceHost) -- C:\Windows\SysWOW64\wdi.dll (Microsoft Corporation)
SRV - (WcsPlugInService) -- C:\Windows\SysWOW64\WcsPlugInService.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\Windows\SysWOW64\upnphost.dll (Microsoft Corporation)
SRV - (SENS) -- C:\Windows\SysWOW64\Sens.dll (Microsoft Corporation)
SRV - (QWAVE) -- C:\Windows\SysWOW64\qwave.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\SysWOW64\netprofm.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
SRV - (hidserv) -- C:\Windows\SysWOW64\hidserv.dll (Microsoft Corporation)
SRV - (EventSystem) -- C:\Windows\SysWOW64\es.dll (Microsoft Corporation)
SRV - (PerfHost) -- C:\Windows\SysWOW64\perfhost.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\windows\SysWow64\dllhost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ppped) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe (Cyber Power Systems, Inc.)


========== Driver Services (All) ==========

DRV:64bit: - (RDPWD) -- C:\windows\SysNative\drivers\rdpwd.sys (Microsoft Corporation)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (TCPIP6) -- C:\Windows\SysNative\drivers\tcpip.sys (Microsoft Corporation)
DRV:64bit: - (Tcpip) -- C:\Windows\SysNative\drivers\tcpip.sys (Microsoft Corporation)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (partmgr) -- C:\Windows\SysNative\drivers\partmgr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (TDTCP) -- C:\Windows\SysNative\drivers\tdtcp.sys (Microsoft Corporation)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Ntfs) -- C:\windows\SysNative\drivers\ntfs.sys (Microsoft Corporation)
DRV:64bit: - (iaStorV) -- C:\Windows\SysNative\drivers\iaStorV.sys (Intel Corporation)
DRV:64bit: - (nvstor) -- C:\Windows\SysNative\drivers\nvstor.sys (NVIDIA Corporation)
DRV:64bit: - (nvraid) -- C:\Windows\SysNative\drivers\nvraid.sys (NVIDIA Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (USBSTOR) -- C:\Windows\SysNative\drivers\USBSTOR.SYS (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AFD) -- C:\Windows\SysNative\drivers\afd.sys (Microsoft Corporation)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (KSecDD) -- C:\Windows\SysNative\drivers\ksecdd.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (mrxsmb10) -- C:\Windows\SysNative\drivers\mrxsmb10.sys (Microsoft Corporation)
DRV:64bit: - (GeneStor) -- C:\Windows\SysNative\drivers\GeneStor.sys (GenesysLogic)
DRV:64bit: - (srv) -- C:\Windows\SysNative\drivers\srv.sys (Microsoft Corporation)
DRV:64bit: - (srv2) -- C:\Windows\SysNative\drivers\srv2.sys (Microsoft Corporation)
DRV:64bit: - (srvnet) -- C:\Windows\SysNative\drivers\srvnet.sys (Microsoft Corporation)
DRV:64bit: - (mrxsmb) -- C:\Windows\SysNative\drivers\mrxsmb.sys (Microsoft Corporation)
DRV:64bit: - (mrxsmb20) -- C:\Windows\SysNative\drivers\mrxsmb20.sys (Microsoft Corporation)
DRV:64bit: - (usbhub) -- C:\Windows\SysNative\drivers\usbhub.sys (Microsoft Corporation)
DRV:64bit: - (usbccgp) -- C:\Windows\SysNative\drivers\usbccgp.sys (Microsoft Corporation)
DRV:64bit: - (usbehci) -- C:\Windows\SysNative\drivers\usbehci.sys (Microsoft Corporation)
DRV:64bit: - (usbohci) -- C:\Windows\SysNative\drivers\usbohci.sys (Microsoft Corporation)
DRV:64bit: - (usbuhci) -- C:\Windows\SysNative\drivers\usbuhci.sys (Microsoft Corporation)
DRV:64bit: - (bowser) -- C:\Windows\SysNative\drivers\bowser.sys (Microsoft Corporation)
DRV:64bit: - (NDIS) -- C:\Windows\SysNative\drivers\ndis.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (MRxDAV) -- C:\Windows\SysNative\drivers\mrxdav.sys (Microsoft Corporation)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (Rasl2tp) -- C:\Windows\SysNative\drivers\rasl2tp.sys (Microsoft Corporation)
DRV:64bit: - (PptpMiniport) -- C:\Windows\SysNative\drivers\raspptp.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (DXGKrnl) -- C:\Windows\SysNative\drivers\dxgkrnl.sys (Microsoft Corporation)
DRV:64bit: - (tdx) -- C:\Windows\SysNative\drivers\tdx.sys (Microsoft Corporation)
DRV:64bit: - (DfsC) -- C:\Windows\SysNative\drivers\dfsc.sys (Microsoft Corporation)
DRV:64bit: - (Ndisuio) -- C:\Windows\SysNative\drivers\ndisuio.sys (Microsoft Corporation)
DRV:64bit: - (IpFilterDriver) -- C:\Windows\SysNative\drivers\ipfltdrv.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (MsRPC) -- C:\windows\SysNative\drivers\msrpc.sys (Microsoft Corporation)
DRV:64bit: - (volmgrx) -- C:\Windows\SysNative\drivers\volmgrx.sys (Microsoft Corporation)
DRV:64bit: - (tunnel) -- C:\Windows\SysNative\drivers\tunnel.sys (Microsoft Corporation)
DRV:64bit: - (NDProxy) -- C:\windows\SysNative\drivers\ndproxy.sys (Microsoft Corporation)
DRV:64bit: - (Wanarpv6) -- C:\Windows\SysNative\drivers\wanarp.sys (Microsoft Corporation)
DRV:64bit: - (WANARP) -- C:\Windows\SysNative\drivers\wanarp.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (rdbss) -- C:\Windows\SysNative\drivers\rdbss.sys (Microsoft Corporation)
DRV:64bit: - (NdisWan) -- C:\Windows\SysNative\drivers\ndiswan.sys (Microsoft Corporation)
DRV:64bit: - (Psched) -- C:\Windows\SysNative\drivers\pacer.sys (Microsoft Corporation)
DRV:64bit: - (FltMgr) -- C:\Windows\SysNative\drivers\fltMgr.sys (Microsoft Corporation)
DRV:64bit: - (HTTP) -- C:\Windows\SysNative\drivers\http.sys (Microsoft Corporation)
DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation)
DRV:64bit: - (mountmgr) -- C:\Windows\SysNative\drivers\mountmgr.sys (Microsoft Corporation)
DRV:64bit: - (tcpipreg) -- C:\Windows\SysNative\drivers\tcpipreg.sys (Microsoft Corporation)
DRV:64bit: - (NetBT) -- C:\Windows\SysNative\drivers\netbt.sys (Microsoft Corporation)
DRV:64bit: - (tssecsrv) -- C:\Windows\SysNative\drivers\tssecsrv.sys (Microsoft Corporation)
DRV:64bit: - (WUDFRd) -- C:\Windows\SysNative\drivers\WUDFRd.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (iScsiPrt) -- C:\Windows\SysNative\drivers\msiscsi.sys (Microsoft Corporation)
DRV:64bit: - (IPMIDRV) -- C:\Windows\SysNative\drivers\IPMIDrv.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (ACPI) -- C:\Windows\SysNative\drivers\acpi.sys (Microsoft Corporation)
DRV:64bit: - (volsnap) -- C:\Windows\SysNative\drivers\volsnap.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (pci) -- C:\Windows\SysNative\drivers\pci.sys (Microsoft Corporation)
DRV:64bit: - (mpio) -- C:\Windows\SysNative\drivers\mpio.sys (Microsoft Corporation)
DRV:64bit: - (cdrom) -- C:\Windows\SysNative\drivers\cdrom.sys (Microsoft Corporation)
DRV:64bit: - (msdsm) -- C:\Windows\SysNative\drivers\msdsm.sys (Microsoft Corporation)
DRV:64bit: - (HDAudBus) -- C:\Windows\SysNative\drivers\hdaudbus.sys (Microsoft Corporation)
DRV:64bit: - (sbp2port) -- C:\Windows\SysNative\drivers\sbp2port.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (volmgr) -- C:\Windows\SysNative\drivers\volmgr.sys (Microsoft Corporation)
DRV:64bit: - (TermDD) -- C:\Windows\SysNative\drivers\termdd.sys (Microsoft Corporation)
DRV:64bit: - (umbus) -- C:\Windows\SysNative\drivers\umbus.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (kbdhid) -- C:\Windows\SysNative\drivers\kbdhid.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (msahci) -- C:\Windows\SysNative\drivers\msahci.sys (Microsoft Corporation)
DRV:64bit: - (HidUsb) -- C:\Windows\SysNative\drivers\hidusb.sys (Microsoft Corporation)
DRV:64bit: - (sffp_sd) -- C:\Windows\SysNative\drivers\sffp_sd.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\SysNative\drivers\RTKVHD64.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (e1cexpress) Intel® -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Compbatt) -- C:\Windows\SysNative\drivers\compbatt.sys (Microsoft Corporation)
DRV:64bit: - (cmdide) -- C:\Windows\SysNative\drivers\cmdide.sys (CMD Technology, Inc.)
DRV:64bit: - (adp94xx) -- C:\Windows\SysNative\drivers\adp94xx.sys (Adaptec, Inc.)
DRV:64bit: - (adpahci) -- C:\Windows\SysNative\drivers\adpahci.sys (Adaptec, Inc.)
DRV:64bit: - (adpu320) -- C:\Windows\SysNative\drivers\adpu320.sys (Adaptec, Inc.)
DRV:64bit: - (arcsas) -- C:\Windows\SysNative\drivers\arcsas.sys (Adaptec, Inc.)
DRV:64bit: - (arc) -- C:\Windows\SysNative\drivers\arc.sys (Adaptec, Inc.)
DRV:64bit: - (agp440) -- C:\Windows\SysNative\drivers\AGP440.sys (Microsoft Corporation)
DRV:64bit: - (atapi) -- C:\Windows\SysNative\drivers\atapi.sys (Microsoft Corporation)
DRV:64bit: - (amdide) -- C:\Windows\SysNative\drivers\amdide.sys (Microsoft Corporation)
DRV:64bit: - (aliide) -- C:\Windows\SysNative\drivers\aliide.sys (Acer Laboratories Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (Mup) -- C:\Windows\SysNative\drivers\mup.sys (Microsoft Corporation)
DRV:64bit: - (mouclass) -- C:\Windows\SysNative\drivers\mouclass.sys (Microsoft Corporation)
DRV:64bit: - (mssmbios) -- C:\Windows\SysNative\drivers\mssmbios.sys (Microsoft Corporation)
DRV:64bit: - (msisadrv) -- C:\Windows\SysNative\drivers\msisadrv.sys (Microsoft Corporation)
DRV:64bit: - (nv_agp) -- C:\Windows\SysNative\drivers\NV_AGP.SYS (Microsoft Corporation)
DRV:64bit: - (nfrd960) -- C:\Windows\SysNative\drivers\nfrd960.sys (IBM Corporation)
DRV:64bit: - (MegaSR) -- C:\Windows\SysNative\drivers\MegaSR.sys (LSI Corporation, Inc.)
DRV:64bit: - (LSI_SCSI) -- C:\Windows\SysNative\drivers\lsi_scsi.sys (LSI Corporation)
DRV:64bit: - (LSI_FC) -- C:\Windows\SysNative\drivers\lsi_fc.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS) -- C:\Windows\SysNative\drivers\lsi_sas.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (kbdclass) -- C:\Windows\SysNative\drivers\kbdclass.sys (Microsoft Corporation)
DRV:64bit: - (iirsp) -- C:\Windows\SysNative\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV:64bit: - (megasas) -- C:\Windows\SysNative\drivers\megasas.sys (LSI Corporation)
DRV:64bit: - (isapnp) -- C:\Windows\SysNative\drivers\isapnp.sys (Microsoft Corporation)
DRV:64bit: - (intelide) -- C:\Windows\SysNative\drivers\intelide.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (elxstor) -- C:\Windows\SysNative\drivers\elxstor.sys (Emulex)
DRV:64bit: - (Disk) -- C:\Windows\SysNative\drivers\disk.sys (Microsoft Corporation)
DRV:64bit: - (FileInfo) -- C:\Windows\SysNative\drivers\fileinfo.sys (Microsoft Corporation)
DRV:64bit: - (gagp30kx) -- C:\Windows\SysNative\drivers\GAGP30KX.SYS (Microsoft Corporation)
DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (Wdf01000) -- C:\Windows\SysNative\drivers\Wdf01000.sys (Microsoft Corporation)
DRV:64bit: - (vsmraid) -- C:\Windows\SysNative\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV:64bit: - (uliagpkx) -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS (Microsoft Corporation)
DRV:64bit: - (uagp35) -- C:\Windows\SysNative\drivers\UAGP35.SYS (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Wd) -- C:\Windows\SysNative\drivers\wd.sys (Microsoft Corporation)
DRV:64bit: - (spldr) -- C:\windows\SysNative\drivers\spldr.sys (Microsoft Corporation)
DRV:64bit: - (viaide) -- C:\Windows\SysNative\drivers\viaide.sys (VIA Technologies, Inc.)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\drivers\swenum.sys (Microsoft Corporation)
DRV:64bit: - (ql2300) -- C:\Windows\SysNative\drivers\ql2300.sys (QLogic Corporation)
DRV:64bit: - (SiSRaid4) -- C:\Windows\SysNative\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV:64bit: - (pcmcia) -- C:\Windows\SysNative\drivers\pcmcia.sys (Microsoft Corporation)
DRV:64bit: - (ql40xx) -- C:\Windows\SysNative\drivers\ql40xx.sys (QLogic Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (SiSRaid2) -- C:\Windows\SysNative\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (pciide) -- C:\Windows\SysNative\drivers\pciide.sys (Microsoft Corporation)
DRV:64bit: - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\SysNative\drivers\BrSerId.sys (Brother Industries Ltd.)
DRV:64bit: - (PEAUTH) -- C:\Windows\SysNative\drivers\PEAuth.sys (Microsoft Corporation)
DRV:64bit: - (usbprint) -- C:\Windows\SysNative\drivers\usbprint.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RDPENCDD) -- C:\Windows\SysNative\drivers\RDPENCDD.sys (Microsoft Corporation)
DRV:64bit: - (RDPCDD) -- C:\Windows\SysNative\drivers\RDPCDD.sys (Microsoft Corporation)
DRV:64bit: - (TDPIPE) -- C:\Windows\SysNative\drivers\tdpipe.sys (Microsoft Corporation)
DRV:64bit: - (Modem) -- C:\Windows\SysNative\drivers\modem.sys (Microsoft Corporation)
DRV:64bit: - (ws2ifsl) -- C:\Windows\SysNative\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV:64bit: - (RasSstp) -- C:\Windows\SysNative\drivers\rassstp.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (RasPppoe) -- C:\Windows\SysNative\drivers\raspppoe.sys (Microsoft Corporation)
DRV:64bit: - (AsyncMac) -- C:\Windows\SysNative\drivers\asyncmac.sys (Microsoft Corporation)
DRV:64bit: - (RasAcd) -- C:\Windows\SysNative\drivers\rasacd.sys (Microsoft Corporation)
DRV:64bit: - (IPNAT) -- C:\Windows\SysNative\drivers\ipnat.sys (Microsoft Corporation)
DRV:64bit: - (NdisTapi) -- C:\Windows\SysNative\drivers\ndistapi.sys (Microsoft Corporation)
DRV:64bit: - (QWAVEdrv) -- C:\Windows\SysNative\drivers\qwavedrv.sys (Microsoft Corporation)
DRV:64bit: - (NetBIOS) -- C:\Windows\SysNative\drivers\netbios.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (Smb) -- C:\Windows\SysNative\drivers\smb.sys (Microsoft Corporation)
DRV:64bit: - (IRENUM) -- C:\Windows\SysNative\drivers\irenum.sys (Microsoft Corporation)
DRV:64bit: - (rspndr) -- C:\Windows\SysNative\drivers\rspndr.sys (Microsoft Corporation)
DRV:64bit: - (lltdio) -- C:\Windows\SysNative\drivers\lltdio.sys (Microsoft Corporation)
DRV:64bit: - (mpsdrv) -- C:\Windows\SysNative\drivers\mpsdrv.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (NativeWifiP) -- C:\Windows\SysNative\drivers\nwifi.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (HidBth) -- C:\Windows\SysNative\drivers\hidbth.sys (Microsoft Corporation)
DRV:64bit: - (BTHMODEM) -- C:\Windows\SysNative\drivers\bthmodem.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (ohci1394) 1394 OHCI Compliant Host Controller (Legacy) -- C:\Windows\SysNative\drivers\ohci1394.sys (Microsoft Corporation)
DRV:64bit: - (usbcir) eHome Infrared Receiver (USBCIR) -- C:\Windows\SysNative\drivers\usbcir.sys (Microsoft Corporation)
DRV:64bit: - (circlass) -- C:\Windows\SysNative\drivers\circlass.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (HidIr) -- C:\Windows\SysNative\drivers\hidir.sys (Microsoft Corporation)
DRV:64bit: - (drmkaud) -- C:\Windows\SysNative\drivers\drmkaud.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (WacomPen) -- C:\Windows\SysNative\drivers\wacompen.sys (Microsoft Corporation)
DRV:64bit: - (sffp_mmc) -- C:\Windows\SysNative\drivers\sffp_mmc.sys (Microsoft Corporation)
DRV:64bit: - (sfloppy) -- C:\Windows\SysNative\drivers\sfloppy.sys (Microsoft Corporation)
DRV:64bit: - (sffdisk) -- C:\Windows\SysNative\drivers\sffdisk.sys (Microsoft Corporation)
DRV:64bit: - (fdc) -- C:\Windows\SysNative\drivers\fdc.sys (Microsoft Corporation)
DRV:64bit: - (flpydisk) -- C:\Windows\SysNative\drivers\flpydisk.sys (Microsoft Corporation)
DRV:64bit: - (Parport) -- C:\Windows\SysNative\drivers\parport.sys (Microsoft Corporation)
DRV:64bit: - (Serial) -- C:\Windows\SysNative\drivers\serial.sys (Brother Industries Ltd.)
DRV:64bit: - (Serenum) -- C:\Windows\SysNative\drivers\serenum.sys (Microsoft Corporation)
DRV:64bit: - (mouhid) -- C:\Windows\SysNative\drivers\mouhid.sys (Microsoft Corporation)
DRV:64bit: - (sermouse) -- C:\Windows\SysNative\drivers\sermouse.sys (Microsoft Corporation)
DRV:64bit: - (ksthunk) -- C:\Windows\SysNative\drivers\ksthunk.sys (Microsoft Corporation)
DRV:64bit: - (MSKSSRV) -- C:\Windows\SysNative\drivers\mskssrv.sys (Microsoft Corporation)
DRV:64bit: - (MSTEE) -- C:\Windows\SysNative\drivers\mstee.sys (Microsoft Corporation)
DRV:64bit: - (MSPCLOCK) -- C:\Windows\SysNative\drivers\mspclock.sys (Microsoft Corporation)
DRV:64bit: - (MSPQM) -- C:\Windows\SysNative\drivers\mspqm.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (monitor) -- C:\Windows\SysNative\drivers\monitor.sys (Microsoft Corporation)
DRV:64bit: - (VgaSave) -- C:\Windows\SysNative\drivers\vga.sys (Microsoft Corporation)
DRV:64bit: - (vga) -- C:\Windows\SysNative\drivers\vgapnp.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (blbdrive) -- C:\Windows\SysNative\drivers\blbdrive.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (ErrDev) -- C:\Windows\SysNative\drivers\errdev.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (WmiAcpi) -- C:\Windows\SysNative\drivers\wmiacpi.sys (Microsoft Corporation)
DRV:64bit: - (luafv) -- C:\Windows\SysNative\drivers\luafv.sys (Microsoft Corporation)
DRV:64bit: - (Filetrace) -- C:\Windows\SysNative\drivers\filetrace.sys (Microsoft Corporation)
DRV:64bit: - (fastfat) -- C:\windows\SysNative\drivers\fastfat.sys (Microsoft Corporation)
DRV:64bit: - (exfat) -- C:\windows\SysNative\drivers\exfat.sys (Microsoft Corporation)
DRV:64bit: - (nsiproxy) -- C:\Windows\SysNative\drivers\nsiproxy.sys (Microsoft Corporation)
DRV:64bit: - (i8042prt) -- C:\Windows\SysNative\drivers\i8042prt.sys (Microsoft Corporation)
DRV:64bit: - (Npfs) -- C:\windows\SysNative\drivers\npfs.sys (Microsoft Corporation)
DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation)
DRV:64bit: - (Msfs) -- C:\windows\SysNative\drivers\msfs.sys (Microsoft Corporation)
DRV:64bit: - (Null) -- C:\windows\SysNative\drivers\null.sys (Microsoft Corporation)
DRV:64bit: - (AmdK8) -- C:\Windows\SysNative\drivers\amdk8.sys (Microsoft Corporation)
DRV:64bit: - (intelppm) -- C:\Windows\SysNative\drivers\intelppm.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (Processor) -- C:\Windows\SysNative\drivers\processr.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (BrSerWdm) -- C:\Windows\SysNative\drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV:64bit: - (BrUsbMdm) -- C:\Windows\SysNative\drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV:64bit: - (BrUsbSer) -- C:\Windows\SysNative\drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV:64bit: - (BrFiltLo) -- C:\Windows\SysNative\drivers\BrFiltLo.sys (Brother Industries, Ltd.)
DRV:64bit: - (BrFiltUp) -- C:\Windows\SysNative\drivers\BrFiltUp.sys (Brother Industries, Ltd.)
DRV:64bit: - (secdrv) -- C:\windows\SysNative\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WinI2C-DDC) -- C:\Windows\SysNative\drivers\ddcdrv.sys (Nicomsoft Ltd.)
DRV - (WinI2C-DDC) -- C:\Windows\SysWOW64\drivers\ddcdrv.sys (Nicomsoft Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LEND
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7LEND_enUS485
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={C575AE5C-D423-4736-807D-2B30AAA766AF}&mid=90cffca49e0347d0a58d19d59a5c9889-3ebd375044053ce9cdaa95f0488378f24c6c8088&lang=en&ds=AVG&pr=fr&d=2012-05-27 09:32:00&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/11 09:43:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/27 09:31:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/12 20:59:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/08 11:22:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/05/27 09:50:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/08 11:22:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/05/27 09:46:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rol\AppData\Roaming\Mozilla\Extensions
[2012/05/28 09:48:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rol\AppData\Roaming\Mozilla\Firefox\Profiles\66xqqyus.default\extensions
[2012/05/27 09:46:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/08 11:22:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/06/08 11:22:03 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/20 21:18:25 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2012/06/12 20:59:10 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/20 21:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/20 21:18:25 | 000,001,131 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2012/04/20 21:18:25 | 000,003,413 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012/04/20 21:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/04/20 21:18:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2012/04/20 21:18:25 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\rol\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: AVG Safe Search = C:\Users\rol\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Users\rol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [UMonit] C:\Windows\SysWOW64\UMonit.exe ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [jmekey] C:\Windows\jmesoft\hotkey.exe (Lenovo)
O4 - HKLM..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe ()
O4 - HKLM..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (Lenovo)
O4 - HKLM..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2065817969-3797722794-958755500-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2065817969-3797722794-958755500-1001\..Trusted Domains: localhost ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.25.5.61 24.25.5.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03EE82F6-DC90-4D9A-A5F4-2157B5F2E6C4}: DhcpNameServer = 24.25.5.61 24.25.5.60
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\intu-help-qb5 - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/15 16:47:03 | 000,000,000 | ---D | C] -- C:\windows\pss
[2012/06/14 16:24:43 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/06/14 16:24:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/06/14 16:24:43 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/06/14 16:24:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/06/14 16:24:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/06/14 16:24:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/06/14 16:24:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/06/14 16:24:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/06/14 16:24:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/06/14 16:24:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/06/14 16:24:40 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/06/14 16:24:40 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/06/14 16:24:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/06/14 08:56:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/06/14 08:56:08 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/06/14 08:56:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/06/14 08:56:00 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/06/14 08:56:00 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/06/14 08:56:00 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/06/14 08:55:57 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2012/06/14 08:55:54 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2012/06/14 08:55:53 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2012/06/11 09:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/06/10 17:41:46 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\ApplicationHistory
[2012/06/10 17:40:37 | 000,000,000 | ---D | C] -- C:\Users\rol\EZDupe
[2012/05/30 13:48:21 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Microsoft Help
[2012/05/30 13:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/05/29 09:18:16 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Adobe
[2012/05/28 18:14:54 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/05/28 18:14:54 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/05/28 18:08:51 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\SoftGrid Client
[2012/05/28 18:08:50 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\SoftGrid Client
[2012/05/28 18:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/05/28 18:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/05/28 18:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/05/28 18:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/05/28 18:07:50 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\TP
[2012/05/28 17:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberPower PowerPanel Personal Edition
[2012/05/28 17:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
[2012/05/28 17:34:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Softouch
[2012/05/28 17:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2012/05/28 17:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyWorship
[2012/05/28 17:34:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softouch
[2012/05/28 17:33:35 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Softouch
[2012/05/28 17:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Softouch
[2012/05/28 16:56:33 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Avanquest
[2012/05/28 16:55:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BVRP Software
[2012/05/28 16:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2012/05/28 16:55:15 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2012/05/28 16:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Easy Professional 8
[2012/05/28 16:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest
[2012/05/28 16:43:41 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\InstallShield
[2012/05/28 15:41:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Servant Keeper Version 5
[2012/05/28 15:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Servant Keeper Version 5
[2012/05/28 15:41:13 | 000,562,280 | ---- | C] (Software FX, Inc.) -- C:\windows\SysWow64\CFX4032.OCX
[2012/05/28 15:41:13 | 000,232,464 | ---- | C] (Software FX, Inc.) -- C:\windows\SysWow64\CHART2FX.VBX
[2012/05/28 15:41:13 | 000,128,272 | ---- | C] (Software FX, Inc.) -- C:\windows\SysWow64\SFXBAR.DLL
[2012/05/28 15:41:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Servant PC Resources
[2012/05/28 15:41:09 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\windows\SysWow64\INETWH32.dll
[2012/05/28 15:41:09 | 000,022,528 | ---- | C] (Blue Sky Software Corp.) -- C:\windows\SysWow64\RHMMPLAY.DLL
[2012/05/28 15:41:01 | 000,128,272 | ---- | C] (Software FX, Inc.) -- C:\windows\SFXBAR.DLL
[2012/05/28 13:59:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\skcms50
[2012/05/28 13:50:21 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\ServantKeeper
[2012/05/28 09:49:02 | 000,000,000 | ---D | C] -- C:\Users\rol\Desktop\AleciaTools
[2012/05/28 09:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Startup
[2012/05/28 09:19:39 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\GlarySoft
[2012/05/28 09:19:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quick Startup
[2012/05/28 09:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2012/05/28 09:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2012/05/28 09:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP
[2012/05/28 09:04:35 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\OpenCandy
[2012/05/28 08:25:36 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Malwarebytes
[2012/05/28 08:25:28 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/05/28 08:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/28 08:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/28 08:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/28 08:11:04 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2012/05/28 08:11:04 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2012/05/28 07:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2012/05/28 07:55:00 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Intuit
[2012/05/28 07:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
[2012/05/28 07:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2012/05/28 07:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2012/05/28 07:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intuit
[2012/05/28 07:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intuit
[2012/05/28 07:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SQL Anywhere 11
[2012/05/28 07:49:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Intuit
[2012/05/28 07:47:51 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012/05/28 07:47:51 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012/05/28 07:47:51 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2012/05/28 07:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/05/28 07:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/05/28 07:43:54 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\CutePDF Writer
[2012/05/28 07:43:05 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2012/05/28 07:41:29 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Diagnostics
[2012/05/28 07:40:24 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\ElevatedDiagnostics
[2012/05/28 07:39:19 | 000,000,000 | ---D | C] -- C:\windows\Intuit
[2012/05/28 07:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/05/28 07:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/05/28 04:12:27 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012/05/28 04:12:27 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012/05/28 04:12:27 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012/05/28 04:12:27 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012/05/28 04:12:27 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012/05/28 04:12:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012/05/28 04:02:37 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/05/28 03:57:49 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/05/28 03:57:49 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/05/28 03:57:49 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/05/28 03:57:49 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/05/28 03:49:40 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2012/05/28 03:48:36 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2012/05/28 03:48:36 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2012/05/28 03:47:28 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012/05/28 03:47:28 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012/05/28 03:24:38 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2012/05/28 03:24:35 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2012/05/28 03:24:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2012/05/28 03:24:15 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012/05/28 03:24:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012/05/28 03:24:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012/05/28 00:48:37 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\WinPatrol
[2012/05/28 00:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2012/05/28 00:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/05/28 00:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2012/05/28 00:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2012/05/28 00:29:05 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\SUPERAntiSpyware.com
[2012/05/28 00:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/05/28 00:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/05/28 00:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/05/27 23:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/05/27 23:05:41 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Publisher Files
[2012/05/27 22:29:19 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/05/27 22:29:19 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/27 22:13:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Mozilla_Bkup
[2012/05/27 22:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cosmi
[2012/05/27 22:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cosmi
[2012/05/27 22:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/05/27 22:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
[2012/05/27 22:01:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acro Software
[2012/05/27 22:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPLGS
[2012/05/27 21:52:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2012/05/27 21:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2012/05/27 21:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Carbonite
[2012/05/27 21:42:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carbonite
[2012/05/27 21:41:36 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\1_addl_underProgramFiles
[2012/05/27 10:24:23 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\AC
[2012/05/27 10:24:05 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\1_ProgramFiles
[2012/05/27 10:24:01 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\WORSHIP SONGS
[2012/05/27 10:24:01 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Words of God
[2012/05/27 10:22:58 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\winzip_source
[2012/05/27 10:22:58 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Website
[2012/05/27 10:22:54 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Web Easy
[2012/05/27 10:22:53 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\VCheck
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Tools
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Signs
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Secretary Notes
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Scriptures
[2012/05/27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\SAT Info
[2012/05/27 10:22:48 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\ROLWC
[2012/05/27 10:22:47 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\ROLCA
[2012/05/27 10:22:47 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\ROL Web
[2012/05/27 10:22:47 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\RICOH
[2012/05/27 10:22:46 | 000,000,000 | R--D | C] -- C:\Users\rol\Documents\MYROL_Videos
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\RickyLeonard
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\RegistryBkupIssues
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Ramsey
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\QB_bkup
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Prayer
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Phyllis
[2012/05/27 10:22:46 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\MyROLFavorites
[2012/05/27 10:22:42 | 000,000,000 | R--D | C] -- C:\Users\rol\Documents\MYROL_Pictures
[2012/05/27 10:22:21 | 000,000,000 | R--D | C] -- C:\Users\rol\Documents\MYROL_Music
[2012/05/27 10:22:12 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\MyROL Webs
[2012/05/27 10:22:12 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Music
[2012/05/27 10:22:11 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Miscellaneous pictures
[2012/05/27 10:22:11 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Minutes
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Microsoft
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Member
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Lotus123r4
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Logitech9791
[2012/05/27 10:22:10 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Letterheads
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Legal
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Labels
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Inventory
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\FTP
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Forms
[2012/05/27 10:22:09 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Financial
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Downloads
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Dawson
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Construction
[2012/05/27 10:21:44 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Carbonite
[2012/05/27 10:21:43 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Brochures
[2012/05/27 10:21:41 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\AveryWizard
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Avast
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Audio CD (D)
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Articles
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Announcements
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Alecia
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Advertisements
[2012/05/27 10:21:40 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Adobe Reader
[2012/05/27 09:51:01 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Thunderbird
[2012/05/27 09:51:01 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Thunderbird
[2012/05/27 09:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012/05/27 09:46:25 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Mozilla
[2012/05/27 09:46:25 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Mozilla
[2012/05/27 09:46:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/05/27 09:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/27 09:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/05/27 09:39:17 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\URTTEMP
[2012/05/27 09:32:55 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\AVG2012
[2012/05/27 09:32:15 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\AVG Secure Search
[2012/05/27 09:31:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/05/27 09:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/05/27 09:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/05/27 09:31:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/27 09:31:27 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\drivers\AVG
[2012/05/27 09:31:16 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/05/27 09:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/05/27 09:31:16 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\AVG
[2012/05/27 09:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/05/27 09:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/05/27 09:22:13 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Macromedia
[2012/05/27 09:21:19 | 000,000,000 | ---D | C] -- C:\Users\rol\Documents\Alecia_2012
[2012/05/27 09:17:22 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Adobe
[2012/05/27 09:17:18 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Google
[2012/05/27 09:17:18 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Google
[2012/05/27 09:11:12 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Lenovo
[2012/05/27 09:11:05 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Power2Go
[2012/05/27 09:10:39 | 000,000,000 | R--D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/27 09:10:39 | 000,000,000 | R--D | C] -- C:\Users\rol\Searches
[2012/05/27 09:10:39 | 000,000,000 | R--D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/27 09:10:38 | 000,000,000 | -H-D | C] -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/27 09:10:26 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Identities
[2012/05/27 09:10:25 | 000,000,000 | R--D | C] -- C:\Users\rol\Contacts
[2012/05/27 09:10:22 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\VirtualStore
[2012/05/27 09:10:10 | 000,000,000 | --SD | C] -- C:\Users\rol\AppData\Roaming\Microsoft
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Videos
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Saved Games
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Pictures
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Music
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Links
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Favorites
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Downloads
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Documents
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\Desktop
[2012/05/27 09:10:10 | 000,000,000 | R--D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\AppData\Local\Temporary Internet Files
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Templates
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Start Menu
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\SendTo
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Recent
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\PrintHood
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\NetHood
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Documents\My Videos
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Documents\My Pictures
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Documents\My Music
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\My Documents
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Local Settings
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\AppData\Local\History
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Cookies
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\Application Data
[2012/05/27 09:10:10 | 000,000,000 | -HSD | C] -- C:\Users\rol\AppData\Local\Application Data
[2012/05/27 09:10:10 | 000,000,000 | -H-D | C] -- C:\Users\rol\AppData
[2012/05/27 09:10:10 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Temp
[2012/05/27 09:10:10 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Local\Microsoft
[2012/05/27 09:10:10 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Media Center Programs
[2012/05/27 09:10:10 | 000,000,000 | ---D | C] -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2012/01/13 15:17:29 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe
[3 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/17 09:49:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/17 09:43:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/17 09:43:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/17 09:12:37 | 100,539,838 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2012/06/15 18:34:21 | 000,126,920 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
[2012/06/15 16:03:53 | 000,020,688 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 16:03:53 | 000,020,688 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 15:55:55 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/15 15:55:51 | 3101,986,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/15 15:55:12 | 000,000,017 | ---- | M] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012/06/15 13:46:17 | 000,793,008 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/06/15 13:46:17 | 000,669,288 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/06/15 13:46:17 | 000,125,216 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/06/15 08:59:22 | 000,357,672 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/06/12 10:25:46 | 002,064,793 | ---- | M] () -- C:\Users\rol\Documents\Jim and Paula Bender.mp3
[2012/06/11 09:43:04 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/10 17:41:46 | 000,000,091 | ---- | M] () -- C:\Users\rol\AppData\Local\fusioncache.dat
[2012/06/10 17:35:35 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/05/29 17:59:01 | 000,001,116 | ---- | M] () -- C:\Users\rol\Desktop\Documents - Shortcut.lnk
[2012/05/28 18:12:45 | 000,002,461 | ---- | M] () -- C:\Users\rol\Desktop\Microsoft Word 2010.lnk
[2012/05/28 18:12:39 | 000,002,463 | ---- | M] () -- C:\Users\rol\Desktop\Microsoft Excel 2010.lnk
[2012/05/28 17:34:15 | 000,001,158 | ---- | M] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyWorship 2009.lnk
[2012/05/28 17:34:15 | 000,001,134 | ---- | M] () -- C:\Users\rol\Desktop\EasyWorship 2009.lnk
[2012/05/28 16:55:15 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\Web Easy Professional 8.lnk
[2012/05/28 16:32:56 | 000,001,179 | ---- | M] () -- C:\Users\rol\Desktop\Admin V5.lnk
[2012/05/28 16:32:43 | 000,001,178 | ---- | M] () -- C:\Users\rol\Desktop\Member V5.lnk
[2012/05/28 16:32:30 | 000,001,187 | ---- | M] () -- C:\Users\rol\Desktop\Contrib V5.lnk
[2012/05/28 15:41:14 | 000,001,525 | ---- | M] () -- C:\windows\SKCMSUSR.INI
[2012/05/28 09:19:39 | 000,001,059 | ---- | M] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Startup.lnk
[2012/05/28 09:05:27 | 000,000,600 | ---- | M] () -- C:\Users\rol\AppData\Roaming\winscp.rnd
[2012/05/28 09:04:36 | 000,001,849 | ---- | M] () -- C:\Users\rol\Desktop\WinSCP.lnk
[2012/05/28 08:42:28 | 000,000,090 | ---- | M] () -- C:\windows\QBChanUtil_Trigger.ini
[2012/05/28 08:05:59 | 000,786,388 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/05/28 07:54:19 | 000,002,434 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/05/28 07:54:19 | 000,002,111 | ---- | M] () -- C:\Users\Public\Desktop\QuickBooks Pro 2012.lnk
[2012/05/28 07:54:19 | 000,002,030 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
[2012/05/28 07:54:18 | 000,002,221 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
[2012/05/28 07:29:52 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/28 00:28:44 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/27 22:29:19 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/05/27 22:29:19 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/27 22:10:41 | 000,002,771 | ---- | M] () -- C:\Users\Public\Desktop\Stationery and Brochure Maker.lnk
[2012/05/27 22:10:41 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\Visit Cosmi Online.lnk
[2012/05/27 21:52:42 | 000,002,132 | ---- | M] () -- C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
[2012/05/27 13:57:34 | 000,518,472 | ---- | M] () -- C:\SKBACKUP.ZIP
[2012/05/27 12:09:51 | 000,108,227 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2012/05/27 12:09:51 | 000,108,227 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2012/05/27 09:50:57 | 000,002,110 | ---- | M] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/05/27 09:50:57 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012/05/27 09:46:19 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/05/27 09:31:27 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2012/05/27 09:31:27 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/05/27 09:17:11 | 000,001,437 | ---- | M] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/27 09:11:08 | 000,002,131 | ---- | M] () -- C:\Users\rol\Desktop\Lenovo Rescue System.lnk
[2012/05/27 09:11:08 | 000,002,004 | ---- | M] () -- C:\Users\rol\Desktop\Lenovo Power2Go.lnk
[3 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/17 09:12:37 | 100,539,838 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2012/06/15 18:34:21 | 000,126,920 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
[2012/06/15 15:55:12 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012/06/13 16:31:57 | 002,064,793 | ---- | C] () -- C:\Users\rol\Documents\Jim and Paula Bender.mp3
[2012/06/10 17:41:46 | 000,000,091 | ---- | C] () -- C:\Users\rol\AppData\Local\fusioncache.dat
[2012/06/10 17:35:35 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/06/10 17:35:35 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/05/29 17:59:01 | 000,001,116 | ---- | C] () -- C:\Users\rol\Desktop\Documents - Shortcut.lnk
[2012/05/28 18:12:45 | 000,002,461 | ---- | C] () -- C:\Users\rol\Desktop\Microsoft Word 2010.lnk
[2012/05/28 18:12:39 | 000,002,463 | ---- | C] () -- C:\Users\rol\Desktop\Microsoft Excel 2010.lnk
[2012/05/28 17:34:19 | 000,210,032 | ---- | C] () -- C:\windows\SysWow64\DBCLIENT.DLL
[2012/05/28 17:34:19 | 000,183,808 | ---- | C] () -- C:\windows\SysWow64\BDEADMIN.CPL
[2012/05/28 17:34:15 | 000,001,158 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyWorship 2009.lnk
[2012/05/28 17:34:15 | 000,001,134 | ---- | C] () -- C:\Users\rol\Desktop\EasyWorship 2009.lnk
[2012/05/28 16:55:15 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\Web Easy Professional 8.lnk
[2012/05/28 16:32:56 | 000,001,179 | ---- | C] () -- C:\Users\rol\Desktop\Admin V5.lnk
[2012/05/28 16:32:43 | 000,001,178 | ---- | C] () -- C:\Users\rol\Desktop\Member V5.lnk
[2012/05/28 16:32:30 | 000,001,187 | ---- | C] () -- C:\Users\rol\Desktop\Contrib V5.lnk
[2012/05/28 15:41:14 | 000,001,525 | ---- | C] () -- C:\windows\SKCMSUSR.INI
[2012/05/28 09:19:39 | 000,001,059 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Startup.lnk
[2012/05/28 09:04:36 | 000,001,849 | ---- | C] () -- C:\Users\rol\Desktop\WinSCP.lnk
[2012/05/28 09:04:36 | 000,000,600 | ---- | C] () -- C:\Users\rol\AppData\Roaming\winscp.rnd
[2012/05/28 07:54:19 | 000,002,434 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/05/28 07:54:19 | 000,002,111 | ---- | C] () -- C:\Users\Public\Desktop\QuickBooks Pro 2012.lnk
[2012/05/28 07:54:19 | 000,002,030 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
[2012/05/28 07:54:18 | 000,002,221 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
[2012/05/28 07:49:56 | 000,000,090 | ---- | C] () -- C:\windows\QBChanUtil_Trigger.ini
[2012/05/28 07:29:52 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/28 07:29:52 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/28 00:28:44 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/27 22:29:23 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/05/27 22:10:41 | 000,002,771 | ---- | C] () -- C:\Users\Public\Desktop\Stationery and Brochure Maker.lnk
[2012/05/27 22:10:41 | 000,002,083 | ---- | C] () -- C:\Users\Public\Desktop\Visit Cosmi Online.lnk
[2012/05/27 22:01:02 | 000,086,608 | ---- | C] () -- C:\windows\SysNative\cpwmon64.dll
[2012/05/27 21:52:42 | 000,002,132 | ---- | C] () -- C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
[2012/05/27 13:57:33 | 000,518,472 | ---- | C] () -- C:\SKBACKUP.ZIP
[2012/05/27 10:24:05 | 018,015,723 | ---- | C] () -- C:\Users\rol\Documents\vlc-1.0.1-win32.exe
[2012/05/27 10:24:04 | 002,949,607 | ---- | C] () -- C:\Users\rol\Documents\Tray Yarborough 4-22-12.mp3
[2012/05/27 10:24:04 | 000,216,556 | ---- | C] () -- C:\Users\rol\Documents\Sample Ballot for Rep. Primary (N.H. Cty).pdf
[2012/05/27 10:24:03 | 004,967,114 | ---- | C] () -- C:\Users\rol\Documents\Paula Bender.mp3
[2012/05/27 10:24:03 | 003,006,842 | ---- | C] () -- C:\Users\rol\Documents\Erin Yarborough 4-22-12.mp3
[2012/05/27 10:24:03 | 001,804,792 | ---- | C] () -- C:\Users\rol\Documents\Erin Yarborough II.mp3
[2012/05/27 10:24:03 | 000,001,519 | ---- | C] () -- C:\Users\rol\Documents\AvRack.lnk
[2012/05/27 09:50:57 | 000,002,110 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/05/27 09:50:57 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012/05/27 09:50:57 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012/05/27 09:46:19 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/05/27 09:46:19 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/05/27 09:39:44 | 000,786,388 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/05/27 09:32:11 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/27 09:31:27 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2012/05/27 09:31:27 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/05/27 09:17:11 | 000,001,437 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/27 09:10:55 | 000,001,409 | ---- | C] () -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/05/27 09:10:44 | 000,001,443 | ---- | C] () -- C:\Users\rol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/27 09:10:10 | 000,002,239 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/27 09:10:10 | 000,002,131 | ---- | C] () -- C:\Users\rol\Desktop\Lenovo Rescue System.lnk
[2012/05/27 09:10:10 | 000,002,004 | ---- | C] () -- C:\Users\rol\Desktop\Lenovo Power2Go.lnk
[2012/05/27 09:10:10 | 000,000,290 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/27 09:10:10 | 000,000,272 | ---- | C] () -- C:\Users\rol\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/13 14:46:49 | 000,139,264 | ---- | C] () -- C:\windows\SysWow64\ustor.dll
[2012/01/13 14:46:49 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\UMonit.exe
[2012/01/13 14:46:47 | 000,172,097 | ---- | C] () -- C:\windows\SysWow64\NoMSGuninstall.exe
[2012/01/13 14:46:47 | 000,001,591 | ---- | C] () -- C:\windows\SysWow64\_IconCfg0.ini
[2012/01/13 14:46:47 | 000,000,840 | ---- | C] () -- C:\windows\SysWow64\ProductName.ini
[2012/01/13 14:46:47 | 000,000,187 | ---- | C] () -- C:\windows\SysWow64\IconCfg0.ini
[2012/01/13 14:44:16 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2012/01/13 14:38:28 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2012/01/13 14:38:28 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2011/02/12 15:35:47 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2010/11/19 06:22:36 | 000,960,940 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2010/11/19 06:22:33 | 000,206,952 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2010/11/19 06:22:29 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin

========== LOP Check ==========

[2012/05/28 16:56:34 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\Avanquest
[2012/05/27 09:32:55 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\AVG2012
[2012/05/28 09:19:39 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\GlarySoft
[2012/05/28 09:04:35 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\OpenCandy
[2012/06/15 15:54:52 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\SoftGrid Client
[2012/05/28 17:33:35 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\Softouch
[2012/05/27 09:51:01 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\Thunderbird
[2012/05/28 18:08:58 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\TP
[2012/05/28 00:48:37 | 000,000,000 | ---D | M] -- C:\Users\rol\AppData\Roaming\WinPatrol
[2012/05/28 00:17:15 | 000,015,130 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

#14 wolfpackfans

wolfpackfans
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Location:Wilmington, NC
  • Local time:03:24 AM

Posted 17 June 2012 - 10:17 AM

OTL Extras logfile created on: 6/17/2012 10:32:02 AM - Run 2
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\rol\Desktop\AleciaTools
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.85 Gb Total Physical Memory | 2.13 Gb Available Physical Memory | 55.34% Memory free
7.70 Gb Paging File | 5.29 Gb Available in Paging File | 68.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.59 Gb Total Space | 400.73 Gb Free Space | 90.95% Space Free | Partition Type: NTFS

Computer Name: ROL-PC | User Name: rol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf[@ = inffile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2065817969-3797722794-958755500-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045EF6B4-C55D-45ED-940C-4ACC5F896C95}" = lport=10243 | protocol=6 | dir=in | app=system |
"{116220A0-8F36-41B8-A66C-902CD8A53390}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{14183163-A0A7-4BB6-ADEB-019EF5A6BC4E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{144C0B0D-13AC-4A70-84DF-021997585ED5}" = lport=138 | protocol=17 | dir=in | app=system |
"{2172A0E2-DDF6-49FD-83B5-73F11B5F9FDF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2DD51FAD-7971-4845-9566-319BCB366177}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44EC8105-7E96-430D-9D6B-6B24F01361D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{59332A62-CE34-4176-BBCA-CAB7CB5EFA2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{61FC7B30-5F11-47C5-B91C-8C423E9A34D2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{696F536E-91D8-4D3F-8101-AA610A89D219}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{722CCC82-CB05-4A6C-A418-9F4922CC5150}" = lport=139 | protocol=6 | dir=in | app=system |
"{821F8519-8624-4D64-9E6D-BBAB15B08C22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9CEC4B6B-7605-4D7E-B606-FB6895F3B4D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9F235E13-1FCF-4279-8A6D-1D4EC0B9CF5A}" = lport=445 | protocol=6 | dir=in | app=system |
"{A0375654-6990-449E-A390-B9F6CEB0F16F}" = rport=139 | protocol=6 | dir=out | app=system |
"{A7CB1255-4852-4184-A720-594CE93E4F8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A814BA97-CDF0-4CBC-8B70-E6CA97B052D0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE9DB5B9-2C6B-4AF0-89A8-28BB15F8712F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BC95A789-33E2-44E1-B366-3F58C449C12D}" = rport=138 | protocol=17 | dir=out | app=system |
"{C626828B-5B35-4C76-8021-70177E87F279}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CDC860DB-8B3D-4336-B5C7-9214C43DEBFD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DA6FE7DC-9ED3-4E28-82E5-1574FC79F123}" = rport=137 | protocol=17 | dir=out | app=system |
"{DB156E24-5B36-43CD-B47F-D3C7F4DEC822}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB04834F-96E5-4CB6-A11A-F5F0BE41008A}" = rport=445 | protocol=6 | dir=out | app=system |
"{F6D900CD-7CCA-4329-8227-308FF041B1BB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02CD43C3-4788-4644-8FC8-5EB492D2E475}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{05AA3EEF-852F-4FF4-84F1-F8568CB4768B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{099C29F6-075D-449C-87B0-1273FA403B64}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{13BC58B2-DD3E-4A0D-BF23-663A7AABE4DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2384946A-D45E-4AE7-941F-79B8AEB85D4B}" = protocol=58 | dir=in | app=system |
"{2A304DEF-F6D0-41BC-8C64-E2C247E678EB}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{2D3A89D1-52D9-4683-93FB-E594F148D20F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{3007B8F1-5AAE-449B-BD47-AA855FB3A771}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3232CF2E-D3A1-49F5-BFD4-F5E13E32B152}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{341B7079-FA4C-4227-B5B9-4CCED00F3D95}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{4C129682-0856-4647-B6B8-F71CCFCB175C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F75236A-5755-4B5B-8BB3-B3C9C69B6B93}" = protocol=6 | dir=out | app=system |
"{4F767100-8DE7-4A72-91F6-B1464C5BA4D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6113D850-D52E-4DD3-B85D-67CAC839568B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{64C6644C-3B00-455A-923D-F3908A27A8B1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8A95D672-79A8-486F-A348-B87FA03C5839}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{922FB719-3192-4A2D-8892-E66D801A389A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9A97753A-F14E-41F6-B6B4-850710BA4534}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9DEAB619-2559-4964-B9CE-830DBC016824}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{A1E82055-13EF-4E40-85E1-24BBEB45C7C9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AE5C1A2A-27F7-4A2A-9929-B9F820E3AC84}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B071ECEA-BFC9-480D-8039-F66320419D20}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B6215572-DA87-493E-9294-A35E4B2D1CAA}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{BCB2656E-AF6A-4E6A-9033-9E3F78AFD15A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD8668E4-92E8-4DD8-82E4-A2A7E606A14D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C3776F5B-CE1B-4E00-AC57-D942BDEFC7C1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C8B1A639-B9AB-4443-945E-9C0529546853}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D2F5FF6C-5473-432D-850A-1398F767B6E9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{DA7472B6-A3DE-471D-BA37-EF96EEACD8F1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{DE619BCA-BC6C-4459-AA07-1353A9F5D116}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DE8004E3-E154-425B-85AC-2594CF50EDED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E901ECD9-A233-4093-80D6-BEE9C6D699B9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E937E99B-6C0F-410F-838B-566B7C5520FF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9B18E31-E371-4DEB-9BC3-E2C04077F7B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EB1F7A6B-A9F8-4032-8EA1-C726883F4BCC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{F99EF93E-1500-432A-9582-434BC099B62E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB1DFD94-0D1E-4C97-AEC5-F1CC702B8DBC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{FC7B11DE-D23F-4E94-A039-7887399356A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{302A1E2E-DD58-4673-BC99-9CC10EC2637A}" = WinPatrol
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo Rescue System
"{49A4F76E-4285-4AEE-9D5D-9CCE5E86AA8F}" = AVG 2012
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BFF4A9FB-75F3-4162-84CD-16CE48C19173}" = AVG 2012
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PROSet" = Intel® Network Connections Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}" = QuickBooks Pro 2012
"{25E202D1-D8E7-46AF-B4B0-157D9993A93E}" = QuickBooks
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35DC9F1E-5E88-4E69-A49A-9F4C2B33DDF3}" = Web Easy Professional
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Lenovo Power2Go
"{45970CD1-D599-47D4-938F-3E9800D54ED1}" = Lenovo Driver and Application Installation
"{46E21083-D598-4217-99B0-2ED3E4152759}" = CyberPower PowerPanel Personal Edition 1.2.3
"{5183D7AB-D09B-411F-A74E-BBAEA61C6505}" = Lenovo Eye Distance System
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = Genesys USB Mass Storage Device
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A6806D86-BFF3-49CD-8E2B-87BB3507E53F}" = Web Easy Professional 8
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92509EA-B526-4869-B8B3-A39E20DBBE7A}_is1" = EasyWorship 2009
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B266E062-D6C5-485B-B426-51B152B041A6}" = Lenovo Blacksilk USB Keyboard Driver
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3063097-EC84-4D21-84A4-9D852E974355}" = LVT
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9ED6D06-6002-495E-A7BC-46E6AE386996}" = Lenovo Dynamic Brightness System
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8FD83C8-7ECA-4362-A4C9-E0F19849574B}" = Stationery and Brochure Maker
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Carbonite Backup" = Carbonite
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Lenovo Power2Go
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo Rescue System
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 13.0 (x86 en-US)" = Mozilla Firefox 13.0 (x86 en-US)
"Mozilla Thunderbird 13.0 (x86 en-US)" = Mozilla Thunderbird 13.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Quick Startup_is1" = Quick Startup 2.9.0.823
"TeamViewer 7" = TeamViewer 7
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.7

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/10/2012 5:20:50 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": Connection
Error:Invalid user ID or passwo

Error - 6/10/2012 5:20:50 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": Connection
String:CON=QBConnectionPool-Probe-QB_data_engine_22; ;DBF=C:\Documents and Settings\All
Users\Documents\Intuit\QuickBooks\Company Files\New Jerusalem Ministries, Inc..QBW;ENG=QB_data_engine_22;DBN=18a876e673ae4c77b7d9d5e5f55b73

Error - 6/10/2012 5:20:50 PM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": DBConnPool::HandleConnectionError
errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from
function:'DBMgr::DBConnPool::ini

Error - 6/10/2012 5:21:11 PM | Computer Name = rol-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/10/2012 5:39:25 PM | Computer Name = rol-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 6/10/2012 5:39:30 PM | Computer Name = rol-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 6/10/2012 5:39:57 PM | Computer Name = rol-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 6/11/2012 9:01:12 AM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": Connection
Error:Invalid user ID or passwo

Error - 6/11/2012 9:01:12 AM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": Connection
String:CON=QBConnectionPool-Probe-QB_data_engine_22; ;DBF=C:\Documents and Settings\All
Users\Documents\Intuit\QuickBooks\Company Files\New Jerusalem Ministries, Inc..QBW;ENG=QB_data_engine_22;DBN=d8ce4f19b55c4ccfaa3571a984e508

Error - 6/11/2012 9:01:12 AM | Computer Name = rol-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": DBConnPool::HandleConnectionError
errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from
function:'DBMgr::DBConnPool::ini

[ System Events ]
Error - 6/10/2012 5:17:25 PM | Computer Name = rol-PC | Source = Microsoft-Windows-Directory-Services-SAM | ID = 12291
Description = SAM failed to start the TCP/IP or SPX/IPX listening thread

Error - 6/10/2012 5:17:25 PM | Computer Name = rol-PC | Source = Service Control Manager | ID = 7000
Description = The Plug and Play service failed to start due to the following error:
%%3

Error - 6/10/2012 5:17:25 PM | Computer Name = rol-PC | Source = Service Control Manager | ID = 7000
Description = The Power service failed to start due to the following error: %%3

Error - 6/12/2012 10:10:21 AM | Computer Name = rol-PC | Source = DCOM | ID = 10010
Description =

Error - 6/12/2012 11:05:43 AM | Computer Name = rol-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 6/12/2012 11:05:46 AM | Computer Name = rol-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 6/12/2012 11:05:46 AM | Computer Name = rol-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 6/12/2012 11:05:47 AM | Computer Name = rol-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 6/12/2012 11:05:47 AM | Computer Name = rol-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 6/12/2012 8:56:13 PM | Computer Name = rol-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:52:45 PM on ?6/?12/?2012 was unexpected.


< End of report >

#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:24 AM

Posted 17 June 2012 - 06:38 PM

I suspect you have a Lenovo machine and this is the keyboard driver which is showing the error.

Did the error message stop when you killed the process in msconfig?
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users