Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Would like to uninstall Combofix due to us3 usb compatibility issues


  • This topic is locked This topic is locked
6 replies to this topic

#1 rlimas

rlimas

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Waterford, MI
  • Local time:10:02 PM

Posted 27 April 2014 - 10:58 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 1.6.0_37
Run by Rodolfo Limas at 23:47:18 on 2014-04-27
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4087.2660 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\MediaMall\MediaMallServer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
C:\Program Files (x86)\MediaMall\PlayOn.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Polar\Daemon\polard.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\ProgramData\TVersity\Media Server\MediaServer.exe
D:\Rodolfo Limas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
C:\Program Files (x86)\JetToolBar\JetTB.exe
C:\Program Files (x86)\Polar\WebSync\WebSync.exe
C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\Rodolfo Limas\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\RCrawler\rcrawler.exe
C:\Program Files (x86)\Nova Development\Print Artist Platinum 24\ReminderApp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\ProgramData\TVersity\Media Server\berkelium.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
D:\Rodolfo Limas\AppData\Local\Autobahn\nexdef.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\UGS\UGSLicensing\ugslmd.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = 192.168.*.*;127.0.0.1:9421;*.local
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
uRun: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [HLBackupScheduler] C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
uRun: [PlayOn] C:\Program Files (x86)\MediaMall\PlayOn.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Spotify Web Helper] "D:\Rodolfo Limas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
mRun: [Registry Crawler] C:\PROGRA~2\RCrawler\RCrawler.exe -TRAYONLY
mRun: [ReminderApp_EEAC3053-7055-4143-B8A0-306758055099] C:\Program Files (x86)\Nova Development\Print Artist Platinum 24\ReminderApp.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
StartupFolder: D:\RODOLF~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - D:\Rodolfo Limas\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: D:\RODOLF~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NEXDEF~1.LNK - D:\Rodolfo Limas\AppData\Local\Autobahn\nexdef.exe
StartupFolder: D:\RODOLF~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\JETTOO~1.LNK - C:\Program Files (x86)\JetToolBar\JetTB.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\POLARW~1.LNK - C:\Program Files (x86)\Polar\WebSync\WebSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:95
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: %SystemRoot%\system32\vsocklib.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E734BF43-7194-4E3A-832F-307606DDF665} - hxxps://cs.conferenceservers.com/components/WDPLUGIN.CAB
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{71C9525A-53EA-43D8-B22C-FF716E91915C} : DHCPNameServer = 192.168.1.254
AppInit_DLLs= acaptuser32.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 analytics.microsoft.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 metrics.mcafee.com
Hosts: 127.0.0.1  om.symantec.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - D:\Rodolfo Limas\AppData\Roaming\Mozilla\Firefox\Profiles\vjdx6tmj.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: D:\Rodolfo Limas\AppData\Roaming\Mozilla\plugins\npicaN.dll
.
---- FIREFOX POLICIES ----
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-27 55856]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-26 203776]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 MediaMall Server;MediaMall Server;C:\Program Files (x86)\MediaMall\MediaMallServer.exe [2012-10-29 4038448]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 133928]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-5-8 167424]
R2 Polar Daemon;Polar Daemon;C:\Program Files (x86)\Polar\Daemon\polard.exe [2012-12-12 419536]
R2 UGS License Server (ugslmd);UGS License Server (ugslmd);C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe [2009-7-7 1510152]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]
R2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-11-13 11839488]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-8-16 592120]
R3 busenum;Synology Virtual USB Hub;C:\Windows\System32\drivers\busenum.sys [2011-2-18 56160]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-26 215040]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-8-4 1342064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-12-23 1471352]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-9 111616]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2013-5-23 77592]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2013-5-23 13080]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-4-1 341856]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-4-1 4184672]
S3 MotDev;Motorola Inc. USB Device;C:\Windows\System32\drivers\motodrv.sys [2009-5-8 53632]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-26 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2011-3-28 16384]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-25 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2009-2-13 14464]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-04-27 16:39:53 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2014-04-27 13:38:34 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2014-04-27 13:37:50 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2014-04-27 13:36:25 112056 ----a-w- C:\Windows\SysWow64\acaptuser32.dll
2014-04-27 13:34:49 52568 ----a-r- C:\Windows\System32\AdobePDF.dll
2014-04-27 13:16:34 -------- d-----w- C:\Limas
2014-04-27 12:21:56 -------- d-----w- D:\Rodolfo Limas\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-04-27 06:09:01 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{58C60968-E12F-4C39-857A-F33472CC291A}\mpengine.dll
2014-04-26 18:53:42 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-25 03:26:31 -------- d-----w- D:\Rodolfo Limas\AppData\Roaming\25759
2014-04-21 00:22:48 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E53FF3FC-E49C-4168-874F-5FA2B6F55756}\gapaengine.dll
2014-04-18 14:59:06 856576 ----a-w- C:\Windows\System32\msvcp90.dll
2014-04-18 14:59:06 626688 ----a-w- C:\Windows\System32\msvcr90.dll
2014-04-18 14:59:05 5086712 ----a-w- C:\Windows\System32\mfc90.dll
2014-04-18 14:59:05 3008000 ----a-w- C:\Windows\System32\freeimage.dll
2014-04-18 14:59:05 194048 ----a-w- C:\Windows\System32\IEShims.dll
2014-04-18 14:59:04 3008000 ----a-w- C:\Windows\System32\FreeImage13.dll
2014-04-18 14:59:04 2716672 ----a-w- C:\Windows\System32\ArxInterface10_64.dll
2014-04-18 14:59:04 2693120 ----a-w- C:\Windows\System32\ArxInterface64.dll
2014-04-18 14:59:04 1101312 ----a-w- C:\Windows\System32\AxEImage64.dll
2014-04-18 14:59:04 1071104 ----a-w- C:\Windows\System32\AxEImage10_64.dll
2014-04-18 14:52:21 -------- d-----w- D:\Rodolfo Limas\AppData\Local\cache
2014-04-18 14:34:31 -------- d-----w- C:\ProgramData\FARO
2014-04-11 18:04:18 -------- d-sh--w- D:\Rodolfo Limas\AppData\Local\EmieUserList
2014-04-11 18:04:18 -------- d-sh--w- D:\Rodolfo Limas\AppData\Local\EmieSiteList
2014-04-10 03:27:04 359936 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2014-04-10 03:27:04 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2014-04-10 03:27:02 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-04-10 03:27:02 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-04-10 03:27:00 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-04-10 03:27:00 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-04-10 03:27:00 293072 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2014-04-10 03:27:00 235216 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2014-04-10 03:27:00 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-04-10 03:27:00 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-04-09 01:16:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-04-09 01:16:04 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-04-09 01:16:04 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-04-09 01:16:04 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-04-09 01:16:04 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-04-09 01:16:04 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-04-09 01:16:04 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-04-09 01:16:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-04-09 01:16:04 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
.
==================== Find3M  ====================
.
2014-03-19 19:27:44 76496 ----a-w- C:\Windows\System32\drivers\dc3d.sys
2014-03-19 19:23:16 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll
2014-03-19 19:23:16 828872 ----a-w- C:\Windows\System32\msvcr110.dll
2014-03-19 19:23:16 661448 ----a-w- C:\Windows\System32\msvcp110.dll
2014-03-19 19:23:16 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll
2014-03-19 19:23:16 354264 ----a-w- C:\Windows\System32\vccorlib110.dll
2014-03-19 19:23:16 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll
2014-03-19 19:23:14 50896 ----a-w- C:\Windows\System32\drivers\point64.sys
2014-03-14 09:51:54 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-14 09:51:54 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-11 13:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-03-06 09:32:16 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:32:07 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
.
============= FINISH: 23:48:13.00 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 02 May 2014 - 11:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/532503 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:10:02 PM

Posted 08 May 2014 - 04:55 PM

Hello rlimas,
 
Uninstalling ComboFix can be accomplished by doing the following:
 
Click Start > Run  and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall
 
==========
 
However, while we're at it perhaps we should double-check to see if everything is okay, please run the following scan:
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note
: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Best Regards,
oneof4.


#4 rlimas

rlimas
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Waterford, MI
  • Local time:10:02 PM

Posted 09 May 2014 - 08:10 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-05-2014 01
Ran by Rodolfo Limas (administrator) on THINKPAD_T60 on 09-05-2014 21:04:26
Running from C:\Documents and Settings\Rodolfo Limas\Local Settings\Temporary Internet Files\Content.IE5\KJKDNS6K
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Lenovo.) C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
() C:\Program Files\EMC IRM\Common\emcirminjservice.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
(Acresso Software Inc.) C:\Program Files\UGS\UGSLicensing\lmgrd.exe
() C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(Acresso Software Inc.) C:\Program Files\UGS\UGSLicensing\lmgrd.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\PWMEWSVC.exe
() C:\Program Files\UGS\UGSLicensing\ugslmd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
(Macrovision Corporation) C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
(Lenovo Group Ltd.) C:\PROGRA~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
(XemiComputers ltd.) C:\Program Files\Active Desktop Calendar\ADC.exe
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Akamai\netsession_win.exe
(EMC Corporation) C:\Program Files\EMC IRM\Common\autoofflineprocess.exe
(JetAudio, Inc.) C:\Program Files\JetToolBar\JetTB.exe
() C:\Program Files\Windows 7 Shortcuts 0.4\Windows 7 0.4.exe
(TechSmith Corporation) C:\Program Files\TechSmith\SnagIt 6\SnagIt32.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Akamai\netsession_win.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Lenovo Group Limited) C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.EXE
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Documents and Settings\Rodolfo Limas\Local Settings\Temporary Internet Files\Content.IE5\KJKDNS6K\FRST[1].exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [ISUSPM] => C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [TVT Scheduler Proxy] => C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424 2008-03-04] (Lenovo Group Limited)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [273544 2011-07-01] (RealNetworks, Inc.)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [124256 2010-01-18] (CANON INC.)
HKLM\...\Run: [TPFNF7] => C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [62312 2010-03-26] (Lenovo Group Limited)
HKLM\...\Run: [EZEJMNAP] => C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [256576 2009-12-01] (Lenovo Group Ltd.)
HKLM\...\Run: [PWRMGRTR] => C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL [3713832 2013-01-11] (Lenovo Group Limited)
HKLM\...\Run: [AwaySch] => C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-09-16] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [UIHost] C:\Windows\System32\logonui.exe [x ] ()
Winlogon\Notify\ACNotify: C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
Winlogon\Notify\AwayNotify: C:\Program Files\Lenovo\AwayTask\AwayNotify.dll (Lenovo Group Limited)
Winlogon\Notify\psfus: C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1540148898-94257419-1256813896-1005\...\Run: [Active Desktop Calendar] => C:\Program Files\Active Desktop Calendar\ADC.exe [1757184 2005-05-17] (XemiComputers ltd.)
HKU\S-1-5-21-1540148898-94257419-1256813896-1005\...\Run: [Windows Network Data Management System Service] => "ud32.exe" *
HKU\S-1-5-21-1540148898-94257419-1256813896-1005\...\Run: [RoboForm] => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [160592 2010-03-22] (Siber Systems)
HKU\S-1-5-21-1540148898-94257419-1256813896-1005\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1540148898-94257419-1256813896-1005\...\Run: [Google Update] => C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2012-09-18] (Google Inc.)
HKU\S-1-5-21-1540148898-94257419-1256813896-1005\...\Policies\Explorer: [NoDriveAutoRun] 0x3FFFFF03
HKU\S-1-5-21-1540148898-94257419-1256813896-1005\...\MountPoints2: {6a65b1a7-18d5-11de-9108-0018de1a3366} - H:\LaunchU3.exe -a
Lsa: [Notification Packages] scecli psqlpwd
Startup: C:\Documents and Settings\Rodolfo Limas\Start Menu\Programs\Startup\IRM Offline Refresh.lnk
ShortcutTarget: IRM Offline Refresh.lnk -> C:\Program Files\EMC IRM\Common\autoofflineprocess.exe (EMC Corporation)
Startup: C:\Documents and Settings\Rodolfo Limas\Start Menu\Programs\Startup\jetToolBar.lnk
ShortcutTarget: jetToolBar.lnk -> C:\Program Files\JetToolBar\JetTB.exe (JetAudio, Inc.)
Startup: C:\Documents and Settings\Rodolfo Limas\Start Menu\Programs\Startup\Shortcut to Windows 7 0.4.lnk
ShortcutTarget: Shortcut to Windows 7 0.4.lnk -> C:\Program Files\Windows 7 Shortcuts 0.4\Windows 7 0.4.exe ()
Startup: C:\Documents and Settings\Rodolfo Limas\Start Menu\Programs\Startup\SnagIt 6.lnk
ShortcutTarget: SnagIt 6.lnk -> C:\Program Files\TechSmith\SnagIt 6\SnagIt32.exe (TechSmith Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll (IE7Pro.com)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: No Name - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
Toolbar: HKLM - SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll ()
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - &RoboForm - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
Toolbar: HKCU - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll ()
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} http://10.101.1.5/PinPointPortal/Reserved.ReportViewerWebControl.axd?ReportSession=egidjtfqfm4r35jm5frkhxyy&ControlID=2d247d40d1bd4175a07aff23d53793c6&Culture=1033&UICulture=1033&ReportStack=1&OpType=PrintCab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1302045448703
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T28L10NSP12_CP1-16851/webex/ieatgpc.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://63.86.148.28/dana-cached/sc/JuniperSetupClient.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.652 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-07-13]
FF Extension: SYSTRAN Toolbar - C:\Program Files\Mozilla Firefox\extensions\{87653ca5-8650-40b7-9d14-8b0b225aded2} [2011-05-02]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-04-08]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-07-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKCU\...\Firefox\Extensions: [{FCF36B88-1BBA-487f-B64B-D2E8980A9293}] - C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension
FF Extension: No Name - C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension [2008-08-16]

Chrome:
=======
CHR HomePage:
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.131\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.190.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U19) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-09-18]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-09-18]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-01]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-07-01]

========================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [3075920 2012-07-30] (Emsisoft GmbH)
S2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [622700 2006-05-24] (Diskeeper Corporation)
R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [683696 2012-07-11] (Juniper Networks)
R2 EMC IRM Injection Service; C:\Program Files\EMC IRM\Common\emcirminjservice.exe [528384 2011-06-16] ()
S4 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [98304 2006-03-25] (Brio)
S3 HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company)
S3 HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company)
S3 Imapi Helper; C:\Program Files\ISO Recorder\ImapiHelper.exe [163840 2006-01-05] (Alex Feinman)
R2 IPSSVC; C:\WINDOWS\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-04-08] (Sun Microsystems, Inc.)
R2 Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [1645568 2013-01-11] ()
R2 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [1663272 2013-01-11] (Lenovo Group Limited)
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [1183744 2007-11-19] (Intel Corporation )
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2007-09-05] (SolidWorks)
R2 SUService; c:\program files\lenovo\system update\suservice.exe [28672 2013-07-10] (Lenovo Group Limited)
R2 TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited)
R2 UGS License Server (ugslmd); C:\Program Files\UGS\UGSLicensing\lmgrd.exe [1510152 2009-07-07] (Acresso Software Inc.)
S3 WMConnectCDS; C:\Program Files\Windows Media Connect 2\wmccds.exe [855552 2005-10-06] (Microsoft Corporation)
S3 PsaSrv; C:\WINDOWS\system32\PsaSrv.exe [X]

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [54072 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [17904 2011-05-19] (Emsi Software GmbH)
R0 a347bus; C:\WINDOWS\System32\DRIVERS\a347bus.sys [160640 2004-04-30] ( )
R0 a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [5248 2004-04-30] ( )
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R3 AEAudioService; C:\WINDOWS\System32\drivers\AEAudio.sys [93952 2006-08-07] (Andrea Electronics Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2008-08-16] (Cisco Systems, Inc.)
R1 ANC; C:\WINDOWS\System32\drivers\ANC.SYS [11520 2012-09-07] (IBM Corp.)
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-13] ()
R3 atmeltpm; C:\WINDOWS\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2006-02-02] (Sonic Solutions)
R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions)
R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2006-02-02] (Sonic Solutions)
R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86652 2006-02-02] (Sonic Solutions)
R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2006-02-02] (Sonic Solutions)
R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2006-02-02] (Sonic Solutions)
R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions)
R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [94332 2006-02-02] (Sonic Solutions)
R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87036 2006-02-02] (Sonic Solutions)
R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-11-18] (Sonic Solutions)
R3 dsNcAdpt; C:\WINDOWS\System32\DRIVERS\dsNcAdpt.sys [26624 2012-07-11] (Juniper Networks)
R2 EGATHDRV; C:\WINDOWS\SYSTEM32\EGATHDRV.SYS [5427 2008-08-15] (IBM Corporation)
R1 EmcIrmInjectionDriver; C:\Program Files\EMC IRM\Common\EmcIrmInject32.sys [40592 2011-06-16] ()
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [4224 2012-09-07] ()
S3 MotDev; C:\WINDOWS\System32\DRIVERS\motodrv.sys [40832 2006-12-14] (Motorola Inc)
S3 motport; C:\WINDOWS\System32\DRIVERS\motport.sys [20992 2006-12-13] (Motorola)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETw3x32; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-27] (Intel® Corporation)
R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2236544 2007-11-26] (Intel Corporation)
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2007-02-04] (Microsoft Corporation)
R2 PROCDD; C:\WINDOWS\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12288 2007-11-20] (Intel Corporation)
R2 Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [73728 2001-06-22] (Rainbow Technologies, Inc.)
R2 smihlp; C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [10896 2007-08-14] (UPEK Inc.)
S2 smihlp2; C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [10896 2007-08-14] (UPEK Inc.)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [31360 2013-04-24] (The OpenVPN Project)
R1 TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [13936 2013-01-11] (Lenovo Group Limited)
R1 TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [4608 2010-03-26] ()
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [104576 2006-04-10] (Microsoft Corporation)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwhid; system32\DRIVERS\btwhid.sys [X]
S3 btwmodem; system32\DRIVERS\btwmodem.sys [X]
S3 BTWUSB; System32\Drivers\btwusb.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\DOCUME~1\RODOLF~1\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [X]
S3 HSXHWAZL; system32\DRIVERS\hsxhwazl.sys [X]
S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-13] (Microsoft Corporation)
S3 TVTPktFilter; system32\DRIVERS\tvtpktfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-09 21:04 - 2014-05-09 21:04 - 00000000 ____D () C:\FRST
2014-05-09 14:25 - 2014-05-09 14:25 - 00000346 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\fix_to_verify_if_on_old_HAD_inf.reg
2014-05-04 13:19 - 2014-05-04 14:37 - 00000275 _____ () C:\WINDOWS\wiadebug.log
2014-05-04 13:19 - 2014-05-04 13:19 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-05-04 13:18 - 2014-05-04 13:18 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-05-04 13:18 - 2014-05-04 13:18 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
2014-05-04 13:18 - 2014-05-04 13:18 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-05-04 11:26 - 2014-05-04 11:26 - 00171071 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\Current Event Topic2_EBrown.pptx
2014-05-04 10:08 - 2014-05-04 10:08 - 00242176 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\CET_Dutton.ppt
2014-05-04 09:14 - 2014-05-09 20:57 - 00010749 _____ () C:\WINDOWS\setupapi.log
2014-05-04 09:05 - 2014-05-04 09:05 - 00313856 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\James Davis - Module 7 CET.ppt
2014-05-04 09:00 - 2014-05-04 09:00 - 00007825 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00006467 _____ () C:\WINDOWS\iis6.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00006183 _____ () C:\WINDOWS\FaxSetup.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00002956 _____ () C:\WINDOWS\ocgen.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00002821 _____ () C:\WINDOWS\tsoc.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00002027 _____ () C:\WINDOWS\comsetup.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00001820 _____ () C:\WINDOWS\msmqinst.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00001230 _____ () C:\WINDOWS\ntdtcsetup.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00001083 _____ () C:\WINDOWS\netfxocm.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000495 _____ () C:\WINDOWS\updspapi.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000342 _____ () C:\WINDOWS\ocmsn.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000311 _____ () C:\WINDOWS\tabletoc.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000309 _____ () C:\WINDOWS\msgsocm.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-04-21 21:40 - 2014-04-21 21:40 - 00010157 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\SAP_vs_Oracle.xlsx
2014-04-21 14:50 - 2014-04-21 14:51 - 00000000 ____D () C:\Documents and Settings\Rodolfo Limas\Desktop\New Folder
2014-04-19 14:37 - 2014-04-19 14:37 - 00342016 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\CET_JosephJasinski_Future Election Economic Considerations.ppt
2014-04-19 07:35 - 2014-04-19 07:35 - 00059277 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\Current Event Topic - Maria Kelley 2.pptx
2014-04-14 18:31 - 2014-04-14 22:58 - 00661113 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\ERP Systems_.pptx
2014-04-13 08:30 - 2014-04-13 10:14 - 00071451 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\ERP Systems.pptx
2014-04-13 08:03 - 2014-04-13 08:03 - 00132608 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\ERP-Comparison2013.xls
2014-04-12 12:48 - 2014-04-12 12:48 - 00085833 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\CET-final.pptx
2014-04-12 11:06 - 2014-04-12 11:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-12 08:25 - 2014-04-12 08:25 - 00064771 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\CET Module 4 - Kimberly Kendrick.pptx
2014-04-12 08:13 - 2014-04-12 08:13 - 00106317 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\Current Event Topic Rodolfo Limas.pptx

==================== One Month Modified Files and Folders =======

2014-05-09 21:04 - 2014-05-09 21:04 - 00000000 ____D () C:\FRST
2014-05-09 20:58 - 2006-04-30 03:11 - 01824136 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-09 20:57 - 2014-05-04 09:14 - 00010749 _____ () C:\WINDOWS\setupapi.log
2014-05-09 20:57 - 2014-03-19 13:36 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-05-09 20:57 - 2014-01-04 17:27 - 00000316 _____ () C:\WINDOWS\Tasks\PMTask.job
2014-05-09 20:57 - 2011-12-04 01:33 - 00000294 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1540148898-94257419-1256813896-1005.job
2014-05-09 20:57 - 2007-01-29 12:36 - 00025181 _____ () C:\WINDOWS\system32\PROCDB.INI
2014-05-09 20:57 - 2006-04-30 02:56 - 00002278 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-09 20:56 - 2007-06-19 15:13 - 00000380 _____ () C:\WINDOWS\system32\IPSCtrl.INI
2014-05-09 20:56 - 2006-04-30 03:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-09 16:25 - 2013-10-18 08:05 - 02727016 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-05-09 16:25 - 2007-02-04 15:51 - 00000178 ___SH () C:\Documents and Settings\Rodolfo Limas\ntuser.ini
2014-05-09 16:25 - 2006-04-30 03:20 - 00032516 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-09 16:25 - 2006-04-30 03:20 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini
2014-05-09 16:24 - 2012-09-18 18:50 - 00001010 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1540148898-94257419-1256813896-1005UA.job
2014-05-09 14:38 - 2007-02-05 22:17 - 00000000 ____D () C:\Documents and Settings\Rodolfo Limas\Application Data\U3
2014-05-09 14:25 - 2014-05-09 14:25 - 00000346 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\fix_to_verify_if_on_old_HAD_inf.reg
2014-05-09 13:37 - 2013-12-29 17:33 - 00000000 ____D () C:\WINDOWS\erdnt
2014-05-09 13:36 - 2014-03-19 13:36 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-05-05 22:38 - 2011-12-04 01:33 - 00000302 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1540148898-94257419-1256813896-1005.job
2014-05-04 14:37 - 2014-05-04 13:19 - 00000275 _____ () C:\WINDOWS\wiadebug.log
2014-05-04 13:19 - 2014-05-04 13:19 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-05-04 13:18 - 2014-05-04 13:18 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-05-04 13:18 - 2014-05-04 13:18 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
2014-05-04 13:18 - 2014-05-04 13:18 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-05-04 11:26 - 2014-05-04 11:26 - 00171071 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\Current Event Topic2_EBrown.pptx
2014-05-04 10:08 - 2014-05-04 10:08 - 00242176 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\CET_Dutton.ppt
2014-05-04 09:05 - 2014-05-04 09:05 - 00313856 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\James Davis - Module 7 CET.ppt
2014-05-04 09:00 - 2014-05-04 09:00 - 00007825 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00006467 _____ () C:\WINDOWS\iis6.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00006183 _____ () C:\WINDOWS\FaxSetup.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00002956 _____ () C:\WINDOWS\ocgen.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00002821 _____ () C:\WINDOWS\tsoc.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00002027 _____ () C:\WINDOWS\comsetup.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00001820 _____ () C:\WINDOWS\msmqinst.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00001230 _____ () C:\WINDOWS\ntdtcsetup.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00001083 _____ () C:\WINDOWS\netfxocm.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000495 _____ () C:\WINDOWS\updspapi.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000342 _____ () C:\WINDOWS\ocmsn.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000311 _____ () C:\WINDOWS\tabletoc.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000309 _____ () C:\WINDOWS\msgsocm.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-05-04 09:00 - 2014-05-04 09:00 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-05-04 09:00 - 2007-02-18 14:38 - 00000328 _____ () C:\WINDOWS\Tasks\Clean_C.job
2014-05-03 22:03 - 2006-04-29 20:04 - 00608578 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-03 20:10 - 2007-08-12 14:32 - 00012172 _____ () C:\WINDOWS\Notepad2.ini
2014-05-02 18:35 - 2012-09-18 16:09 - 00000000 ____D () C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Akamai
2014-04-30 04:13 - 2007-02-04 14:49 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-04-30 04:13 - 2006-04-30 02:55 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-23 19:18 - 2009-04-04 18:32 - 00000000 ____D () C:\Documents and Settings\Rodolfo Limas\My Documents\MATLAB
2014-04-21 21:40 - 2014-04-21 21:40 - 00010157 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\SAP_vs_Oracle.xlsx
2014-04-21 14:58 - 2010-09-15 09:36 - 00002479 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Excel 2007.lnk
2014-04-21 14:51 - 2014-04-21 14:50 - 00000000 ____D () C:\Documents and Settings\Rodolfo Limas\Desktop\New Folder
2014-04-20 17:17 - 2013-02-16 15:19 - 00000000 ____D () C:\Documents and Settings\Rodolfo Limas\My Documents\xbmc
2014-04-20 17:17 - 2012-05-13 10:12 - 00000600 _____ () C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\PUTTY.RND
2014-04-20 16:39 - 2012-05-13 09:26 - 00000600 _____ () C:\Documents and Settings\Rodolfo Limas\Application Data\winscp.rnd
2014-04-19 14:37 - 2014-04-19 14:37 - 00342016 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\CET_JosephJasinski_Future Election Economic Considerations.ppt
2014-04-19 07:35 - 2014-04-19 07:35 - 00059277 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\Current Event Topic - Maria Kelley 2.pptx
2014-04-14 22:58 - 2014-04-14 18:31 - 00661113 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\ERP Systems_.pptx
2014-04-14 19:24 - 2012-09-18 18:50 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1540148898-94257419-1256813896-1005Core.job
2014-04-13 10:14 - 2014-04-13 08:30 - 00071451 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\ERP Systems.pptx
2014-04-13 08:32 - 2012-04-18 01:57 - 01798392 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1540148898-94257419-1256813896-1005-0.dat
2014-04-13 08:32 - 2012-04-18 01:57 - 00429658 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-04-13 08:03 - 2014-04-13 08:03 - 00132608 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\ERP-Comparison2013.xls
2014-04-13 07:57 - 2010-09-15 09:36 - 00002489 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office PowerPoint 2007.lnk
2014-04-12 17:51 - 2012-01-27 08:18 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-04-12 12:48 - 2014-04-12 12:48 - 00085833 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\CET-final.pptx
2014-04-12 11:06 - 2014-04-12 11:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-12 11:06 - 2007-02-06 22:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-04-12 11:04 - 2013-08-16 11:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-12 10:59 - 2007-02-07 00:07 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-12 08:25 - 2014-04-12 08:25 - 00064771 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\CET Module 4 - Kimberly Kendrick.pptx
2014-04-12 08:13 - 2014-04-12 08:13 - 00106317 _____ () C:\Documents and Settings\Rodolfo Limas\Desktop\Current Event Topic Rodolfo Limas.pptx
2014-04-11 17:00 - 2012-09-18 16:07 - 00000000 ____D () C:\Program Files\Common Files\Akamai

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-05-2014 01
Ran by Rodolfo Limas at 2014-05-09 21:04:54
Running from C:\Documents and Settings\Rodolfo Limas\Local Settings\Temporary Internet Files\Content.IE5\KJKDNS6K
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Emsisoft Anti-Malware (Disabled - Up to date) {0F8591BB-342B-4493-91C3-4E948ED21255}

==================== Installed Programs ======================

             (HKLM\...\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}) (Version: 1.9.2.1705 - )
µTorrent (HKLM\...\uTorrent) (Version: 2.0.0 - )
7-Zip 4.44 beta (HKLM\...\7-Zip) (Version:  - )
A Ruler for Windows (HKLM\...\{6FB316CB-8561-4A57-9111-92B37B9E402F}) (Version: 1.0.5 - A Ruler For Windows)
Active Desktop Calendar 5.3 (HKLM\...\Active Desktop Calendar_is1) (Version:  - XemiComputers)
ActiveState ActivePython 2.7.5.6 (32-bit) (HKLM\...\{4D22D7B3-AF9C-424C-B6AF-E88D2365A127}) (Version: 2.7.6 - ActiveState Software Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Bridge 1.0 (HKLM\...\{B74D4E10-6884-0000-0000-000000000103}) (Version: 001.000.004 - Adobe Systems)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5 Master Collection (HKLM\...\{FBB02B04-C034-4382-A3F6-57416E2752C4}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.233 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.2.202.233 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM\...\{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}) (Version: 9.0.16.0 - Adobe Systems, Inc.)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (Version: 1.0.8 - Adobe Systems) Hidden
AI RoboForm (HKCU\...\AI RoboForm) (Version:  - )
Aide PDF to DXF Converter 10.0 (HKLM\...\Aide PDF to DXF Converter_is1) (Version:  - Aide CAD Systems Incorporated.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arena 12.0 (CPR 9) (HKLM\...\{BD78DE74-95DB-429D-A66F-6306BCEDA640}) (Version: 12.00.00 - Rockwell Automation, Inc.)
ASAP Utilities (HKLM\...\ASAP Utilities_is1) (Version: 5.0 - Bastien Mensink - A Must in Every Office BV)
Audacity 1.2.4 (HKLM\...\Audacity_is1) (Version:  - )
AutoCAD 2008 - English (HKLM\...\AutoCAD 2008 - English) (Version: 17.1.51.0 - Autodesk)
AutoCAD 2008 - English (Version: 17.1.51.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWF Viewer 7 (HKLM\...\{9A346205-EA92-4406-B1AB-50379DA3F057}) (Version: 7.2.0 - Autodesk, Inc.)
Avidemux 2.5 (HKLM\...\Avidemux 2.5) (Version: 2.5.4.6714 - )
Beyond Compare Version 2.4.3 (HKLM\...\BC2_is1) (Version:  - Scooter Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM\...\{60C18701-A823-4165-8E58-C083673F90DC}) (Version: 1.14.0 - Kovid Goyal)
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MX860 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.05 - Piriform)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM\...\{75C7BFBC-5FA8-47C9-9E6C-AD1954F63A53}) (Version: 1.0.109 - Citrix)
ClearType Tuning Control Panel Applet (HKLM\...\{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}) (Version: 1.01.0000 - Microsoft Corporation)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cosmo Player 2.1.1 (41451) (HKLM\...\Cosmo Player 2.1.1) (Version:  - )
Dave's Quick Search Deskbar (remove only) (HKLM\...\{226b64e8-dc75-4eea-a6c8-abcb4d1d37ff}) (Version:  - )
Directory Lister v0.9.1 (HKLM\...\Directory Lister_is1) (Version:  - KRKSoft)
Diskeeper Lite (HKLM\...\{796E076A-82F7-4D49-98C8-DEC0C3BC733A}) (Version: 9.0.541 - Diskeeper Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version:  - )
DVD Identifier (HKLM\...\DVD Identifier_is1) (Version: 5.0.1 - Kris Schoofs)
DVDInfoPro (HKLM\...\{13B0919D-9115-428F-9B96-9D65C504559F}) (Version: 4.63.0004 - Nic Wilson)
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
DWG TrueView 2013 (Version: 19.0.55.0 - Autodesk) Hidden
eDrawings for NX (HKLM\...\{6B12D560-D79C-4A5B-AD67-C56F3D9BC2BE}) (Version: 5.3.108 - Geometric Software Solutions Co. Ltd.)
Emsisoft Anti-Malware (HKLM\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.6 - Emsisoft GmbH)
Emu48 1.42 (HKLM\...\Emu48) (Version: 1.42 - )
Engineering Power Tools - v2.0.3 (HKLM\...\ST6UNST #3) (Version:  - )
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
EULAlyzer v1.1 (HKLM\...\EULAlyzer_is1) (Version: 1.1.0 - Javacool Software LLC)
Exact Audio Copy 1.0beta3 (HKLM\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Excel Utilities 2.0 (HKLM\...\Excel Utilities 2.0) (Version:  - )
FastStone Capture 5.3 (HKLM\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
ffdshow v1.1.3914 [2011-06-29] (HKLM\...\ffdshow_is1) (Version: 1.1.3914.0 - )
FileZilla (remove only) (HKLM\...\FileZilla) (Version:  - )
FlashFXP v4.0 (HKLM\...\{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}) (Version: 4.0.0.1535 - OpenSight Software, LLC)
Folder Size for Windows (HKLM\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.3 - Brio)
FontMatcher v1.03 (HKLM\...\ST6UNST #2) (Version:  - )
FreeUndelete (HKLM\...\FreeUndelete) (Version:  - )
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
GoToMeeting 5.7.0.1172 (HKCU\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
IE7Pro (HKLM\...\IE7Pro) (Version: 2.4.8 - IE7Pro Team)
Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation)
ImTOO MOV Converter 6 (HKLM\...\ImTOO MOV Converter) (Version: 6.0.3.0421 - ImTOO)
inPHorm O-Ring (HKLM\...\inPHorm O-Ring) (Version:  - )
inSSIDer (HKLM\...\{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}) (Version: 2.1.5 - MetaGeek)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.5.0.API - Intel Corporation)
Intel® Solid-State Drive Toolbox (HKLM\...\Intel® Solid-State Drive Toolbox) (Version: 3.0.1.400 - Intel Corporation)
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1294 - InterVideo Inc.)
Intuit TurboTax  (HKLM\...\Intuit TurboTax 2) (Version: 2 - Intuit TurboTax )
IrfanView 3.99 (HKLM\...\{3EECE717-E6B7-49A6-9E8A-E42305B8BB7F}) (Version: 3.99 - Irfan Skiljan)
IRM Client For PDF (HKLM\...\{F4FD1A2D-FE65-4260-94DA-AB47EFE4C0CC}) (Version: 5.00.258 - EMC IRM)
iSEEK AnswerWorks English Runtime (HKLM\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iSEEK AnswerWorks English Runtime (HKLM\...\{9E5A03E3-6246-4920-9630-0527D5DA9B07}) (Version: 009.000.0002 - Vantage Linguistics)
ISO Recorder (HKLM\...\{DFC6573E-124D-4026-BFA4-B433C9D3FF21}) (Version: 2.0.0 - Alex Feinman)
IsoBuster 2.8.5 (HKLM\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
Java Auto Updater (Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 19 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216019FF}) (Version: 6.0.190 - Sun Microsystems, Inc.)
jetToolBar (HKLM\...\{5F6AA55D-5E83-438B-A208-AC63FF013966}) (Version: 3.5 - )
JT2Go (HKLM\...\{54D47288-052F-4696-95FC-1A132A8223A0}) (Version: 8.0.9159 - Siemens PLM Software)
Juniper Networks Network Connect 7.2.0 (HKLM\...\Juniper Network Connect 7.2.0) (Version: 7.2.0.21397 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.2.3.23179 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Karen's Directory Printer (HKLM\...\ST6UNST #1) (Version:  - )
Kel's CPL All-in-One Bonus Pack (HKLM\...\CPLBonus) (Version: 7.1 - KelCorp)
Lenovo Patch Utility (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
LiveReg (Symantec Corporation) (HKLM\...\LiveReg) (Version: 2.4.2.2295 - Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 2.6.18.0 - Symantec Corporation)
Machinist's Calculator (HKLM\...\{D9377A10-2600-4056-BB7E-60C8BC0385F2}) (Version: 5.0.0.31 - CNC Consulting)
Magic ISO Maker v5.0 (build 0166) (HKLM\...\Magic ISO Maker v5.0 (build 0166)) (Version:  - )
Maintenance Manager (HKLM\...\AwayTask) (Version: 3.0.5.0 - )
MathType 5 (HKLM\...\DSMT5) (Version: 5.0 - Design Science, Inc.)
MATLAB R2007b (HKLM\...\MatlabR2007b) (Version: 7.5 - The MathWorks, Inc.)
Maxthon Browser (remove only) (HKLM\...\Maxthon) (Version:  - )
MB-Ruler (HKLM\...\{7363206E-C7BD-45CD-89A0-792B28409811}_is1) (Version: 4.0 - Markus Bader)
mCore (Version: 11.04.0000 - Intel Corporation) Hidden
mDriver (Version: 11.04.0000 - Intel) Hidden
MetaProducts Offline Explorer Pro (HKLM\...\MetaProducts Offline Explorer Pro) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Color Control Panel Applet for Windows XP (HKLM\...\{CE378F36-E404-4244-A33F-F50A2A6D31BD}) (Version: 01.00.0177.00 - Microsoft)
Microsoft English TTS Engine (Version: 2.0.1000.0 - Microsoft) Hidden
Microsoft Expression Encoder 4 (HKLM\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (Version: 4.0.1651.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM\...\{952DCCD8-4039-46C8-BC8B-5C1EB6C8E130}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Network Monitor 3.0 (HKLM\...\{3D04C97C-7E1F-464D-A5E4-8D9CAF8D0AE7}) (Version: 03.00.0372.0001 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access database engine 2007 (English) (HKLM\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Meeting 2007 (HKLM\...\{AEF68ACB-1B00-4FCA-A33C-C26DBADD8C5B}) (Version: 8.0.6362.200 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2007 (HKLM\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2003 (HKLM\...\{90510409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Photo Info (HKLM\...\{08823E70-05FD-4CC3-8019-ABE5B85FC8BE}) (Version: 1.0 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Streets & Trips 2009 (HKLM\...\{C82185E8-C27B-4EF4-2009-4444BC2C2B6D}) (Version: 16.0.19.1500 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
MINITAB Release 14 (HKLM\...\{9BC2391F-FBCA-4F06-8E6C-FB1BB119A9EF}) (Version: 14.13.0 - Minitab Inc)
MITCalc 1.40b (HKLM\...\MITCalc01_is1) (Version:  - MITCalc)
mMHouse (Version: 11.04.0000 - Intel Corporation) Hidden
Motorola Driver Installation (HKLM\...\{8F4507EF-C5F3-46CE-9718-9D3698821333}) (Version: 2.6.2 - Motorola Inc.)
mPfMgr (Version: 11.04.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
Nero 6 (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
NirSoft Collection (HKLM\...\Nirsoft) (Version: 1.1 - )
Nvu 1.0 (HKLM\...\Nvu_is1) (Version: 1.0 - Linspire Inc.)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.71.00 - )
OpenGL Extensions Viewer (HKLM\...\GLVIEW) (Version: 2.29.192 - )
PackageFactory for U3 (build 100) (HKLM\...\packagefactory_is1) (Version:  - Eure.ca)
Paint.NET v3.05 (HKLM\...\{6A8DEA40-B4AA-4687-B9F8-4E8185E65B05}) (Version: 3.05.0 - Paint.NET Team)
PC-Doctor 5 for Windows (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4330.05 - PC-Doctor, Inc.)
Photo Story 3 for Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.)
Power Manager (HKLM\...\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}) (Version: 5.20 - )
PowerTweak Menu (mmm) (HKLM\...\mmm) (Version: 2.02 - Paraglider)
Presentation Director (HKLM\...\{65706020-7B6F-41F2-8047-FC69579E386A}) (Version: 4.08 - )
Productivity Center Supplement for ThinkPad (HKLM\...\{D728E945-256D-4477-B377-6BBA693714AC}) (Version: 3.00b - )
PuTTY version 0.62 (HKLM\...\PuTTY_is1) (Version: 0.62 - Simon Tatham)
PxMergeModule (Version: 1.00.0000 - Your Company Name) Hidden
Python 2.7 pycrypto-2.6 (HKLM\...\pycrypto-py2.7) (Version:  - )
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Quick File Rename Personal Edition v5.0 (HKLM\...\{D39E2E64-BD15-4F9D-ADB4-E1DEDDB2A26F}) (Version: 5.0.0.0 - Lim, Chooi Guan)
Quicken 2013 (HKLM\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.4.2 - Sonic Solutions)
RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.4.2 - Sonic Solutions)
RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.4.2 - Sonic Solutions)
Recover My Files (HKLM\...\Recover My Files_is1) (Version: 4.0.2.441 - GetData Pty Ltd)
RegEditX (HKLM\...\RegEditX) (Version:  - )
RegexMagic DEMO 1.3.1 (HKLM\...\RegexMagic) (Version: DEMO 1.3.1 - Just Great Software)
Registry Crawler (HKLM\...\Registry Crawler) (Version:  - )
Rescue and Recovery Critical Patch for Windows Update (KB917422) (HKLM\...\{83E5061B-A69A-46AD-A780-1DA6569FF283}) (Version: 1.00.0004 - Lenovo Group Limited.)
Screen Calipers (HKLM\...\Screen Calipers) (Version: 4.0 - Iconico)
SendTo FTP (HKLM\...\SendTo FTP) (Version:  - )
sentinelsystemdriver (HKLM\...\{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}) (Version: 5.39.2 - Rainbow Technologies)
Skype Toolbars (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.5.7896 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slideshow Generator Powertoy for Windows XP (HKLM\...\{C39DE425-6CCF-4B12-A101-3CB5CF3AF3AD}) (Version: 1.00.0001 - Microsoft Corporation)
SnagIt 6 (HKLM\...\SnagIt6) (Version: 6.1 - TechSmith Corporation)
SolidWorks eDrawings 2010 (HKLM\...\{DB9BF2D3-8B19-413D-AA03-B8AEB724C4AB}) (Version: 10.3.143 - Dassault Systèmes SolidWorks Corp.)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 5.2.0 - Sonic Solutions)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0.2 - Sonic Solutions)
Sonic Icons for Lenovo (HKLM\...\{B334D9AE-1393-423E-97C0-3BDC3360E692}) (Version: 1.0.2 - Lenovo)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.4326 - Analog Devices)
SpyMe Tools 1.5 (HKLM\...\SpyMe Tools_is1) (Version:  - LC IBros Solutions SRL)
StickyNote (HKLM\...\StickyNote) (Version:  - )
Sunset Bathroom Designer (HKLM\...\Sunset Bathroom Designer) (Version: 12.0.2 - Punch! Software, LLC)
SysInternals Utilities Collection (HKLM\...\Sysinternals) (Version:  - )
System Update (HKLM\...\{8675339C-128C-44DD-83BF-0A5D6ABD8297}) (Version: 3.16.0006 - Lenovo)
SYSTRAN (HKLM\...\InstallShield_{4C94F105-81D0-4AFC-8F0A-38949DC07F65}) (Version: 6.00.10.17 - SYSTRAN)
SYSTRAN (Version: 6.00.10.17 - SYSTRAN) Hidden
The Font Thing (HKLM\...\The Font Thing) (Version:  - )
ThinkPad EasyEject Utility  (HKLM\...\{1297C681-92D7-40EF-93BF-03F66EC5105C}) (Version: 2.39 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad PC Card Power Policy (Version: 1.02 - ) Hidden
ThinkVantage Access Connections (HKLM\...\{7EB114D8-207F-45AE-BABD-1669715F2630}) (Version: 5.97 - )
ThinkVantage Fingerprint Software 5.6 (HKLM\...\{A2289997-10A3-48F2-AA03-99180D761661}) (Version: 5.6.2.3650 - UPEK Inc.)
ThinkVantage Technologies Welcome Message (Version: 1.14 - ) Hidden
Tiny Watcher (HKLM\...\Watcher) (Version: v1.5 - minuscule)
Tools Talk Power Focus (HKLM\...\{2F6D0138-1E3F-4303-87C2-FD25EFC57F31}) (Version:  - )
TTS Wrapper (Version: 1.0.0.0 - Microsoft Corporation) Hidden
TurboTax 2009 (HKLM\...\TurboTax 2009) (Version:  - Intuit, Inc)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2881 - Intuit Inc.) Hidden
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328 - Intuit Inc.) Hidden
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0245 - Intuit Inc.) Hidden
TurboTax 2009 wmiiper (Version: 009.000.0622 - Intuit Inc.) Hidden
TurboTax 2009 wrapper (Version: 009.000.0145 - Intuit Inc.) Hidden
TurboTax 2010 (HKLM\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821 - Intuit Inc.) Hidden
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501 - Intuit Inc.) Hidden
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222 - Intuit Inc.) Hidden
TurboTax 2010 wmiiper (Version: 010.000.1790 - Intuit Inc.) Hidden
TurboTax 2010 wrapper (Version: 010.000.0157 - Intuit Inc.) Hidden
TurboTax 2011 (HKLM\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351 - Intuit Inc.) Hidden
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496 - Intuit Inc.) Hidden
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222 - Intuit Inc.) Hidden
TurboTax 2011 wmiiper (Version: 011.000.1759 - Intuit Inc.) Hidden
TurboTax 2011 wrapper (Version: 011.000.0121 - Intuit Inc.) Hidden
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2114 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179 - Intuit Inc.) Hidden
TurboTax 2012 wmiiper (Version: 012.000.1409 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (Version: 012.000.0127 - Intuit Inc.) Hidden
U3Launcher (HKLM\...\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}) (Version: 1.0.0 - U3)
UGS NX 7.5 (HKLM\...\{66BE05E7-4FA4-49C7-9BF4-44A522DEE57B}) (Version: 7.5.0.32 - UGS)
UGSLicensing (HKLM\...\{B40EED7A-63D4-4ED2-910D-9A64FF94DF22}) (Version: 4.0.0 - UGS)
Universal Extractor 1.5 (HKLM\...\Universal Extractor_is1) (Version: 1.5 - Jared Breland)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Vistumbler (HKLM\...\Vistumbler) (Version: v10 - Vistumbler.net)
VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)
Wallpapers (Version:  - ) Hidden
Web Album Generator 1.8.2 (HKLM\...\Web Album Generator_is1) (Version:  - ornj.net)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.551  - Nullsoft, Inc)
Windows Driver Package - Microsoft Corporation (usbvideo) Image  (05/25/2007 1.0.3656.0) (HKLM\...\EB88B6218325D2AB47CFFBF7170236B60A6198FF) (Version: 05/25/2007 1.0.3656.0 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Connect (HKLM\...\WMCSetup) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 10 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 10 Hotfix - KB894476 (HKLM\...\KB894476) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinINSTALL LE 2003 (HKLM\...\{B102FB2C-4AE1-4DB8-A405-FE5B24086531}) (Version: 8.0 - OnDemand Software, Inc.)
WinMerge 2.6.4.0 (HKLM\...\WinMerge_is1) (Version: 2.6.4.0 - Thingamahoochie Software)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 4.3.7 (HKLM\...\winscp3_is1) (Version: 4.3.7 - Martin Prikryl)
WinSnap (HKLM\...\WinSnap) (Version: 2.0.5 - NTWind Software)
Wireshark 0.99.5 (HKLM\...\Wireshark) (Version: 0.99.5 - The Wireshark developer community, http://www.wireshark.org)
xbne (HKCU\...\VINCENT81Exécutable) (Version: 6.7.0 - ImageMagick Studio)
XConfigurator (HKLM\...\{9CD77AC4-0414-4E4B-B7AC-4D7FD3C6821E}) (Version: 1.0 - CHoJiN)
XP Themes (Version: 1.00.0000 - Lenovo) Hidden
XY Chart Labeler 6.25 (HKLM\...\XY Chart Labeler 6.25) (Version:  - )

==================== Restore Points  =========================

04-05-2014 18:20:33 System Checkpoint

==================== Hosts content: ==========================

2006-04-30 02:55 - 2014-05-03 22:24 - 00511236 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
173.194.46.66 google.com
69.53.236.17 netflix.com
176.32.98.166 amazon.com
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Clean_C.job => ?
Task: C:\WINDOWS\Tasks\Defrag.job => ?
Task: C:\WINDOWS\Tasks\Erase Temp.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1540148898-94257419-1256813896-1005Core.job => C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1540148898-94257419-1256813896-1005UA.job => C:\Documents and Settings\Rodolfo Limas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\PMTask.job => C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE
Task: C:\WINDOWS\Tasks\Prefetch.job => ?
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1540148898-94257419-1256813896-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1540148898-94257419-1256813896-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\System Update Cleaner.job => ?

==================== Loaded Modules (whitelisted) =============

2007-11-19 14:37 - 2007-11-19 14:37 - 00245760 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2014-01-05 00:18 - 2012-09-07 11:56 - 00086016 _____ () C:\Program Files\ThinkPad\ConnectUtilities\AcWrpc.dll
2014-01-05 00:18 - 2012-09-25 18:37 - 00044544 _____ () C:\Program Files\ThinkPad\ConnectUtilities\Res\US\GUIHlprRes.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-16 15:27 - 2011-06-16 15:27 - 00528384 _____ () C:\Program Files\EMC IRM\Common\emcirminjservice.exe
2011-04-18 08:19 - 2011-04-18 08:19 - 00854016 _____ () C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-04-18 08:19 - 2011-04-18 08:19 - 00471040 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2011-04-18 08:26 - 2011-04-18 08:26 - 00476520 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2014-01-04 17:27 - 2013-01-11 06:20 - 01645568 ____N () C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
2009-12-11 08:00 - 2010-05-11 22:55 - 00643072 _____ () C:\Program Files\UGS\UGSLicensing\ugslmd.exe
2005-05-04 14:02 - 2005-05-04 14:02 - 00049152 _____ () C:\Program Files\Active Desktop Calendar\MouseHook.dll
2007-03-18 11:32 - 2006-12-03 14:53 - 00126464 _____ () C:\Program Files\WinRAR\rarext.dll
2007-11-25 23:17 - 2006-09-07 12:19 - 00008704 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-03-23 17:13 - 2012-12-04 10:09 - 00721920 _____ () C:\WINDOWS\system32\libxml2.dll
2010-03-23 17:13 - 2012-12-04 10:09 - 00878080 _____ () C:\WINDOWS\system32\iconv.dll
2007-01-15 03:55 - 2007-01-15 03:55 - 02991616 _____ () C:\Program Files\SYSTRAN\6\GUIRes.dll
2007-02-11 14:33 - 2005-04-26 19:58 - 00014848 _____ () C:\Program Files\Directory Lister\DirListerExt.dll
2007-11-25 23:17 - 2004-09-12 19:17 - 00061440 _____ () C:\WINDOWS\system32\ShellExt\ContextMenuExt.dll
2014-01-04 17:27 - 2013-01-11 06:20 - 00082944 ____N () C:\Program Files\ThinkPad\Utilities\US\PWRMGRRT.DLL
2014-01-04 17:27 - 2013-01-11 06:20 - 00092672 ____N () C:\Program Files\ThinkPad\Utilities\US\PWRMGRRO.DLL
2013-12-29 17:26 - 2009-02-04 23:15 - 00204673 _____ () C:\Program Files\Windows 7 Shortcuts 0.4\Windows 7 0.4.exe
2014-01-05 00:18 - 2012-09-25 18:36 - 00077824 _____ () C:\Program Files\ThinkPad\ConnectUtilities\Res\US\SvcHlprRes.dll
2007-05-17 13:42 - 2007-05-17 13:42 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2014 03:53:15 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 2250

Error: (04/20/2014 03:53:15 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 2250

Error: (04/20/2014 03:53:15 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/19/2014 04:45:08 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 2140

Error: (04/19/2014 04:45:08 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 2140

Error: (04/19/2014 04:45:08 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/19/2014 08:32:35 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 2375

Error: (04/19/2014 08:32:35 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 2375

Error: (04/19/2014 08:32:35 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2014 11:11:58 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 2140

System errors:
=============
Error: (05/09/2014 09:04:11 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:11 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:11 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:11 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:11 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:11 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:06 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:06 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:06 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (05/09/2014 09:04:02 PM) (Source: Service Control Manager) (User: ) (EventID: 7001)
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Microsoft Office Sessions:
=========================
Error: (02/19/2014 10:04:32 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 422 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/18/2013 03:38:22 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 33 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/18/2013 03:37:48 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/18/2013 03:37:20 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/18/2013 03:04:27 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/18/2013 03:03:55 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/18/2013 03:03:20 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/21/2013 04:34:49 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 85152 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (10/29/2013 05:22:57 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/19/2013 06:21:24 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1202 seconds with 1140 seconds of active time.  This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 31%
Total physical RAM: 3062.36 MB
Available physical RAM: 2087.94 MB
Total Pagefile: 3949.93 MB
Available Pagefile: 3001.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.3 MB

==================== Drives ================================

Drive c: (IBM_T60) (Fixed) (Total:136.95 GB) (Free:56.32 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive h: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 6755B9B4)
Partition 1: (Active) - (Size=137 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=12)

==================== End Of Log ============================



#5 rlimas

rlimas
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Waterford, MI
  • Local time:10:02 PM

Posted 09 May 2014 - 08:12 PM

Hello, Thanks, I did uninstall combofix.  No issues.  As long as no problems with farbar log, then close out.

 

Thanks again!



#6 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:10:02 PM

Posted 10 May 2014 - 09:14 PM

Your log is clean.


Best Regards,
oneof4.


#7 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:10:02 PM

Posted 13 May 2014 - 09:30 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Best Regards,
oneof4.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users