Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Outlook SMTP effected


  • This topic is locked This topic is locked
2 replies to this topic

#1 litepc

litepc

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 09 September 2014 - 01:43 PM

Hi there:

it seems to me that i may have a virus where it takes over my outlook and sends out SMTP emails over my network.

I did change my password but still want to make sure if i indeed have some virus thats causing it.

Can anyone maybe please help me with thsi?

 

 

here is the Virus that ESET claims it found and cleaned.

 

9/8/2014 5:26:32 PM    Real-time file system protection    file    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1425\A0125759.exe    Win32/TrojanDownloader.Zortob.H trojan    cleaned by deleting - quarantined    NT AUTHORITY\SYSTEM    Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\svchost.exe.

 

Here are teh FRST Logs.

 

Thank you kindly.

Emanuel

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014
Ran by RugOne (administrator) on MAIN on 09-09-2014 14:34:24
Running from C:\Documents and Settings\RugOne\My Documents\downloads
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(brother Industries Ltd) C:\WINDOWS\system32\BRSVC01A.EXE
(brother Industries Ltd) C:\WINDOWS\system32\BRSS01A.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist Remote Support Customer\715\g2ax_service.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist Remote Support Customer\715\g2ax_comm_customer.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist Remote Support Customer\715\g2ax_system_customer.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist Remote Support Customer\715\g2ax_user_customer.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard Company) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Genie-soft) C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe
(Intuit Inc.) C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QBW32.EXE
(Intuit, Inc.) C:\PROGRA~1\Intuit\QUICKB~1.0\QBDBMgrN.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist Remote Support Customer\715\g2ax_host.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-26] (Intel Corporation)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [304696 2011-10-14] (Hewlett-Packard Company)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5078504 2013-03-21] (ESET)
HKLM\...\Run: [Intuit SyncManager] => C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [2643320 2012-10-08] (Intuit Inc. All rights reserved.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [413696 2008-03-28] (Apple Inc.)
Winlogon\Notify\GoToAssist Express Customer: C:\Program Files\Citrix\GoToAssist Remote Support Customer\715\g2ax_winlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1748816020-2430615178-1033171180-1005\...\Run: [GBMPro9Agent] => C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe [189528 2012-05-30] (Genie-soft)
HKU\S-1-5-21-1748816020-2430615178-1033171180-1005\...\MountPoints2: {169138ac-2cc3-11dd-9dd3-001ec92bac51} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\usbdriver.exe
HKU\S-1-5-21-1748816020-2430615178-1033171180-1005\...\MountPoints2: {4f730a33-0af5-11dd-9db4-001ec92bac51} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\usbdriver.exe
HKU\S-1-5-21-1748816020-2430615178-1033171180-1005\...\MountPoints2: {60548e2a-fcfd-11dd-99e4-001ec92bac51} - E:\setupSNK.exe
HKU\S-1-5-21-1748816020-2430615178-1033171180-1005\...\MountPoints2: {8f04ac6c-f5d3-11dc-9d99-001ec92bac51} - E:\setupSNK.exe
HKU\S-1-5-21-1748816020-2430615178-1033171180-1005\...\MountPoints2: {a44ba873-b44f-11de-9a61-001ec92bac51} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1748816020-2430615178-1033171180-1005\...\MountPoints2: {b5c7c4e3-7bbb-11de-9a57-001ec92bac51} - E:\LaunchU3.exe -a
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QBW32.EXE (Intuit Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rugone.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKCU - DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-i3752
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-i3752
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternatiff.com/install-ie/alttiff.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {ABF46004-3E86-4689-90CE-D187F0A5A774} http://205.144.208.123/WebViewerH264S.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1007
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\RugOne\Application Data\Mozilla\Firefox\Profiles\zposemlc.default
FF Homepage: https://www.fedex.com/fcl/;SHIPPINGSESSIONID=sYGHKn9QKlMkj1vbv1FFyWPV1vQmhM0pP7sq9pKpT5nCYMqhJrV5!104261195?appName=fclfsm&locale=us_en&step3URL=https%3A%2F%2Fwww.fedex.com%2Fshipping%2FshipEntryAction.do%3Fmethod%3DdoRegistration%26link%3D1%26locale%3Den_US%26urlparams%3Dus%26sType%3DF&returnurl=https%3A%2F%2Fwww.fedex.com%2Fshipping%2FshipEntryAction.do%3Fmethod%3DdoEntry%26link%3D1%26locale%3Den_US%26urlparams%3Dus%26sType%3DF&programIndicator=0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.338 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.338 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.338 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\atgpcdec.dll (WebEx Communications, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\atgpcext.dll (WebEx Communications, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ieatgpc.dll (WebEx Communications, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\mwmcli.dll (WebEx Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npatgpc.dll (WebEx Communications, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npzzatif.dll (Medical Informatics Engineering, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF Extension: Move Media Player - C:\Documents and Settings\RugOne\Application Data\Mozilla\Firefox\Profiles\zposemlc.default\Extensions\moveplayer@movenetworks.com [2009-05-15]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\RugOne\Application Data\Mozilla\Firefox\Profiles\zposemlc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-13]
FF Extension: DownloadHelper - C:\Documents and Settings\RugOne\Application Data\Mozilla\Firefox\Profiles\zposemlc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: MediaWrap - C:\Documents and Settings\RugOne\Application Data\Mozilla\Firefox\Profiles\zposemlc.default\Extensions\{dd68c513-9296-4b63-8d8b-8f1c991c8a48} [2008-07-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-17]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-05-01]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2008-08-19] (Adobe Systems) [File not signed]
R2 ASFIPmon; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [79168 2007-06-20] (Broadcom Corporation)
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2003-08-27] (brother Industries Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1341664 2013-03-21] (ESET)
R2 GoToAssist Remote Support Customer; C:\Program Files\Citrix\GoToAssist Remote Support Customer\715\g2ax_service.exe [610888 2014-06-18] (Citrix Online, a division of Citrix Systems, Inc.)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [164352 2011-08-04] (HP) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [181664 2013-04-04] (Oracle Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2012-10-24] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-10-15] (Intuit Inc.) [File not signed]
R3 QuickBooksDB21; C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QBDBMgrN.exe [679936 2010-04-27] (Intuit, Inc.) [File not signed]
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 BASFND; C:\Program Files\Broadcom\ASFIPMon\BASFND.sys [10480 2007-06-20] (Broadcom Corporation) [File not signed]
R2 BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [161368 2013-01-10] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [105784 2013-01-10] (ESET)
R3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37804 2003-03-04] (Logitech, Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\Drivers\LVPr2Mon.sys [25624 2009-04-30] ()
S3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MxlW2k; C:\WINDOWS\system32\Drivers\MxlW2k.sys [28164 2008-04-15] (MusicMatch, Inc.) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
S3 pepifilter; C:\WINDOWS\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.)
S3 PID_PEPI; C:\WINDOWS\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2007-09-24] (Sensaura)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [78720 2007-05-03] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 14:31 - 2014-09-09 14:34 - 00000000 ____D () C:\FRST
2014-09-08 09:22 - 2014-09-08 09:22 - 00717544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-05 10:50 - 2014-09-05 10:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-05 10:33 - 2014-09-05 10:55 - 00000000 ____D () C:\Main_Docs_BakUp
2014-09-05 09:37 - 2014-09-05 09:37 - 00068415 _____ () C:\Documents and Settings\RugOne\Local Settings\Application Data\qrpdnxhj
2014-09-02 13:09 - 2014-09-02 14:03 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\MR. STERN M2 COST 9-2-14.xls
2014-09-02 11:36 - 2014-09-02 11:46 - 00024576 ____N () C:\Documents and Settings\RugOne\My Documents\OPEN INVOICES & D&B  PAGE TOTALS  8-31-14.xls
2014-09-02 11:01 - 2014-09-02 12:18 - 00029696 ____N () C:\Documents and Settings\RugOne\My Documents\AR AGING 8-31-14.xls
2014-09-02 10:59 - 2014-09-02 10:59 - 00550912 ____N () C:\Documents and Settings\RugOne\My Documents\INVENTORY 8-31-14.xls
2014-09-02 10:53 - 2014-09-02 10:53 - 00032768 ____N () C:\Documents and Settings\RugOne\My Documents\OPEN INVOICES - D&B 8-31-14.xls
2014-09-02 10:42 - 2014-09-02 10:46 - 00055808 ____N () C:\Documents and Settings\RugOne\My Documents\OPEN INVOICES 8-31-14.xls
2014-09-02 10:38 - 2014-09-02 10:38 - 00026624 ____N () C:\Documents and Settings\RugOne\My Documents\INVOICE SHIPPING TOTALS 8-31-14.xls
2014-09-02 10:36 - 2014-09-02 10:36 - 00026112 ____N () C:\Documents and Settings\RugOne\My Documents\INVOICE TOTALS 8-31-14.xls
2014-08-27 14:34 - 2014-08-27 14:35 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - CORDUROY 8-27-14.xls
2014-08-27 14:33 - 2014-08-27 14:33 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - WANDERING VINES 8-27-14.xls
2014-08-27 14:15 - 2014-08-27 14:15 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - TULIPANO 8-27-14.xls
2014-08-27 14:13 - 2014-08-27 14:14 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - MERIT 8-27-14.xls
2014-08-27 14:06 - 2014-08-27 14:06 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - MATRIX 8-27-14.xls
2014-08-27 14:04 - 2014-08-27 14:05 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS -MAIZE 8-27-14.xls
2014-08-27 14:03 - 2014-08-27 14:03 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS -MIMOSA 8-27-14.xls
2014-08-27 14:03 - 2014-08-27 14:03 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS -BRAVEHEART 8-27-14.xls
2014-08-27 14:00 - 2014-08-27 14:00 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS -VERSAILLES 8-27-14.xls
2014-08-27 14:00 - 2014-08-27 14:00 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - NOTTINGHAM 8-27-14.xls
2014-08-27 13:59 - 2014-08-27 13:59 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - CENTRAL PARK 8-27-14.xls
2014-08-11 14:17 - 2014-08-11 14:17 - 00025600 ____N () C:\Documents and Settings\RugOne\My Documents\CONSIGNMENT - MR. STERN 8-11-14.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 14:34 - 2014-09-09 14:31 - 00000000 ____D () C:\FRST
2014-09-09 14:34 - 2008-03-19 10:38 - 00000000 ____D () C:\Documents and Settings\RugOne\Local Settings\Temp
2014-09-09 14:30 - 2012-06-18 18:40 - 00000374 _____ () C:\WINDOWS\Tasks\At4.job
2014-09-09 14:09 - 2014-06-24 10:31 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-09 13:48 - 2013-06-03 16:05 - 00376320 ____N () C:\Documents and Settings\RugOne\My Documents\SQUARE YARDAGE CALCULATOR WITH BRAUNS PRICING.xls
2014-09-09 13:23 - 2013-06-04 08:03 - 00000000 ____D () C:\Documents and Settings\QBDataServiceUser21\Local Settings\Temp
2014-09-09 11:48 - 2013-05-01 19:49 - 01185278 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-09 11:47 - 2013-05-01 19:50 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-09 11:47 - 2013-05-01 19:50 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-09-09 11:47 - 2008-03-19 17:13 - 00000618 _____ () C:\WINDOWS\system32\gotomon.log
2014-09-09 11:47 - 2004-08-11 18:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-09 11:47 - 2004-08-11 18:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-09 11:46 - 2013-05-01 19:50 - 00032628 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-09 11:46 - 2012-06-19 09:05 - 01291152 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-09-09 11:46 - 2008-03-19 10:38 - 00000278 ___SH () C:\Documents and Settings\RugOne\ntuser.ini
2014-09-09 10:36 - 2008-06-20 10:36 - 00000000 ____D () C:\Documents and Settings\RugOne\My Documents\Return Authorizations
2014-09-09 10:15 - 2012-06-18 18:40 - 00000374 _____ () C:\WINDOWS\Tasks\At1.job
2014-09-08 23:03 - 2014-03-12 00:09 - 00000398 _____ () C:\WINDOWS\Tasks\GBM - RugOne-Full.job
2014-09-08 23:00 - 2004-08-11 18:11 - 00000000 ____D () C:\WINDOWS\Registration
2014-09-08 23:00 - 2004-08-11 18:02 - 00000000 ____D () C:\WINDOWS\repair
2014-09-08 20:45 - 2012-06-18 18:40 - 00000374 _____ () C:\WINDOWS\Tasks\At2.job
2014-09-08 18:40 - 2012-06-18 18:40 - 00000374 _____ () C:\WINDOWS\Tasks\At3.job
2014-09-08 14:18 - 2014-03-19 13:37 - 00022528 _____ () C:\Documents and Settings\RugOne\My Documents\BANK STATEMENT MISC. CHARGES - 2014.xls
2014-09-08 09:22 - 2014-09-08 09:22 - 00717544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-08 09:22 - 2013-04-05 09:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-05 14:12 - 2008-03-19 11:24 - 00000000 __SHD () C:\Documents and Settings\RugOne\UserData
2014-09-05 10:55 - 2014-09-05 10:33 - 00000000 ____D () C:\Main_Docs_BakUp
2014-09-05 10:51 - 2014-09-05 10:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-05 09:49 - 2013-06-04 08:03 - 00000000 ____D () C:\Documents and Settings\QBDataServiceUser21
2014-09-05 09:49 - 2008-03-19 10:38 - 00000000 ____D () C:\Documents and Settings\RugOne
2014-09-05 09:49 - 2004-08-11 18:20 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-09-05 09:49 - 2004-08-11 18:20 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-09-05 09:49 - 2004-08-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-09-05 09:37 - 2014-09-05 09:37 - 00068415 _____ () C:\Documents and Settings\RugOne\Local Settings\Application Data\qrpdnxhj
2014-09-02 14:03 - 2014-09-02 13:09 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\MR. STERN M2 COST 9-2-14.xls
2014-09-02 12:18 - 2014-09-02 11:01 - 00029696 ____N () C:\Documents and Settings\RugOne\My Documents\AR AGING 8-31-14.xls
2014-09-02 11:46 - 2014-09-02 11:36 - 00024576 ____N () C:\Documents and Settings\RugOne\My Documents\OPEN INVOICES & D&B  PAGE TOTALS  8-31-14.xls
2014-09-02 11:29 - 2014-02-04 16:28 - 00124928 ____N () C:\Documents and Settings\RugOne\My Documents\CUSTOMER LIST SALES BY MONTH  2014.xls
2014-09-02 10:59 - 2014-09-02 10:59 - 00550912 ____N () C:\Documents and Settings\RugOne\My Documents\INVENTORY 8-31-14.xls
2014-09-02 10:53 - 2014-09-02 10:53 - 00032768 ____N () C:\Documents and Settings\RugOne\My Documents\OPEN INVOICES - D&B 8-31-14.xls
2014-09-02 10:46 - 2014-09-02 10:42 - 00055808 ____N () C:\Documents and Settings\RugOne\My Documents\OPEN INVOICES 8-31-14.xls
2014-09-02 10:40 - 2014-02-04 16:07 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\INVOICE TOTALS less SHIPPING 2014.xls
2014-09-02 10:38 - 2014-09-02 10:38 - 00026624 ____N () C:\Documents and Settings\RugOne\My Documents\INVOICE SHIPPING TOTALS 8-31-14.xls
2014-09-02 10:36 - 2014-09-02 10:36 - 00026112 ____N () C:\Documents and Settings\RugOne\My Documents\INVOICE TOTALS 8-31-14.xls
2014-08-27 16:18 - 2014-07-11 12:53 - 00092160 ____N () C:\Documents and Settings\RugOne\My Documents\JOHN MENDEZ REPORTS REVISED - 7-11-14.xls
2014-08-27 14:35 - 2014-08-27 14:34 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - CORDUROY 8-27-14.xls
2014-08-27 14:33 - 2014-08-27 14:33 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - WANDERING VINES 8-27-14.xls
2014-08-27 14:15 - 2014-08-27 14:15 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - TULIPANO 8-27-14.xls
2014-08-27 14:14 - 2014-08-27 14:13 - 00022528 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - MERIT 8-27-14.xls
2014-08-27 14:06 - 2014-08-27 14:06 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - MATRIX 8-27-14.xls
2014-08-27 14:05 - 2014-08-27 14:04 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS -MAIZE 8-27-14.xls
2014-08-27 14:03 - 2014-08-27 14:03 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS -MIMOSA 8-27-14.xls
2014-08-27 14:03 - 2014-08-27 14:03 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS -BRAVEHEART 8-27-14.xls
2014-08-27 14:00 - 2014-08-27 14:00 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS -VERSAILLES 8-27-14.xls
2014-08-27 14:00 - 2014-08-27 14:00 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - NOTTINGHAM 8-27-14.xls
2014-08-27 13:59 - 2014-08-27 13:59 - 00022016 ____N () C:\Documents and Settings\RugOne\My Documents\TECHNICAL SPECIFICATIONS - CENTRAL PARK 8-27-14.xls
2014-08-26 16:37 - 2008-03-19 14:04 - 00000000 ____D () C:\Documents and Settings\RugOne\My Documents\inventory
2014-08-11 15:19 - 2008-03-19 14:05 - 00000000 ____D () C:\Documents and Settings\RugOne\My Documents\Purchase Orders
2014-08-11 14:17 - 2014-08-11 14:17 - 00025600 ____N () C:\Documents and Settings\RugOne\My Documents\CONSIGNMENT - MR. STERN 8-11-14.xls

Files to move or delete:
====================
C:\Documents and Settings\RugOne\g2ax_customer_downloadhelper_win32_x86.exe
C:\Documents and Settings\RugOne\gosetup.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2014
Ran by RugOne at 2014-09-09 14:35:20
Running from C:\Documents and Settings\RugOne\My Documents\downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 6.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2Ship.com AutoPrint IE Plug-In (HKLM\...\{A79C0BCB-0903-4F9C-A128-7891A750FF07}) (Version: 2.2.0 - 2Ship Solutions Inc)
32 Bit HP CIO Components Installer (Version: 8.1.4 - Hewlett-Packard) Hidden
AAC Decoder (HKLM\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
Adobe® Photoshop® Album Starter Edition 3.2 (HKLM\...\Adobe® Photoshop® Album Starter Edition 3.2) (Version: 3.2.0 - http://www.adobe.com)
Adobe® Photoshop® Album Starter Edition 3.2 (Version: 3.2.0 - Adobe Systems, Inc.) Hidden
Apple Software Update (HKLM\...\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}) (Version: 2.0.2.92 - Apple Inc.)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Broadcom ASF Management Applications (HKLM\...\{E56D5DC8-4C73-44B1-B650-AAD75C7A2701}) (Version: 10.16.02 - Broadcom Corporation)
Broadcom Management Programs (HKLM\...\{177D1318-3E4B-4A7C-A300-AC4E21BE090B}) (Version: 10.20.03 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-6490CW (HKLM\...\{01B4AC8E-6D83-44B3-958D-2AFE57BE54DB}) (Version: 1.2.13.0 - Brother Industries, Ltd.)
CamStudio (HKLM\...\CamStudio) (Version:  - )
CamStudio Lossless Codec v1.4 (HKLM\...\CamStudio Lossless Codec_is1) (Version:  - © 2003 RenderSoft Software, Modifications Copyright © 2008 Jake P.)
Canon MF Drivers (HKLM\...\{01B93B3A-283F-411B-A648-69CABCACC986}) (Version:  - )
Canon MF Toolbox 4.7.0.0.mf04 (HKLM\...\{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}) (Version:  - )
Canon PC1200/iC D600/iR1200G (HKLM\...\Canon PC1200/iC D600/iR1200G) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
ConvertHelper 2.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.0.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.0.0 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.3 - DivX,Inc.)
ESET NOD32 Antivirus (HKLM\...\{ECD2AA58-5F23-4222-B2ED-143BB23021A3}) (Version: 6.0.316.0 - ESET, spol s r. o.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.2.413 - Foxit Corporation)
Genie Backup Manager (HKLM\...\Genie Backup Manager) (Version: 9.0 - Genie9)
GoToAssist Customer 2.1.0.715 (HKLM\...\GoToAssist Express Customer) (Version: 2.1.0.715 - Citrix Online)
GoToMeeting 5.2.0.952 (HKCU\...\GoToMeeting) (Version: 5.2.0.952 - CitrixOnline)
H.264 Decoder (HKLM\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.0.0 - DivX, Inc.)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HP LaserJet 400 M401 (HKLM\...\{8989F6D9-550C-4178-A8CB-75B82A06621F}) (Version:  - Hewlett-Packard)
HP LaserJet 400 M401 HP Device Toolbox (Version: 26.0.130.0 - Hewlett-Packard Co.) Hidden
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Product FWUpdater (Version: 4.0.0.7242 - Hewlett-Packard Company) Hidden
HP Unified IO (Version: 1.0.1.95 - HP) Hidden
hpbDSService (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM401DSService (Version: 001.001.05874 - Hewlett-Packard) Hidden
HPLJUTCore (Version: 3.00.0003 - HP) Hidden
HPLJUTM401 (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (Version: 009.022.00816 - Hewlett-Packard) Hidden
hppM401LaserJetService (HKLM\...\{B1F80E92-B702-4E7A-91A1-D7987F9C83EC}) (Version: 001.015.00029 - Hewlett-Packard)
hpStatusAlerts (Version: 030.027.1140 - Hewlett Packard) Hidden
hpStatusAlertsM401 (Version: 030.025.01810 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
J2SE Runtime Environment 5.0 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150060}) (Version: 1.5.0.60 - Sun Microsystems, Inc.)
Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
jZip (HKLM\...\jZip) (Version:  - Discordia Limited.)
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.54.11 - Logitech, Inc.)
Logitech MouseWare 9.76  (HKLM\...\{5809E7CF-4DCF-11D4-9875-00105ACE7734}) (Version:  - )
Logitech Updater (HKLM\...\{53735ECE-E461-4FD0-B742-23A352436D3A}) (Version: 1.70 - Logitech, Inc.)
Logitech Webcam Software (HKLM\...\{AC96671C-2001-432C-9826-5266D84EF1DC}) (Version: 12.00.1280 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MKV Splitter (HKLM\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.0 - DivX, Inc.)
Mozilla Firefox 32.0 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
MUSICMATCH Jukebox (HKLM\...\MUSICMATCH Jukebox) (Version:  - )
Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
OmniPage SE 2.0 (HKLM\...\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}) (Version: 2.00.0000 - ScanSoft, Inc.)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PowerDVD (HKLM\...\{281ECE39-F043-492B-8337-F2E546B5604A}) (Version: 7.0 - Dell)
Presto! PageManager 6.03 (HKLM\...\{5BE42A03-E7B8-42A9-B1BB-FC48B03D58B8}) (Version:  - )
PrimoPDF (HKLM\...\PrimoPDF4.0) (Version: 4.0 - activePDF)
PrimoPDF (HKLM\...\PrimoPDF4.1.0.9) (Version: 4.1.0.9 - activePDF)
QuickBooks (Version: 21.0.4012.904 - Intuit Inc.) Hidden
QuickBooks Connection Diagnostic Tool (HKLM\...\{8FC44A80-059E-4358-BBB4-50FAEBED7627}) (Version: 4.0.0 - Intuit)
QuickBooks Enterprise Solutions 11.0 (HKLM\...\{11E0AC7D-6828-4F67-865F-EE1C13D28C38}) (Version: 21.0.4012.904 - Intuit Inc.)
QuickBooks File Doctor (HKLM\...\{A39730D7-3C42-4F26-978B-523E808EEADB}) (Version: 3.6.1 - Intuit)
QuickTime (HKLM\...\{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}) (Version: 7.4.5.67 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Roxio)
ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB980182) (HKLM\...\KB980182-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB894391) (HKLM\...\KB894391) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB896256) (HKLM\...\KB896256) (Version: 4 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB900485) (HKLM\...\KB900485) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB904942) (HKLM\...\KB904942) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB910437) (HKLM\...\KB910437) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB911280) (HKLM\...\KB911280) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB912945) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB916595) (HKLM\...\KB916595) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB920872) (HKLM\...\KB920872) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB922582) (HKLM\...\KB922582) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB925720) (HKLM\...\KB925720) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB927891) (HKLM\...\KB927891) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB930916) (HKLM\...\KB930916) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB932823-v3) (HKLM\...\KB932823-v3) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB933360) (HKLM\...\KB933360) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB936357) (HKLM\...\KB936357) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB938828) (HKLM\...\KB938828) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB942763) (HKLM\...\KB942763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB942840) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0 - DivX, Inc) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version:  - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Hotfix - KB873339 (HKLM\...\KB873339) (Version: 20041117.092459 - Microsoft Corporation)
Windows XP Hotfix - KB885250 (HKLM\...\KB885250) (Version: 20050118.202711 - Microsoft Corporation)
Windows XP Hotfix - KB885835 (HKLM\...\KB885835) (Version: 20041027.181713 - Microsoft Corporation)
Windows XP Hotfix - KB885836 (HKLM\...\KB885836) (Version: 20041028.173203 - Microsoft Corporation)
Windows XP Hotfix - KB886185 (HKLM\...\KB886185) (Version: 20041021.090540 - Microsoft Corporation)
Windows XP Hotfix - KB887472 (HKLM\...\KB887472) (Version: 20041014.162858 - Microsoft Corporation)
Windows XP Hotfix - KB888302 (HKLM\...\KB888302) (Version: 20041207.111426 - Microsoft Corporation)
Windows XP Hotfix - KB889673 (HKLM\...\KB889673) (Version: 20041116.085848 - Microsoft Corporation)
Windows XP Hotfix - KB890859 (HKLM\...\KB890859) (Version: 1 - Microsoft Corporation)
Windows XP Hotfix - KB891781 (HKLM\...\KB891781) (Version: 20050110.165439 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{3E1A2BBD-5707-4646-B268-518B997DC94D}\localserver32 -> C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{53B5243F-8302-4DAD-BE8F-1D0665E8225E}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO3.dll (Hewlett-Packard Company)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\952\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{B0FF20F1-C857-4EA5-A2B8-A85372879B3D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1748816020-2430615178-1033171180-1005_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

==================== Restore Points  =========================

11-06-2014 21:29:54 System Checkpoint
12-06-2014 22:41:54 System Checkpoint
16-06-2014 18:04:48 System Checkpoint
17-06-2014 21:17:49 System Checkpoint
18-06-2014 21:34:34 System Checkpoint
19-06-2014 22:36:57 System Checkpoint
23-06-2014 21:19:56 System Checkpoint
24-06-2014 21:39:12 System Checkpoint
25-06-2014 22:37:19 System Checkpoint
26-06-2014 23:36:49 System Checkpoint
30-06-2014 21:15:51 System Checkpoint
01-07-2014 21:25:10 System Checkpoint
02-07-2014 21:51:50 System Checkpoint
07-07-2014 16:01:38 System Checkpoint
08-07-2014 21:14:38 System Checkpoint
09-07-2014 21:27:51 System Checkpoint
10-07-2014 21:39:24 System Checkpoint
14-07-2014 13:50:13 System Checkpoint
15-07-2014 14:48:12 System Checkpoint
16-07-2014 21:23:06 System Checkpoint
17-07-2014 22:28:41 System Checkpoint
21-07-2014 13:20:16 System Checkpoint
22-07-2014 14:05:35 System Checkpoint
23-07-2014 21:20:03 System Checkpoint
24-07-2014 22:17:37 System Checkpoint
28-07-2014 19:09:02 System Checkpoint
29-07-2014 19:37:40 System Checkpoint
30-07-2014 20:16:26 System Checkpoint
31-07-2014 21:21:16 System Checkpoint
04-08-2014 14:48:24 System Checkpoint
05-08-2014 16:00:58 System Checkpoint
06-08-2014 19:51:44 System Checkpoint
07-08-2014 21:34:45 System Checkpoint
11-08-2014 13:39:12 System Checkpoint
12-08-2014 16:55:15 System Checkpoint
13-08-2014 18:11:24 System Checkpoint
14-08-2014 19:14:17 System Checkpoint
18-08-2014 13:06:07 System Checkpoint
19-08-2014 21:12:06 System Checkpoint
20-08-2014 21:23:10 System Checkpoint
21-08-2014 21:57:56 System Checkpoint
25-08-2014 13:34:42 System Checkpoint
26-08-2014 14:39:50 System Checkpoint
27-08-2014 14:53:25 System Checkpoint
28-08-2014 19:12:30 System Checkpoint
02-09-2014 21:11:52 System Checkpoint
03-09-2014 21:12:31 System Checkpoint
04-09-2014 21:15:55 System Checkpoint
05-09-2014 13:48:34 Restore Operation
08-09-2014 21:18:59 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-11 18:00 - 2004-08-04 06:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe
Task: C:\WINDOWS\Tasks\GBM - RugOne-Full.job => C:\Program Files\Genie9\Genie Backup Manager\GBM.EXE

==================== Loaded Modules (whitelisted) =============

2008-03-19 15:09 - 2006-12-11 16:12 - 00176235 _____ () C:\WINDOWS\system32\Primomonnt.dll
2008-09-12 13:52 - 2004-09-16 10:49 - 00009216 _____ () C:\WINDOWS\system32\tpfmon.dll
2010-04-29 12:52 - 2002-11-26 13:43 - 00106496 ____N () C:\WINDOWS\system32\BrMuSNMP.dll
2008-03-14 10:11 - 2006-08-18 13:17 - 00056056 _____ () C:\WINDOWS\system32\DLAAPI_W.DLL
2011-10-14 13:25 - 2011-10-14 13:25 - 00111160 _____ () C:\Program Files\HP\StatusAlerts\bin\nativeutils.dll
2012-05-21 03:56 - 2012-05-21 03:56 - 00196608 _____ () C:\Program Files\Genie9\Genie Backup Manager\GSLogging.dll
2012-05-21 03:57 - 2012-05-21 03:57 - 00196608 _____ () C:\Program Files\Genie9\Genie Backup Manager\gs_encryption.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00268688 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\boost_regex-vc90-mt-p-1_33.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00020880 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QBCompressor.dll
2005-07-19 23:18 - 2005-07-19 23:18 - 00059904 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\zlib1.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00348048 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\BackupLib.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00126352 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QBMAPILibrary.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00176528 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\boost_serialization-vc90-mt-p-1_33.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00042384 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\mbpopup.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00101264 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\ReportBridge.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00070032 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\QB2WPFBridge.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00098192 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\Webification.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00803216 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\HPD.dll
2012-10-24 09:57 - 2012-10-24 09:57 - 00049552 _____ () C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\HPDBridge.dll
2014-09-05 10:50 - 2014-09-05 10:50 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2007-04-19 13:53 - 2007-04-19 13:53 - 00109408 _____ () C:\Program Files\Microsoft Office\OFFICE11\OUTLCTL.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist Remote Support Customer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Canon PC1200 iC D600 iR1200G Status Window.LNK => C:\WINDOWS\pss\Canon PC1200 iC D600 iR1200G Status Window.LNKCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\WINDOWS\pss\Intuit Data Protect.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk => C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Web Connector.lnk => C:\WINDOWS\pss\QuickBooks Web Connector.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: Logitech Utility => Logi_MwX.Exe
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: OpwareSE2 => "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/09/2014 01:42:49 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (09/09/2014 01:42:49 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (09/09/2014 01:40:33 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (09/09/2014 01:40:33 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (09/09/2014 11:49:10 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions 11.0":
DMError Information:-6069Additional Info:An Invalid Id or password was specified.

Error: (09/09/2014 11:49:10 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions 11.0":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (09/09/2014 11:49:10 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions 11.0":
Connection String:CON=QBConnectionPool-Probe-QB_MAIN_21;;DBF=C:\Documents and Settings\All Users\Documents\Intuit\QuickBooks\Company Files\Rug One Imports Ltd.QBW;CommLinks="ShMem,tcpip(IP=192.168.1.2;TO=5;DOBROADCAST=NONE;port=55343)";ServerName=QB_MAIN_21;DBN=7f9cd8e763cf479889ca68f6933d37c5

Error: (09/09/2014 11:49:10 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions 11.0":
Connection Error:Invalid user ID or password

Error: (09/09/2014 11:48:27 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (09/09/2014 11:48:27 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle


System errors:
=============
Error: (09/09/2014 11:29:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP LaserJet Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/03/2014 09:34:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP LaserJet Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/27/2014 03:53:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP LaserJet Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/25/2014 04:17:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP LaserJet Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/20/2014 04:27:22 PM) (Source: ipnathlp) (EventID: 32003) (User: )
Description: The Network Address Translator (NAT) was unable to request an operation
of the kernel-mode translation module.
This may indicate misconfiguration, insufficient resources, or
an internal error.
The data is the error code.

Error: (08/11/2014 11:20:23 PM) (Source: 0) (EventID: 10) (User: )
Description: C:

Error: (08/08/2014 10:26:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP LaserJet Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E4500 @ 2.20GHz
Percentage of memory in use: 69%
Total physical RAM: 2036.89 MB
Available physical RAM: 628.31 MB
Total Pagefile: 3929.1 MB
Available Pagefile: 2506.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.96 GB) (Free:111.23 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:16 PM

Posted 14 September 2014 - 01:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/547509 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:16 PM

Posted 19 September 2014 - 01:50 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users