Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Crashed: Lost all File Associations and Services Including Network for Internet


  • This topic is locked This topic is locked
43 replies to this topic

#1 pm0620

pm0620

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 29 October 2014 - 08:49 PM

I cannot do anything.  All file associations are corrupted, all services are deactivated or not recognized.  I have lost my Network Services, therefore my internet.  None of my scanners/printers show up as connected items in the Control panel.  It is like I was wiped clean.  I tried System Restore and got an error that "System Restore is not able to protect your computer, please restart and run again"  I get the same error.  I had Malwarebytes and CCleaner already loaded and those ran, but Malwarebytes didnt find anything, although I couldn't update it without internet.
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 7.0.6000.21376  BrowserJavaVersion: 10.67.2
Run by pkmcclellan at 20:25:58 on 2014-10-29
.
============== Running Processes ================
.
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe
C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe
C:\Program Files\iolo\System Mechanic Professional\ioloGovernor.exe
C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Akamai\netsession_win.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\pkmcclellan\Local Settings\Apps\2.0\VPR8GMYK.WZG\33BQD6R8.RBB\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\NETGEAR\WN111v2\WN111V2.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Akamai\netsession_win.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.Google.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar6.dll
TB: <No Name>:  - LocalServer32 - <no file>
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Akamai NetSession Interface] "c:\documents and settings\pkmcclellan\local settings\application data\akamai\netsession_win.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
uRun: [DellSystemDetect] c:\documents and settings\pkmcclellan\local settings\apps\2.0\vpr8gmyk.wzg\33bqd6r8.rbb\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ioloGovernor] c:\program files\iolo\system mechanic professional\ioloGovernor.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
Trusted Zone: dell.com
DPF: PackageCab - hxxp://ak.imgag.com/imgag/cp/install/AxCtp2.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxp://dynamicsnavtestdrive.com/ActiveX/VMRCActiveXClient1.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1213140622671
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1208523242609
DPF: {6F750202-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {6F750203-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {94B82441-A413-4E43-8422-D49930E69764} - hxxps://chat1.j2.com/Media/VisitorchatEnu/TLIEFlash.CAB
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.31.5/ttinst.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F80B9305-A013-11D2-BD23-00A024978908} - file://d:\viewer\accuradimage.cab
DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} - hxxp://www.iolo.com/app/ocx/UpgradeVerify.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: schmap-help - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\38.0.2125.104\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? dlcd_device;dlcd_device
R? hitmanpro37;HitmanPro 3.7 Support Driver
R? IntuitUpdateServiceV4;Intuit Update Service v4
R? ioloSystemService;iolo System Service
R? jswpsapi;Jumpstart Wifi Protected Setup
R? McrdSvc;Media Center Extender Service
R? NgFilter;Aventail VPN Filter
R? NgLog;Aventail VPN Logging
R? NgVpnMgr;Aventail VPN Client
R? NgWfp;Aventail VPN Callout
R? PciCon;PciCon
R? vseqrts;vseqrts
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AMP;Active Malware Protection Minifilter Driver
S? AMPSE;Active Malware Protection Support Driver
S? DNINDIS5;DNINDIS5 NDIS Protocol Driver
S? JSWSCIMD;jswscimd Service
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? MBAMSwissArmy;MBAMSwissArmy
S? NgVpn;Aventail VPN Adapter
S? PDFsFilter;PDFsFilter
S? vseamps;vseamps
S? vsedsps;vsedsps
S? WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE %1
FileExt: .js: JSFile=NOTEPAD.EXE %1
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2014-10-27 04:06:13 -------- d-----w- c:\documents and settings\pkmcclellan\application data\Solvusoft
2014-10-27 03:48:33 411552 ----a-w- c:\windows\system32\drivers\ujovcqjd.sys
2014-10-27 03:47:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-10-27 03:29:14 -------- d-----w- C:\TDSSKiller_Quarantine
2014-10-27 02:59:46 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-27 02:59:18 54360 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-27 02:59:18 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-27 02:59:18 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-10-26 17:01:12 411552 ----a-w- c:\windows\system32\drivers\lenlyijk.sys
2014-10-26 17:01:05 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2014-10-26 16:06:34 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-26 16:06:30 -------- d-----w- c:\documents and settings\all users\application data\RogueKiller
2014-10-25 02:58:36 -------- d-----w- c:\documents and settings\all users\application data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
.
==================== Find3M  ====================
.
2014-09-24 01:24:52 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-24 01:24:50 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-17 09:47:56 30976 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2014-09-07 17:46:46 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-09-07 17:46:44 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-09-07 13:31:10 13340040 ----a-w- c:\documents and settings\all users\Tempmozy-manualupdate-9eab8da73ae2b5055aa2cdcb0880ba90.exe
2014-08-13 04:57:14 41616 ----a-w- c:\windows\system32\iolobtdfg.exe
2014-08-13 04:57:06 23568 ----a-w- c:\windows\system32\smrgdf.exe
2014-08-13 04:41:18 2097984 ----a-w- c:\windows\system32\Incinerator32.dll
2014-08-08 10:52:32 13334768 ----a-w- c:\documents and settings\all users\Tempmozy-manualupdate-591229f46f4b4c672e4eb66432c623af.exe
.
============= FINISH: 20:28:55.21 ===============

.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709n
944plc32
ABBYY FineReader 6.0 Sprint
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.08)
Akamai NetSession Interface
Alohabob PC Relocator Ultra Control
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 6
Aventail Access Manager
Aventail Connect
Aventail Web Proxy Agent
Aventail Webifiers
AVSDK5
Banctec Service Agreement
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
CCleaner
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Consumer Complete Care Services Agreement
Creative MediaSource
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Digital Jukebox Driver
Dell Driver Download Manager
Dell Driver Reset Tool
Dell Game Console
Dell System Detect
Dell System Restore
DellSupport
Destination Component
DeviceDiscovery
Digital Content Portal
Digital Line Detect
DocMgr
DocProc
Fax
Google Chrome
Google Update Helper
GPBaseService2
Hewlett-Packard ACLM.NET v1.1.0.0
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Officejet 6500 E709 Series
HP Product Detection
HP Smart Web Printing
HP Solution Center 12.0
HP Update
HPDiagnosticAlert
HPProductAssistant
Intel A/V Codecs V2.0
Intel® Matrix Storage Manager
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
iolo technologies' System Mechanic Professional
iPod for Windows 2006-06-28
iPod Reset Utility
ItsDeductible Express
iTunes
Java 7 Update 67
Java Auto Updater
Logitech Webcam Software
Logitech Webcam Software Driver Package
Macromedia Flash Player
Malwarebytes Anti-Malware version 2.0.3.1025
MarketResearch
MCU
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.0 Security Update (KB2904878)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Web Access S/MIME
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MobileMe Control Panel
Modem Helper
MozyHome
MSVCSetup
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicmatch for Windows Media Player
Musicmatch® Jukebox
My Dell
NetWaiting
Network
Nikon Message Center 2
Nikon Movie Editor
NVIDIA Control Panel 285.58
NVIDIA Install Application
NVIDIA nView 135.95
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.11.0621
NVIDIA Update 1.5.20
NVIDIA Update Components
OCR Software by I.R.I.S. 12.0
Picture Control Utility
PowerDVD 5.5
ProductContext
Quicken 2014
QuickTime 7
RangeMax Wireless-N USB Adapter WN111v2
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2863942) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB2722913)
Security Update for Windows Internet Explorer 7 (KB2744842)
Security Update for Windows Internet Explorer 7 (KB2761465)
Security Update for Windows Internet Explorer 7 (KB2792100)
Security Update for Windows Internet Explorer 7 (KB2797052)
Security Update for Windows Internet Explorer 7 (KB2799329)
Security Update for Windows Internet Explorer 7 (KB2809289)
Security Update for Windows Internet Explorer 7 (KB2817183)
Security Update for Windows Internet Explorer 7 (KB2829530)
Security Update for Windows Internet Explorer 7 (KB2838727)
Security Update for Windows Internet Explorer 7 (KB2846071)
Security Update for Windows Internet Explorer 7 (KB2862772)
Security Update for Windows Internet Explorer 7 (KB2870699)
Security Update for Windows Internet Explorer 7 (KB2879017)
Security Update for Windows Internet Explorer 7 (KB2888505)
Security Update for Windows Internet Explorer 7 (KB2898785)
Security Update for Windows Internet Explorer 7 (KB2909921)
Security Update for Windows Internet Explorer 7 (KB2925418)
Security Update for Windows Internet Explorer 7 (KB2936068)
Security Update for Windows Internet Explorer 7 (KB2964358)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2909212)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2922229)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SigmaTel Audio
SmartWebPrinting
SolutionCenter
Sonic Audio module
Sonic Copy Module
Sonic DLA
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Data
Sonic Update Manager
Sound Blaster Audigy ADVANCED MB
Sound Blaster Audigy ADVANCED MB Product Registration
Status
System Mechanic 14 Professional
System Requirements Lab
Toolbox
TrayApp
TurboTax 2012
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wmniper
TurboTax 2012 wrapper
TurboTax 2013
TurboTax 2013 WinPerFedFormset
TurboTax 2013 WinPerReleaseEngine
TurboTax 2013 WinPerTaxSupport
TurboTax 2013 wmniper
TurboTax 2013 wrapper
Unity Web Player
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
ViewNX 2
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
WexTech AnswerWorks
WildTangent Web Driver
Windows 7 Upgrade Advisor
Windows Easy Transfer for Windows 7
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer Clean Up
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows PowerShell™ 1.0
Windows Search 4.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinZip 14.5
WN111v2
Yahoo! Software Update
.
==== End Of File ===========================

Attached Files


Edited by Oh My!, 07 November 2014 - 10:33 AM.
Posted Attach


BC AdBot (Login to Remove)

 


#2 pm0620

pm0620
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 29 October 2014 - 08:52 PM

I should add that I can restart and shutdown.  If I try to put the computer in hibernate, I get the blue screen data dump.  



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:03 PM

Posted 04 November 2014 - 03:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/553936 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,419 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:03 AM

Posted 07 November 2014 - 10:35 AM

Greetings pm0620 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please attempt to run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 pm0620

pm0620
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 07 November 2014 - 06:00 PM

Hi,
 
Thank you.  I am still not functioning.  The problem really reside with Services lost or disabled and I cannot reactivate because dependent services are also disabled and I cannot open Properties to see what they are.  msinfo32 will not open for me, but I have attached the two notes. Because services are disable....seems RPC is a critical service that is down, I do not have internet service.  I need to operate from my laptop, download files and transfer via USB to the my affected desktop.  Just wanted you to know I am limited.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by pkmcclellan (administrator) on MCCLELLAN on 07-11-2014 16:49:10
Running from E:\Bleeping Computer
Loaded Profile: pkmcclellan (Available profiles: pkmcclellan & UpdatusUser & Administrator)
Platform: Microsoft Windows XP Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(CYREN Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe
(CYREN Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SigmatelSysTrayApp] => C:\WINDOWS\stsystra.exe [339968 2005-03-22] (SigmaTel, Inc.)
HKLM\...\Run: [Qcapepux] => rundll32.exe "C:\WINDOWS\unovopiw.dll",Startup
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ioloGovernor] => C:\Program Files\iolo\System Mechanic Professional\ioloGovernor.exe [870224 2014-08-12] (iolo technologies, LLC)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-02-18] (Hewlett-Packard)
HKLM\...\Run: [DVDLauncher] => C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [53248 2005-02-23] (CyberLink Corp.)
HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [127037 2005-03-16] (Sonic Solutions)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-06-09] (Google Inc.)
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [Pfiyoz] => rundll32.exe "C:\WINDOWS\mpcrypra.dll",Startup
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [DellSystemDetect] => C:\Documents and Settings\pkmcclellan\Local Settings\Apps\2.0\VPR8GMYK.WZG\33BQD6R8.RBB\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe [265280 2014-09-03] (Dell)
HKU\S-1-5-18\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-06-09] (Google Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk
ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk
ShortcutTarget: NETGEAR WN111v2 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WN111v2\WN111V2.exe (NETGEAR)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.pandora.com/#/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - {15955FAB-B396-4C29-8213-0EFEBDC35CF7} URL = http://video.yahoo.com/video/search?p={searchTerms}&fr=yie7c
SearchScopes: HKLM - {5A13E048-F59F-4204-BECF-34649D92E0AF} URL = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKLM - {7B4A7144-0299-4031-9FD0-13537E0CC3F8} URL = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
SearchScopes: HKLM - {8FCE86B2-710A-4541-8D6F-CF196F8AB1FE} URL = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
SearchScopes: HKLM - {E9022274-B9FF-4715-BD0C-EC3179DE6996} URL = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
SearchScopes: HKCU - {1DA5E789-5796-4320-8D5D-C284CC42B622} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=524517&p={searchTerms}
SearchScopes: HKCU - {9DD523C5-8139-4FCC-B301-39D40E615216} URL = http://internetsearchservice.com/search?q={searchTerms}
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> c:\program files\google\googletoolbar6.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {BB670D0B-5C46-40C7-B38B-40DD26987723} - No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar6.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {BB670D0B-5C46-40C7-B38B-40DD26987723} - No File
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} http://dynamicsnavtestdrive.com/ActiveX/VMRCActiveXClient1.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
DPF: {6F750202-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {94B82441-A413-4E43-8422-D49930E69764} https://chat1.j2.com/Media/VisitorchatEnu/TLIEFlash.CAB
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} http://a.download.toontown.com/sv1.0.31.5/ttinst.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F80B9305-A013-11D2-BD23-00A024978908} file://D:\viewer\accuradimage.cab
DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} http://www.iolo.com/app/ocx/UpgradeVerify.cab
Handler: schmap-help - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\WINDOWS\Downloaded Program Files\mimectl.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\WINDOWS\system32\iavlsp.dll [118784] (iolo technologies, LLC)
Winsock: Catalog9 02 C:\WINDOWS\system32\iavlsp.dll [118784] (iolo technologies, LLC)
Winsock: Catalog9 28 C:\WINDOWS\system32\iavlsp.dll [118784] (iolo technologies, LLC)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-11-01]
FF HKLM\...\Firefox\Extensions: [{38C1E278-96A3-4ECB-A9E3-6ABEB2E11FE6}] - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\{38C1E278-96A3-4ECB-A9E3-6ABEB2E11FE6}
FF Extension: XULRunner - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\{38C1E278-96A3-4ECB-A9E3-6ABEB2E11FE6} [2011-01-25]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011-07-14]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.pandora.com/", "hxxp://www.yahoo.com/", "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-16]
CHR Extension: (Google Docs) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-16]
CHR Extension: (Google Drive) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-23]
CHR Extension: (YouTube) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-16]
CHR Extension: (Google Search) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-16]
CHR Extension: (Google Sheets) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-16]
CHR Extension: (Google Wallet) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-31]
CHR Extension: (Gmail) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-16]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S2 ACS; C:\WINDOWS\system32\acs.exe [467028 2008-06-27] (Atheros)
S4 Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [69632 2006-01-05] (Creative Labs)
S4 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
S4 dlcd_device; C:\WINDOWS\system32\dlcdcoms.exe [538096 2007-01-16] ( )
S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
S4 GameConsoleService; C:\Program Files\WildTangent\Apps\Dell Game Console\GameConsoleService.exe [181784 2007-08-30] (WildTangent, Inc.)
S2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
S2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-08-12] (iolo technologies, LLC)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-07] (Oracle Corporation)
S3 jswpsapi; C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe [360547 2008-02-27] (Atheros Communications, Inc.)
S2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [53016 2011-08-04] (Mozy, Inc.)
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation)
S4 NgVpnMgr; C:\WINDOWS\system32\ngvpnmgr.exe [240760 2009-11-20] (Aventail Corporation)
S2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120 2011-10-07] (NVIDIA Corporation)
S2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
R2 vseamps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe [97544 2014-03-25] (CYREN Inc.)
R2 vsedsps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe [97544 2014-03-25] (CYREN Inc.)
S3 vseqrts; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe [142600 2014-03-25] (CYREN Inc.)
S2 DcomLaunch; %SystemRoot%\system32\rpcss.dll [X]
S2 RpcSs; %SystemRoot%\system32\rpcss.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S2 AMP; C:\WINDOWS\system32\Drivers\amp.sys [139528 2014-03-25] (CYREN Inc.)
S2 AMPSE; C:\WINDOWS\system32\Drivers\ampse.sys [1386760 2014-03-25] (CYREN Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CTUSFSYN; C:\WINDOWS\System32\drivers\ctusfsyn.sys [158464 2005-05-25] (Creative Technology Ltd.)
S3 DNINDIS5; C:\WINDOWS\system32\DNINDIS5.SYS [17149 2003-07-24] (Printing Communications Assoc., Inc. (PCAUSA))
S2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40544 2004-12-23] (Sonic Solutions)
S1 FileDisk; C:\WINDOWS\system32\Drivers\FileDisk.sys [9341 2014-07-16] (iolo technologies, LLC (based on original work by Bo Brantén))
S3 FilterService; C:\WINDOWS\System32\DRIVERS\lvuvcflt.sys [23832 2009-10-07] (Logitech Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2014-09-17] ()
S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)
S3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.SYS [1035008 2005-07-22] (Conexant Systems, Inc.)
S3 JSWSCIMD; C:\WINDOWS\System32\DRIVERS\jswscimd.sys [57440 2008-10-01] (Atheros Communications, Inc.)
S3 LVPr2Mon; C:\WINDOWS\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
S1 mozyFilter; C:\WINDOWS\System32\DRIVERS\mozy.sys [55520 2013-05-21] (Mozy, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 netrcacm; C:\WINDOWS\System32\DRIVERS\netrcacm.sys [20648 2003-04-02] (Thomson Inc.)
S3 NgFilter; C:\WINDOWS\System32\DRIVERS\ngfilter.sys [22552 2009-11-20] (Aventail Corporation)
S3 NgLog; C:\WINDOWS\System32\DRIVERS\nglog.sys [27160 2009-11-20] (Aventail Corporation)
S3 NgVpn; C:\WINDOWS\System32\DRIVERS\ngvpn.sys [79896 2009-11-20] (Aventail Corporation)
S3 NgWfp; C:\WINDOWS\System32\DRIVERS\ngwfp.sys [25112 2009-11-20] (Aventail Corporation)
S2 PDFsFilter; C:\WINDOWS\System32\DRIVERS\PDFsFilter.sys [68464 2014-07-16] (Raxco Software, Inc.)
S3 sigfilt; C:\WINDOWS\System32\drivers\sigfilt.sys [1350272 2005-03-24] (Creative Technology Ltd.)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-12-02] (Sonic Solutions)
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-12-02] (Sonic Solutions)
S3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [180736 2005-06-06] (SigmaTel, Inc.)
S2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25725 2005-03-16] (Sonic Solutions)
S2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34845 2005-03-16] (Sonic Solutions)
S2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4125 2005-03-16] (Sonic Solutions)
S2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2241 2005-03-16] (Sonic Solutions)
S2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86684 2005-03-16] (Sonic Solutions)
S2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [14877 2005-03-16] (Sonic Solutions)
S2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6365 2005-03-16] (Sonic Solutions)
S2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98716 2005-03-16] (Sonic Solutions)
S2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100605 2005-03-16] (Sonic Solutions)
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [34808 2014-10-26] ()
S3 WN111v2; C:\WINDOWS\System32\DRIVERS\WN111v2.sys [453120 2008-09-30] (Atheros Communications, Inc.)
S3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [57408 2007-12-14] (Atheros Communications, Inc.)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S2 MCSTRM; No ImagePath
S3 PciCon; \??\D:\PciCon.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 UIUSys; system32\drivers\UIUSys.sys [X]
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
S3 WinDriver6; system32\drivers\windrvr6.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 16:46 - 2014-11-07 16:49 - 00000000 ____D () C:\FRST
2014-11-04 08:21 - 2014-11-04 08:21 - 00000358 _____ () C:\WINDOWS\wmsetup.log
2014-11-04 05:09 - 2014-11-04 05:09 - 00090112 _____ () C:\WINDOWS\Minidump\Mini110414-01.dmp
2014-11-03 12:42 - 2014-11-03 13:02 - 00105298 _____ () C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\FASTWiz.log
2014-11-03 06:30 - 2014-11-03 06:30 - 00000000 ____H () C:\WINDOWS\system32\config\SYSTEM.sav.LOG
2014-11-03 06:30 - 2014-11-03 06:30 - 00000000 ____H () C:\WINDOWS\system32\config\Software.sav.LOG
2014-11-03 06:25 - 2014-11-03 06:25 - 00000000 ____H () C:\WINDOWS\system32\config\SECURITY.sav.LOG
2014-11-03 06:25 - 2014-11-03 06:25 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.sav.LOG
2014-11-03 06:22 - 2014-11-03 06:31 - 00003104 _____ () C:\WINDOWS\system32\ASOROSet.bin
2014-11-03 06:22 - 2014-11-03 06:22 - 00000000 ____D () C:\WINDOWS\system32\config\RCCBakup
2014-11-02 22:37 - 2012-10-15 17:02 - 00017840 _____ (solvusoft) C:\WINDOWS\system32\roboot.exe
2014-11-02 20:42 - 2014-11-02 20:42 - 00090112 _____ () C:\WINDOWS\Minidump\Mini110214-02.dmp
2014-11-02 19:59 - 2014-11-02 19:59 - 00000000 ____D () C:\WINDOWS\system32\Cache
2014-11-02 19:57 - 2001-08-17 22:36 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_seos.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\regtrace.exe
2014-11-02 19:57 - 2001-08-17 22:36 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2014-11-02 19:57 - 2001-08-17 22:36 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smtpctrs.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\snprfdll.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2014-11-02 19:57 - 2001-07-21 14:23 - 00021791 _____ () C:\WINDOWS\system32\smtpctrs.ini
2014-11-02 19:57 - 2001-07-21 14:23 - 00008002 _____ () C:\WINDOWS\system32\smtpctrs.h
2014-11-02 19:57 - 2001-07-21 14:23 - 00001037 _____ () C:\WINDOWS\system32\ntfsdrct.ini
2014-11-02 19:57 - 2001-07-21 14:23 - 00000773 _____ () C:\WINDOWS\system32\ntfsdrct.h
2014-11-02 19:56 - 2001-08-17 22:36 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcachdll.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsiisex.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3ext.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisclex4.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\convlog.exe
2014-11-02 19:50 - 2004-08-10 05:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\convlog.exe
2014-11-02 19:50 - 2004-08-10 05:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nextlink.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adrot.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\browscap.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00038576 _____ () C:\WINDOWS\system32\w3ctrs.ini
2014-11-02 19:50 - 2004-08-10 05:00 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\controt.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pagecnt.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asptxn.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mdsync.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logscrpt.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\permchk.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\counters.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsloc.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iiscrmap.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\status.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-11-02 19:50 - 2004-08-10 05:00 - 00011435 _____ () C:\WINDOWS\system32\infoctrs.ini
2014-11-02 19:50 - 2004-08-10 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aspperf.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspperf.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00010225 _____ () C:\WINDOWS\system32\axperf.ini
2014-11-02 19:50 - 2004-08-10 05:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamps51.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iwrps.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\authfilt.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\infoctrs.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infoctrs.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isapips.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iissync.exe
2014-11-02 19:50 - 2004-08-10 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftpsapi2.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admxprox.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\admxprox.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\w3svapi.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3svapi.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00005379 _____ () C:\WINDOWS\system32\w3ctrs.h
2014-11-02 19:50 - 2004-08-10 05:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\w3ctrs.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3ctrs51.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iismui.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iismui.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00003276 _____ () C:\WINDOWS\system32\infoctrs.h
2014-11-02 19:50 - 2004-08-10 05:00 - 00002024 _____ () C:\WINDOWS\system32\axctrnm.h
2014-11-02 19:49 - 2014-11-02 19:59 - 00000000 ____D () C:\Inetpub
2014-11-02 19:49 - 2014-11-02 19:49 - 00000000 ____D () C:\WINDOWS\system32\msmq
2014-11-02 13:00 - 2014-11-03 05:22 - 00049046 _____ () C:\WINDOWS\ocgen.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00048040 _____ () C:\WINDOWS\FaxSetup.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00041774 _____ () C:\WINDOWS\msmqinst.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00030516 _____ () C:\WINDOWS\tsoc.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00029856 _____ () C:\WINDOWS\comsetup.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00027359 _____ () C:\WINDOWS\ntdtcsetup.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00013486 _____ () C:\WINDOWS\plusoc.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00009855 _____ () C:\WINDOWS\netfxocm.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00005440 _____ () C:\WINDOWS\ehOCGen.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00004819 _____ () C:\WINDOWS\imsins.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00004511 _____ () C:\WINDOWS\MedCtrOC.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00003339 _____ () C:\WINDOWS\ocmsn.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00003249 _____ () C:\WINDOWS\msgsocm.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00001555 _____ () C:\WINDOWS\tabletoc.log
2014-11-02 13:00 - 2014-11-02 20:02 - 00004819 _____ () C:\WINDOWS\imsins.BAK
2014-11-02 13:00 - 2014-11-02 13:33 - 00080287 _____ () C:\WINDOWS\spuninst.log
2014-11-02 12:34 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-11-02 11:40 - 2014-11-02 20:27 - 00035761 _____ () C:\WINDOWS\svcpack.log
2014-11-02 11:40 - 2014-11-02 20:17 - 00000000 ____D () C:\WINDOWS\system32\CatRoot_bak
2014-11-02 09:46 - 2014-11-02 09:59 - 00008254 _____ () C:\WINDOWS\KB942288-v3.log
2014-11-02 08:38 - 2014-11-02 08:37 - 00090112 _____ () C:\WINDOWS\Minidump\Mini110214-01.dmp
2014-11-02 07:14 - 2014-11-02 13:46 - 00001350 _____ () C:\WINDOWS\DHCPUPG.LOG
2014-11-02 07:14 - 2014-11-02 13:46 - 00000590 _____ () C:\WINDOWS\WINNT32.LOG
2014-11-01 12:02 - 2014-11-01 12:02 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Application Data\Logitech
2014-10-31 21:07 - 2014-10-31 21:09 - 00000000 ____D () C:\591e9b114391426eb244
2014-10-31 21:07 - 2014-10-31 21:07 - 00000000 ____D () C:\Program Files\ACW
2014-10-31 04:34 - 2004-08-10 05:00 - 00107882 _____ () C:\WINDOWS\system32\mib_ii.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00049275 _____ () C:\WINDOWS\system32\wfospf.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00048593 _____ () C:\WINDOWS\system32\hostmib.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00038608 _____ () C:\WINDOWS\system32\nipx.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00034317 _____ () C:\WINDOWS\system32\msiprip2.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00030448 _____ () C:\WINDOWS\system32\mcastmib.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00026236 _____ () C:\WINDOWS\system32\wins.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00026100 _____ () C:\WINDOWS\system32\lmmib2.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00021386 _____ () C:\WINDOWS\system32\mipx.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00020079 _____ () C:\WINDOWS\system32\http.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00016617 _____ () C:\WINDOWS\system32\authserv.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsm.dll
2014-10-31 04:34 - 2004-08-10 05:00 - 00015799 _____ () C:\WINDOWS\system32\ipforwd.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00015597 _____ () C:\WINDOWS\system32\accserv.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00013767 _____ () C:\WINDOWS\system32\msipbtp.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00010313 _____ () C:\WINDOWS\system32\mripsap.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpstup.dll
2014-10-31 04:34 - 2004-08-10 05:00 - 00006179 _____ () C:\WINDOWS\system32\ftp.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smimsgif.dll
2014-10-31 04:34 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsy.dll
2014-10-31 04:34 - 2004-08-10 05:00 - 00004597 _____ () C:\WINDOWS\system32\dhcp.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00004332 _____ () C:\WINDOWS\system32\smi.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00000698 _____ () C:\WINDOWS\system32\inetsrv.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00000581 _____ () C:\WINDOWS\system32\msft.mib
2014-10-31 04:33 - 2014-11-03 05:22 - 00328748 _____ () C:\WINDOWS\iis6.log
2014-10-30 03:59 - 2014-10-30 03:59 - 00090112 _____ () C:\WINDOWS\Minidump\Mini103014-01.dmp
2014-10-29 19:28 - 2014-10-29 19:28 - 00026128 _____ () C:\Documents and Settings\pkmcclellan\Desktop\attach.txt
2014-10-29 19:28 - 2014-10-29 19:28 - 00013400 _____ () C:\Documents and Settings\pkmcclellan\Desktop\dds.txt
2014-10-27 05:16 - 2014-10-27 05:16 - 00090112 _____ () C:\WINDOWS\Minidump\Mini102714-02.dmp
2014-10-27 03:28 - 2014-11-03 12:47 - 00942193 _____ () C:\WINDOWS\setupapi.log
2014-10-27 03:12 - 2014-10-27 03:12 - 00090112 _____ () C:\WINDOWS\Minidump\Mini102714-01.dmp
2014-10-26 22:43 - 2014-11-07 16:43 - 00197864 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-26 22:19 - 2014-11-02 19:59 - 00000429 _____ () C:\WINDOWS\setupact.log
2014-10-26 22:19 - 2014-11-02 19:59 - 00000116 _____ () C:\WINDOWS\setuperr.log
2014-10-26 22:15 - 2014-10-26 22:16 - 00009996 _____ () C:\Documents and Settings\pkmcclellan\My Documents\cc_20141026_231413.reg
2014-10-26 22:06 - 2014-11-04 08:15 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Application Data\Solvusoft
2014-10-26 21:48 - 2014-10-26 21:48 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ujovcqjd.sys
2014-10-26 21:47 - 2014-10-26 21:47 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-10-26 21:29 - 2014-10-26 21:29 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-10-26 18:26 - 2014-10-31 03:52 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-10-26 11:01 - 2014-10-26 11:01 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\lenlyijk.sys
2014-10-26 11:01 - 2014-10-26 11:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-10-26 10:06 - 2014-10-26 20:47 - 00034808 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-10-26 10:06 - 2014-10-26 10:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-10-26 09:56 - 2014-10-26 09:56 - 00000000 __SHD () C:\WINDOWS\CSC
2014-10-26 06:56 - 2014-10-26 06:56 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\iolo
2014-10-26 06:00 - 2014-10-26 06:00 - 00000408 _____ () C:\WINDOWS\system32\iolo.ini
2014-10-24 20:59 - 2014-10-24 20:59 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-10-24 20:59 - 2014-10-24 20:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-10-24 20:58 - 2014-10-24 20:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-10-20 19:07 - 2014-10-20 19:08 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-20 19:07 - 2014-10-20 19:07 - 00001734 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
2014-10-10 04:27 - 2014-10-10 04:27 - 00049059 ____N () C:\Documents and Settings\pkmcclellan\Desktop\Basketball Drills.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 16:49 - 2006-01-11 05:33 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Local Settings\Temp
2014-11-07 16:48 - 2005-08-16 04:49 - 00000178 ___SH () C:\Documents and Settings\NetworkService\ntuser.ini
2014-11-07 16:43 - 2010-08-03 12:51 - 01048576 _____ () C:\WINDOWS\system32\config\iolo App.evt
2014-11-07 16:43 - 2006-01-11 05:33 - 00000178 ___SH () C:\Documents and Settings\pkmcclellan\ntuser.ini
2014-11-07 16:29 - 2005-08-16 04:18 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-04 14:52 - 2005-08-16 04:22 - 00000000 ____D () C:\WINDOWS\Help
2014-11-04 08:22 - 2006-01-11 05:33 - 00000000 ____D () C:\Documents and Settings\pkmcclellan
2014-11-04 08:21 - 2009-04-20 18:28 - 00000803 _____ () C:\Documents and Settings\pkmcclellan\Start Menu\Programs\Internet Explorer.lnk
2014-11-04 08:21 - 2005-08-16 04:38 - 00000785 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2014-11-04 05:09 - 2006-01-09 22:50 - 00000000 ____D () C:\WINDOWS\Minidump
2014-11-03 06:31 - 2006-01-05 15:38 - 62652416 _____ () C:\WINDOWS\system32\config\Software.bak
2014-11-03 06:31 - 2006-01-05 15:38 - 11272192 _____ () C:\WINDOWS\system32\config\SYSTEM.bak
2014-11-03 06:31 - 2005-08-16 04:49 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-11-03 06:31 - 2005-08-15 22:27 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-11-03 06:30 - 2005-08-16 04:49 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-11-03 06:24 - 2005-08-15 22:27 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-11-03 05:28 - 2005-08-16 04:22 - 00000000 ____D () C:\WINDOWS\security
2014-11-03 05:22 - 2005-08-16 04:33 - 00694744 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-02 20:03 - 2005-08-16 04:22 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-11-02 19:13 - 2011-07-11 08:58 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2014-11-02 14:09 - 2010-02-01 05:27 - 00041981 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-11-02 08:44 - 2005-08-16 04:50 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-11-01 12:00 - 2009-01-31 20:01 - 00002339 _____ () C:\Documents and Settings\pkmcclellan\Start Menu\Programs\Windows Install Clean Up.lnk
2014-11-01 09:26 - 2005-08-16 04:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-10-31 21:21 - 2007-03-26 04:07 - 00000000 ____D () C:\WINDOWS\pss
2014-10-31 21:21 - 2006-01-05 09:38 - 00000209 __RSH () C:\boot.ini
2014-10-31 21:21 - 2005-08-16 04:18 - 00000582 _____ () C:\WINDOWS\win.ini
2014-10-31 21:21 - 2005-08-16 04:18 - 00000227 _____ () C:\WINDOWS\system.ini
2014-10-31 21:18 - 2014-04-09 16:19 - 00005212 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-10-31 04:17 - 2011-05-04 09:04 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-10-31 04:16 - 2014-07-28 12:43 - 00001854 _____ () C:\Documents and Settings\pkmcclellan\Desktop\LiveBoost.lnk
2014-10-31 04:16 - 2014-07-28 12:43 - 00001806 _____ () C:\Documents and Settings\pkmcclellan\Desktop\System Mechanic Professional.lnk
2014-10-31 04:16 - 2014-07-28 12:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic Professional
2014-10-31 04:15 - 2007-01-19 05:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\iolo
2014-10-26 21:59 - 2014-09-16 05:06 - 00000000 ____D () C:\AdwCleaner
2014-10-26 06:39 - 2010-12-29 11:44 - 00524288 _____ () C:\WINDOWS\system32\config\ACS.evt
2014-10-26 06:39 - 2005-08-16 04:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-26 06:35 - 2008-01-08 09:29 - 00000434 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{498E3F7D-1B17-418B-9F9C-FF065F0AC20E}.job
2014-10-26 06:25 - 2014-07-12 12:25 - 00000404 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{EB9F45F2-DD33-432E-AF41-2B4DA5EB25E5}.job
2014-10-26 06:24 - 2012-04-01 05:55 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-26 06:09 - 2014-03-30 04:56 - 00000234 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-10-26 06:09 - 2012-08-26 08:50 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 06:08 - 2012-08-26 08:50 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-26 06:00 - 2009-12-24 08:11 - 00000392 _____ () C:\WINDOWS\system32\iolo.ini.txt
2014-10-25 06:24 - 2006-01-12 20:34 - 00000000 ____D () C:\WINDOWS\system32\config\SM Registry Backup
2014-10-25 06:23 - 2013-03-30 11:05 - 04888396 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1177899150-3433354104-1715971161-1008-0.dat
2014-10-25 06:23 - 2013-03-26 08:56 - 00352600 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-10-24 20:59 - 2009-03-23 04:27 - 00000000 ____D () C:\Program Files\iTunes
2014-10-24 20:58 - 2014-09-28 07:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-10-24 20:58 - 2007-07-04 07:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-24 20:58 - 2006-01-13 23:06 - 00000000 ____D () C:\Program Files\iPod
2014-10-24 17:30 - 2011-08-04 14:15 - 00005272 _____ () C:\WINDOWS\mozy.blk
2014-10-24 17:30 - 2011-08-04 14:15 - 00000448 _____ () C:\WINDOWS\mozy.flt
2014-10-24 17:29 - 2005-08-16 04:22 - 00000000 ____D () C:\WINDOWS\repair
2014-10-23 05:33 - 2005-08-16 04:38 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-22 09:08 - 2014-09-16 19:57 - 00000000 ____D () C:\Avenger
2014-10-21 18:03 - 2011-08-12 01:49 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
2014-10-20 19:08 - 2006-01-13 23:54 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-20 19:07 - 2007-01-13 19:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-10-20 19:06 - 2006-01-05 10:00 - 00000000 ____D () C:\Program Files\Adobe
2014-10-18 12:32 - 2011-05-04 08:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-10-15 10:57 - 2013-07-14 20:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-12 06:56 - 2006-01-12 06:44 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Start Menu\Programs\TurboTax ItsDeductible
2014-10-12 06:56 - 2006-01-12 06:44 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Start Menu\Programs\ItsDeductibleEX
2014-10-12 06:56 - 2006-01-12 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Kodak
2014-10-10 06:26 - 2014-01-06 09:26 - 00000520 _____ () C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2014-10-10 03:38 - 2014-03-30 04:56 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

Files to move or delete:
====================
C:\Documents and Settings\All Users\Tempmozy-autoupdate-0e8b147b53a66c327947fed57aa1d313.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-4a89cedd164c5f5e19189bfd5deb26c7.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-4d208aac92bfd705178bb55cc02619e1.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-8262dfa079e3ea66519693899238bbfb.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-82af9a609219353256cb533e636b9416.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-864934ef6e2b54a6f5dcfa6e472922e2.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-9168e69c9b17c74056d68fc0f28ff63a.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-b6ef32f74275da3b7074b1f807e71343.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-cb6776b6237c85b1f694a26db648ccb0.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-183e1dca3bdb7b84685b9e31ae1c6873.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-411e4958630282cd5509a8735a26b919.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-4ff83994dfb32374e99fb2987f4e5700.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-591229f46f4b4c672e4eb66432c623af.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-6b21c963de7634bf68c213567fcafb17.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-6ccbc1dbf9be075b88974ffd72373e0f.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-73b6f364ab195dc4ccf2aae89db27fa5.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-9c25a149f148f17fec6c964210abc0b0.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-9eab8da73ae2b5055aa2cdcb0880ba90.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-b2dc44eb185732ade88416784fadbd67.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-ed60b0fe8dab42c5b79df371c6deb040.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-efe4ca346ae5931c530ec0699e8812d5.exe
C:\Documents and Settings\All Users\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe
C:\Documents and Settings\All Users\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe
C:\Documents and Settings\All Users\Tempmozy-update-c0261ff8012aad585d55140a9b6ddcb9.exe


Some content of TEMP:
====================
C:\Documents and Settings\pkmcclellan\Local Settings\Temp\dllnt_dump.dll
C:\Documents and Settings\pkmcclellan\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\pkmcclellan\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll IS MISSING <==== ATTENTION!.
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by pkmcclellan at 2014-11-07 16:48:41
Running from E:\Bleeping Computer
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (Version: 50.0.165.000 - Hewlett-Packard) Hidden
944plc32 (HKLM\...\{50AF9AC4-6E62-405A-A269-C02B70A21E64}) (Version: 1.0.0 - Dell)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.41612 - ABBYY Software House)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Alohabob PC Relocator Ultra Control (HKLM\...\InstallShield_{ADF98CF7-1458-412F-976F-BF761A26F2A0}) (Version: 6.2.10.14 - Eisenworld, Inc.)
Alohabob PC Relocator Ultra Control (Version: 6.2.10.14 - Eisenworld, Inc.) Hidden
AOLIcon (Version: 1.00.0000 - Dell) Hidden
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Aventail Access Manager (HKCU\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.3.42 - SonicWALL Inc)
Aventail Access Manager (Version: 10.3.42 - SonicWALL Inc) Hidden
Aventail Connect (HKLM\...\{A2A78788-2792-49BF-AF22-5E9296E568F3}) (Version: 10.3.42 - SonicWALL Aventail)
Aventail Web Proxy Agent (HKLM\...\{9B0B46B3-10DF-4ADA-9501-0129D784563D}) (Version: 10.3.42 - SonicWALL Inc)
Aventail Webifiers (HKLM\...\{54D44AD1-A083-48B9-BD6F-AFD517B7C775}) (Version: 10.3.42 - SonicWALL Inc)
AVSDK5 (Version: 5.4.11 - CYREN Inc.) Hidden
Banctec Service Agreement (HKLM\...\{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}) (Version: 1.11.0000 - Dell)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
Consumer Complete Care Services Agreement (HKLM\...\{E8C06CB3-5DB2-4689-B1DC-4A0220DEA96C}) (Version: 1.11.0000 - Dell)
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.0.0.0 - Dell Inc.)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell Game Console (HKLM\...\Dell Game Console) (Version: - WildTangent)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DocMgr (Version: 120.0.000.000 - Hewlett-Packard) Hidden
DocProc (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Fax (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GPBaseService2 (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HP Customer Participation Program 12.0 (HKLM\...\HPExtendedCapabilities) (Version: 12.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 12.0 (HKLM\...\HP Imaging Device Functions) (Version: 12.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{FA0F0A01-4631-4161-A6C2-948BF694382E}) (Version: 12.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.05 - HP)
HP Solution Center 12.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 12.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Intel A/V Codecs V2.0 (HKLM\...\CodInstl) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® PROSet for Wired Connections (HKLM\...\{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}) (Version: 9.20.0000 - Dell)
iolo technologies' System Mechanic Professional (HKLM\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 14.0.1 - iolo technologies, LLC)
iPod for Windows 2006-06-28 (HKLM\...\InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}) (Version: 4.7.0 - Apple Computer, Inc.)
iPod for Windows 2006-06-28 (Version: 4.7.0 - Apple Computer, Inc.) Hidden
iPod Reset Utility (HKLM\...\{20ED157B-1A84-4DF7-945E-4951A38A9CBA}) (Version: 1.0.4.71 - Apple Inc.)
ItsDeductible Express (HKLM\...\{36495C59-089C-49D1-BD15-9E5BD86DC9A1}) (Version: 1.00.0000 - Intuit)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Macromedia Flash Player (HKLM\...\{0456ebd7-5f67-4ab6-852e-63781e3f389c}) (Version: 7.0.19.0 - Macromedia, Inc.)
MarketResearch (Version: 120.0.226.000 - Hewlett-Packard) Hidden
MCU (Version: 1.00.0000 - Dell) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Web Access S/MIME (HKLM\...\{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}) (Version: 6.5.7651.60 - Microsoft)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version: - )
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
MozyHome (HKLM\...\{DCFDCF4D-F10C-322C-AA4B-5B9A5E3D278B}) (Version: 2.26.7.405 - Mozy, Inc.)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
Network (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
NVIDIA nView 135.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.95 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 1.5.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.5.20 - NVIDIA Corporation)
OCR Software by I.R.I.S. 12.0 (HKLM\...\HPOCR) (Version: 12.0 - HP)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.4.16 - Nikon)
PowerDVD 5.5 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Quicken 2014 (HKLM\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.7.6 - Intuit)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 1.00.0000 - NETGEAR)
Scan (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4493.0 - SigmaTel)
SmartWebPrinting (Version: 120.0.194.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Sonic Audio module (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic Copy Module (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.97 - Sonic Solutions)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.1 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Sound Blaster Audigy ADVANCED MB (HKLM\...\{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}) (Version: 1.0 - )
Sound Blaster Audigy ADVANCED MB Product Registration (HKLM\...\Sound Blaster Audigy ADVANCED MB Product Registration) (Version: - )
Status (Version: 120.0.194.000 - Hewlett-Packard) Hidden
System Mechanic 14 Professional (Version: 14.0.1 - ) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
Toolbox (Version: 120.0.194.000 - Hewlett-Packard) Hidden
TrayApp (Version: 120.0.194.000 - Hewlett-Packard) Hidden
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Unity Web Player (HKLM\...\UnityWebPlayer) (Version: 2.5.0f5_21627 - Unity Technologies ApS)
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.8.3 - Nikon)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 120.0.194.000 - Hewlett-Packard) Hidden
WexTech AnswerWorks (HKLM\...\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}) (Version: 1.00.000 - )
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Easy Transfer for Windows 7 (HKLM\...\WET7Cable) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version: - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinZip 14.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
WN111v2 (Version: 1.00.0000 - NETGEAR) Hidden
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\MFC42U.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\MFC42U.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\MFC42U.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{17D165A2-DD58-4CD9-A155-6F22590BCB5C}\localserver32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\ewpca\ewpca.exe (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{225A2EEC-CD07-F926-E472-053CDEB2AEE1}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{2A1BE1E7-C550-4D67-A553-7F2D3A39233D}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\epi\epi.dll (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}\InprocServer32 -> C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{51DBAF4C-E1BF-40DC-B229-0963EB3D4729}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\webifier\CitrixWrapper.dll (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{699DDBCC-DC7E-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{6D835690-900B-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{7F33E95D-5A77-103B-2CE7-A556A261AC84}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{88FC690D-93F7-4A46-B920-4F611E7BE891}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\epi\epiVersion.dll (Aventail)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{94508EF1-415F-4642-9797-5125BF3F4F16}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\webifier\avrdpwrap.dll (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{A7BC4157-A8EC-488F-9808-C63E2ACB0996}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\epi\epi.dll (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{B8DA6310-E19B-11D0-933C-00A0C90DCAA9}\InprocServer32 -> C:\WINDOWS\system32\ACTXPRXY.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{FD8C4664-A2D4-97EC-185D-875E454333FE}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (InstallShield Software Corporation)

==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 04:18 - 2014-10-26 19:47 - 00000707 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\SystemToolsDailyTest.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{498E3F7D-1B17-418B-9F9C-FF065F0AC20E}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{EB9F45F2-DD33-432E-AF41-2B4DA5EB25E5}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseqrts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseqrts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupreg: VoiceCenter =>

========================= Accounts: ==========================

Attached Files


Edited by Oh My!, 07 November 2014 - 07:21 PM.
Logs posted


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,419 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:03 AM

Posted 07 November 2014 - 08:23 PM

Greetings and thank you for the update information and letting me know you need to be nimble in completing the instructions.

Please do this for me.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKLM\...\Run: [Qcapepux] => rundll32.exe "C:\WINDOWS\unovopiw.dll",Startup
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [Pfiyoz] => rundll32.exe "C:\WINDOWS\mpcrypra.dll",Startup
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {9DD523C5-8139-4FCC-B301-39D40E615216} URL = http://internetsearchservice.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {BB670D0B-5C46-40C7-B38B-40DD26987723} - No File
Toolbar: HKCU - No Name - {BB670D0B-5C46-40C7-B38B-40DD26987723} - No File
Handler: schmap-help - No CLSID Value -
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S2 MCSTRM; No ImagePath
S3 PciCon; \??\D:\PciCon.sys [X]
S3 UIUSys; system32\drivers\UIUSys.sys [X]
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
S3 WinDriver6; system32\drivers\windrvr6.sys [X]
C:\WINDOWS\unovopiw.dll
C:\WINDOWS\mpcrypra.dll
C:\Documents and Settings\All Users\Tempmozy-autoupdate-0e8b147b53a66c327947fed57aa1d313.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-4a89cedd164c5f5e19189bfd5deb26c7.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-4d208aac92bfd705178bb55cc02619e1.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-8262dfa079e3ea66519693899238bbfb.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-82af9a609219353256cb533e636b9416.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-864934ef6e2b54a6f5dcfa6e472922e2.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-9168e69c9b17c74056d68fc0f28ff63a.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-b6ef32f74275da3b7074b1f807e71343.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-cb6776b6237c85b1f694a26db648ccb0.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-183e1dca3bdb7b84685b9e31ae1c6873.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-411e4958630282cd5509a8735a26b919.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-4ff83994dfb32374e99fb2987f4e5700.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-591229f46f4b4c672e4eb66432c623af.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-6b21c963de7634bf68c213567fcafb17.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-6ccbc1dbf9be075b88974ffd72373e0f.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-73b6f364ab195dc4ccf2aae89db27fa5.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-9c25a149f148f17fec6c964210abc0b0.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-9eab8da73ae2b5055aa2cdcb0880ba90.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-b2dc44eb185732ade88416784fadbd67.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-ed60b0fe8dab42c5b79df371c6deb040.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-efe4ca346ae5931c530ec0699e8812d5.exe
C:\Documents and Settings\All Users\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe
C:\Documents and Settings\All Users\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe
C:\Documents and Settings\All Users\Tempmozy-update-c0261ff8012aad585d55140a9b6ddcb9.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
File: C:\WINDOWS\system32\Drivers\ujovcqjd.sys
File: C:\WINDOWS\system32\Drivers\lenlyijk.sys
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Type the following in the Search Field
rpcss.dll
  • Click Search File(s) button
  • A Search.txt document will be saved to your USB device
  • Copy and paste or attach both files to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Result log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 pm0620

pm0620
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 07 November 2014 - 09:46 PM

They are attached.  Thank you

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-11-2014
Ran by pkmcclellan at 2014-11-07 20:32:48 Run:1
Running from E:\Bleeping Computer
Loaded Profile: pkmcclellan (Available profiles: pkmcclellan & UpdatusUser & Administrator)
Boot Mode: Safe Mode (minimal)

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [Qcapepux] => rundll32.exe "C:\WINDOWS\unovopiw.dll",Startup
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [Pfiyoz] => rundll32.exe "C:\WINDOWS\mpcrypra.dll",Startup
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {9DD523C5-8139-4FCC-B301-39D40E615216} URL = http://internetsearchservice.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {BB670D0B-5C46-40C7-B38B-40DD26987723} - No File
Toolbar: HKCU - No Name - {BB670D0B-5C46-40C7-B38B-40DD26987723} - No File
Handler: schmap-help - No CLSID Value -
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S2 MCSTRM; No ImagePath
S3 PciCon; \??\D:\PciCon.sys [X]
S3 UIUSys; system32\drivers\UIUSys.sys [X]
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
S3 WinDriver6; system32\drivers\windrvr6.sys [X]
C:\WINDOWS\unovopiw.dll
C:\WINDOWS\mpcrypra.dll
C:\Documents and Settings\All Users\Tempmozy-autoupdate-0e8b147b53a66c327947fed57aa1d313.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-4a89cedd164c5f5e19189bfd5deb26c7.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-4d208aac92bfd705178bb55cc02619e1.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-8262dfa079e3ea66519693899238bbfb.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-82af9a609219353256cb533e636b9416.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-864934ef6e2b54a6f5dcfa6e472922e2.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-9168e69c9b17c74056d68fc0f28ff63a.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-b6ef32f74275da3b7074b1f807e71343.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-cb6776b6237c85b1f694a26db648ccb0.exe
C:\Documents and Settings\All Users\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-183e1dca3bdb7b84685b9e31ae1c6873.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-411e4958630282cd5509a8735a26b919.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-4ff83994dfb32374e99fb2987f4e5700.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-591229f46f4b4c672e4eb66432c623af.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-6b21c963de7634bf68c213567fcafb17.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-6ccbc1dbf9be075b88974ffd72373e0f.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-73b6f364ab195dc4ccf2aae89db27fa5.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-9c25a149f148f17fec6c964210abc0b0.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-9eab8da73ae2b5055aa2cdcb0880ba90.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-b2dc44eb185732ade88416784fadbd67.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-ed60b0fe8dab42c5b79df371c6deb040.exe
C:\Documents and Settings\All Users\Tempmozy-manualupdate-efe4ca346ae5931c530ec0699e8812d5.exe
C:\Documents and Settings\All Users\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe
C:\Documents and Settings\All Users\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe
C:\Documents and Settings\All Users\Tempmozy-update-c0261ff8012aad585d55140a9b6ddcb9.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
File: C:\WINDOWS\system32\Drivers\ujovcqjd.sys
File: C:\WINDOWS\system32\Drivers\lenlyijk.sys
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Qcapepux => value deleted successfully.
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\Software\Microsoft\Windows\CurrentVersion\Run\\Pfiyoz => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => Key deleted successfully.
"HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9DD523C5-8139-4FCC-B301-39D40E615216}" => Key deleted successfully.
"HKCR\CLSID\{9DD523C5-8139-4FCC-B301-39D40E615216}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{BB670D0B-5C46-40C7-B38B-40DD26987723} => value deleted successfully.
"HKCR\CLSID\{BB670D0B-5C46-40C7-B38B-40DD26987723}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BB670D0B-5C46-40C7-B38B-40DD26987723} => value deleted successfully.
"HKCR\CLSID\{BB670D0B-5C46-40C7-B38B-40DD26987723}" => Key not found.
"HKCR\PROTOCOLS\Handler\schmap-help" => Key deleted successfully.
MBAMSwissArmy => Service deleted successfully.
MCSTRM => Service deleted successfully.
PciCon => Service deleted successfully.
UIUSys => Service deleted successfully.
wanatw => Service deleted successfully.
WinDriver6 => Service deleted successfully.
"C:\WINDOWS\unovopiw.dll" => File/Directory not found.
"C:\WINDOWS\mpcrypra.dll" => File/Directory not found.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-0e8b147b53a66c327947fed57aa1d313.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-4a89cedd164c5f5e19189bfd5deb26c7.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-4d208aac92bfd705178bb55cc02619e1.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-8262dfa079e3ea66519693899238bbfb.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-82af9a609219353256cb533e636b9416.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-864934ef6e2b54a6f5dcfa6e472922e2.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-9168e69c9b17c74056d68fc0f28ff63a.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-b6ef32f74275da3b7074b1f807e71343.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-cb6776b6237c85b1f694a26db648ccb0.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-183e1dca3bdb7b84685b9e31ae1c6873.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-411e4958630282cd5509a8735a26b919.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-4ff83994dfb32374e99fb2987f4e5700.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-591229f46f4b4c672e4eb66432c623af.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-6b21c963de7634bf68c213567fcafb17.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-6ccbc1dbf9be075b88974ffd72373e0f.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-73b6f364ab195dc4ccf2aae89db27fa5.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-9c25a149f148f17fec6c964210abc0b0.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-9eab8da73ae2b5055aa2cdcb0880ba90.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-b2dc44eb185732ade88416784fadbd67.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-ed60b0fe8dab42c5b79df371c6deb040.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-manualupdate-efe4ca346ae5931c530ec0699e8812d5.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe => Moved successfully.
C:\Documents and Settings\All Users\Tempmozy-update-c0261ff8012aad585d55140a9b6ddcb9.exe => Moved successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":DFC5A2B2" ADS removed successfully.

========================= File: C:\WINDOWS\system32\Drivers\ujovcqjd.sys ========================

MD5: ebd3b15e2e01ee94ba5262fafc691a8e
Creation and modification date: 2014-10-26 21:48 - 2014-10-26 21:48
Size: 0411552
Attributes: ----A
Company Name: AVAST Software
Internal Name: aswSP.sys
Original Name: aswSP.sys
Product Name: avast! Antivirus
Description: avast! self protection module
File Version: 9.0.2018.391
Product Version: 9.0.2018.391
Copyright: Copyright © 2013 AVAST Software

====== End Of File: ======


========================= File: C:\WINDOWS\system32\Drivers\lenlyijk.sys ========================

MD5: ebd3b15e2e01ee94ba5262fafc691a8e
Creation and modification date: 2014-10-26 11:01 - 2014-10-26 11:01
Size: 0411552
Attributes: ----A
Company Name: AVAST Software
Internal Name: aswSP.sys
Original Name: aswSP.sys
Product Name: avast! Antivirus
Description: avast! self protection module
File Version: 9.0.2018.391
Product Version: 9.0.2018.391
Copyright: Copyright © 2013 AVAST Software

====== End Of File: ======



Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by pkmcclellan at 2014-11-07 20:38:19
Running from E:\Bleeping Computer
Boot Mode: Safe Mode (minimal)

================== Search: "rpcss.dll" ===================

C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll
[2009-04-15 08:35][2008-04-13 18:12] 0399360 ____C (Microsoft Corporation) 2589fe6015a316c0f5d5112b4da7b509

C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll
[2006-01-10 06:02][2005-04-28 13:31] 0395776 ____C (Microsoft Corporation) c8061f289e000703e7672916b7fe1571

C:\WINDOWS\$NtUninstallKB894391$\rpcss.dll
[2006-01-10 06:00][2004-08-10 05:00] 0395776 ____C (Microsoft Corporation) 5c83a4408604f737717ab96371201680

C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll
[2008-08-05 16:21][2005-07-25 22:39] 0397824 ____C (Microsoft Corporation) ce94a2bd25e3e9f4d46a7373ff455c6d

C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[2009-04-14 19:47][2009-02-09 04:56] 0401408 ____A (Microsoft Corporation) 9222562d44021b988b9f9f62207fb6f2

C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[2005-07-25 22:20][2005-07-25 22:20] 0398336 ____A (Microsoft Corporation) c369df215d352b6f3a0b8c3469aa34f8

C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[2005-04-28 13:35][2005-04-28 13:35] 0396288 ____A (Microsoft Corporation) da383fb39a6f1c445f3afc94b3eb1248

C:\i386\rpcss.dll
[2006-01-10 05:31][2004-08-10 05:00] 0395776 ____A (Microsoft Corporation) 5c83a4408604f737717ab96371201680

=== End Of Search ===
==== End of Fixlog ====

Attached Files


Edited by Oh My!, 07 November 2014 - 10:08 PM.
Logs posted


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,419 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:03 AM

Posted 07 November 2014 - 10:13 PM

Very good, thank you. Now please this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
cmd: copy C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll C:\WINDOWS\system32
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Please rerun a FRST scan making sure there is a check mark in Addition.txt
  • Check your computer performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • FRST reports
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 pm0620

pm0620
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 07 November 2014 - 11:35 PM

Many programs are now operating.  My internet is still down but the connections icons are now visible and can be activated by clicking.  MS office documents now open.  Overall we are getting there.  This is amazing....I thought this thing was dead.  I am constantly getting a popup that the system recovered from a serious error and so I attached the text "Error.txt" so you could see what is being displayed.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-11-2014
Ran by pkmcclellan at 2014-11-07 22:12:32 Run:2
Running from E:\Bleeping Computer
Loaded Profile: pkmcclellan (Available profiles: pkmcclellan & UpdatusUser & Administrator)
Boot Mode: Safe Mode (minimal)

==============================================

Content of fixlist:
*****************
cmd: copy C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll C:\WINDOWS\system32
*****************


========= copy C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll C:\WINDOWS\system32 =========

1 file(s) copied.

========= End of CMD: =========


==== End of Fixlog ====
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by pkmcclellan (administrator) on MCCLELLAN on 07-11-2014 22:13:04
Running from E:\Bleeping Computer
Loaded Profile: pkmcclellan (Available profiles: pkmcclellan & UpdatusUser & Administrator)
Platform: Microsoft Windows XP Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(CYREN Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe
(CYREN Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SigmatelSysTrayApp] => C:\WINDOWS\stsystra.exe [339968 2005-03-22] (SigmaTel, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ioloGovernor] => C:\Program Files\iolo\System Mechanic Professional\ioloGovernor.exe [870224 2014-08-12] (iolo technologies, LLC)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-02-18] (Hewlett-Packard)
HKLM\...\Run: [DVDLauncher] => C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [53248 2005-02-23] (CyberLink Corp.)
HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [127037 2005-03-16] (Sonic Solutions)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-06-09] (Google Inc.)
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1177899150-3433354104-1715971161-1008\...\Run: [DellSystemDetect] => C:\Documents and Settings\pkmcclellan\Local Settings\Apps\2.0\VPR8GMYK.WZG\33BQD6R8.RBB\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe [265280 2014-09-03] (Dell)
HKU\S-1-5-18\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-06-09] (Google Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk
ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk
ShortcutTarget: NETGEAR WN111v2 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WN111v2\WN111V2.exe (NETGEAR)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.pandora.com/#/
SearchScopes: HKLM - {15955FAB-B396-4C29-8213-0EFEBDC35CF7} URL = http://video.yahoo.com/video/search?p={searchTerms}&fr=yie7c
SearchScopes: HKLM - {5A13E048-F59F-4204-BECF-34649D92E0AF} URL = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
SearchScopes: HKLM - {7B4A7144-0299-4031-9FD0-13537E0CC3F8} URL = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
SearchScopes: HKLM - {8FCE86B2-710A-4541-8D6F-CF196F8AB1FE} URL = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
SearchScopes: HKLM - {E9022274-B9FF-4715-BD0C-EC3179DE6996} URL = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
SearchScopes: HKCU - {1DA5E789-5796-4320-8D5D-C284CC42B622} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=524517&p={searchTerms}
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> c:\program files\google\googletoolbar6.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar6.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} http://dynamicsnavtestdrive.com/ActiveX/VMRCActiveXClient1.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
DPF: {6F750202-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {94B82441-A413-4E43-8422-D49930E69764} https://chat1.j2.com/Media/VisitorchatEnu/TLIEFlash.CAB
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} http://a.download.toontown.com/sv1.0.31.5/ttinst.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F80B9305-A013-11D2-BD23-00A024978908} file://D:\viewer\accuradimage.cab
DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} http://www.iolo.com/app/ocx/UpgradeVerify.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\WINDOWS\Downloaded Program Files\mimectl.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\WINDOWS\system32\iavlsp.dll [118784] (iolo technologies, LLC)
Winsock: Catalog9 02 C:\WINDOWS\system32\iavlsp.dll [118784] (iolo technologies, LLC)
Winsock: Catalog9 28 C:\WINDOWS\system32\iavlsp.dll [118784] (iolo technologies, LLC)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-11-01]
FF HKLM\...\Firefox\Extensions: [{38C1E278-96A3-4ECB-A9E3-6ABEB2E11FE6}] - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\{38C1E278-96A3-4ECB-A9E3-6ABEB2E11FE6}
FF Extension: XULRunner - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\{38C1E278-96A3-4ECB-A9E3-6ABEB2E11FE6} [2011-01-25]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011-07-14]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.pandora.com/", "hxxp://www.yahoo.com/", "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-16]
CHR Extension: (Google Docs) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-16]
CHR Extension: (Google Drive) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-23]
CHR Extension: (YouTube) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-16]
CHR Extension: (Google Search) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-16]
CHR Extension: (Google Sheets) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-16]
CHR Extension: (Google Wallet) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-31]
CHR Extension: (Gmail) - C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-16]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S2 ACS; C:\WINDOWS\system32\acs.exe [467028 2008-06-27] (Atheros)
S4 Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [69632 2006-01-05] (Creative Labs)
S4 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
S4 dlcd_device; C:\WINDOWS\system32\dlcdcoms.exe [538096 2007-01-16] ( )
S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
S4 GameConsoleService; C:\Program Files\WildTangent\Apps\Dell Game Console\GameConsoleService.exe [181784 2007-08-30] (WildTangent, Inc.)
S2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
S2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-08-12] (iolo technologies, LLC)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-07] (Oracle Corporation)
S3 jswpsapi; C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe [360547 2008-02-27] (Atheros Communications, Inc.)
S2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [53016 2011-08-04] (Mozy, Inc.)
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation)
S4 NgVpnMgr; C:\WINDOWS\system32\ngvpnmgr.exe [240760 2009-11-20] (Aventail Corporation)
S2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120 2011-10-07] (NVIDIA Corporation)
S2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
R2 vseamps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe [97544 2014-03-25] (CYREN Inc.)
R2 vsedsps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe [97544 2014-03-25] (CYREN Inc.)
S3 vseqrts; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe [142600 2014-03-25] (CYREN Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S2 AMP; C:\WINDOWS\system32\Drivers\amp.sys [139528 2014-03-25] (CYREN Inc.)
S2 AMPSE; C:\WINDOWS\system32\Drivers\ampse.sys [1386760 2014-03-25] (CYREN Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CTUSFSYN; C:\WINDOWS\System32\drivers\ctusfsyn.sys [158464 2005-05-25] (Creative Technology Ltd.)
S3 DNINDIS5; C:\WINDOWS\system32\DNINDIS5.SYS [17149 2003-07-24] (Printing Communications Assoc., Inc. (PCAUSA))
S2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40544 2004-12-23] (Sonic Solutions)
S1 FileDisk; C:\WINDOWS\system32\Drivers\FileDisk.sys [9341 2014-07-16] (iolo technologies, LLC (based on original work by Bo Brantén))
S3 FilterService; C:\WINDOWS\System32\DRIVERS\lvuvcflt.sys [23832 2009-10-07] (Logitech Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2014-09-17] ()
S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)
S3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.SYS [1035008 2005-07-22] (Conexant Systems, Inc.)
S3 JSWSCIMD; C:\WINDOWS\System32\DRIVERS\jswscimd.sys [57440 2008-10-01] (Atheros Communications, Inc.)
S3 LVPr2Mon; C:\WINDOWS\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
S1 mozyFilter; C:\WINDOWS\System32\DRIVERS\mozy.sys [55520 2013-05-21] (Mozy, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 netrcacm; C:\WINDOWS\System32\DRIVERS\netrcacm.sys [20648 2003-04-02] (Thomson Inc.)
S3 NgFilter; C:\WINDOWS\System32\DRIVERS\ngfilter.sys [22552 2009-11-20] (Aventail Corporation)
S3 NgLog; C:\WINDOWS\System32\DRIVERS\nglog.sys [27160 2009-11-20] (Aventail Corporation)
S3 NgVpn; C:\WINDOWS\System32\DRIVERS\ngvpn.sys [79896 2009-11-20] (Aventail Corporation)
S3 NgWfp; C:\WINDOWS\System32\DRIVERS\ngwfp.sys [25112 2009-11-20] (Aventail Corporation)
S2 PDFsFilter; C:\WINDOWS\System32\DRIVERS\PDFsFilter.sys [68464 2014-07-16] (Raxco Software, Inc.)
S3 sigfilt; C:\WINDOWS\System32\drivers\sigfilt.sys [1350272 2005-03-24] (Creative Technology Ltd.)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-12-02] (Sonic Solutions)
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-12-02] (Sonic Solutions)
S3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [180736 2005-06-06] (SigmaTel, Inc.)
S2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25725 2005-03-16] (Sonic Solutions)
S2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34845 2005-03-16] (Sonic Solutions)
S2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4125 2005-03-16] (Sonic Solutions)
S2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2241 2005-03-16] (Sonic Solutions)
S2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86684 2005-03-16] (Sonic Solutions)
S2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [14877 2005-03-16] (Sonic Solutions)
S2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6365 2005-03-16] (Sonic Solutions)
S2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98716 2005-03-16] (Sonic Solutions)
S2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100605 2005-03-16] (Sonic Solutions)
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [34808 2014-10-26] ()
S3 WN111v2; C:\WINDOWS\System32\DRIVERS\WN111v2.sys [453120 2008-09-30] (Atheros Communications, Inc.)
S3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [57408 2007-12-14] (Atheros Communications, Inc.)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 22:12 - 2008-04-13 18:12 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-11-07 20:31 - 2014-11-07 20:31 - 00003649 _____ () C:\Documents and Settings\pkmcclellan\Desktop\fixlist.txt
2014-11-07 20:09 - 2014-11-07 20:09 - 00090112 _____ () C:\WINDOWS\Minidump\Mini110714-01.dmp
2014-11-07 16:46 - 2014-11-07 22:13 - 00000000 ____D () C:\FRST
2014-11-04 08:21 - 2014-11-04 08:21 - 00000358 _____ () C:\WINDOWS\wmsetup.log
2014-11-04 05:09 - 2014-11-04 05:09 - 00090112 _____ () C:\WINDOWS\Minidump\Mini110414-01.dmp
2014-11-03 12:42 - 2014-11-03 13:02 - 00105298 _____ () C:\Documents and Settings\pkmcclellan\Local Settings\Application Data\FASTWiz.log
2014-11-03 06:30 - 2014-11-03 06:30 - 00000000 ____H () C:\WINDOWS\system32\config\SYSTEM.sav.LOG
2014-11-03 06:30 - 2014-11-03 06:30 - 00000000 ____H () C:\WINDOWS\system32\config\Software.sav.LOG
2014-11-03 06:25 - 2014-11-03 06:25 - 00000000 ____H () C:\WINDOWS\system32\config\SECURITY.sav.LOG
2014-11-03 06:25 - 2014-11-03 06:25 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.sav.LOG
2014-11-03 06:22 - 2014-11-03 06:31 - 00003104 _____ () C:\WINDOWS\system32\ASOROSet.bin
2014-11-03 06:22 - 2014-11-03 06:22 - 00000000 ____D () C:\WINDOWS\system32\config\RCCBakup
2014-11-02 22:37 - 2012-10-15 17:02 - 00017840 _____ (solvusoft) C:\WINDOWS\system32\roboot.exe
2014-11-02 20:42 - 2014-11-02 20:42 - 00090112 _____ () C:\WINDOWS\Minidump\Mini110214-02.dmp
2014-11-02 19:59 - 2014-11-02 19:59 - 00000000 ____D () C:\WINDOWS\system32\Cache
2014-11-02 19:57 - 2001-08-17 22:36 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_seos.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\regtrace.exe
2014-11-02 19:57 - 2001-08-17 22:36 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2014-11-02 19:57 - 2001-08-17 22:36 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smtpctrs.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\snprfdll.dll
2014-11-02 19:57 - 2001-08-17 22:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2014-11-02 19:57 - 2001-07-21 14:23 - 00021791 _____ () C:\WINDOWS\system32\smtpctrs.ini
2014-11-02 19:57 - 2001-07-21 14:23 - 00008002 _____ () C:\WINDOWS\system32\smtpctrs.h
2014-11-02 19:57 - 2001-07-21 14:23 - 00001037 _____ () C:\WINDOWS\system32\ntfsdrct.ini
2014-11-02 19:57 - 2001-07-21 14:23 - 00000773 _____ () C:\WINDOWS\system32\ntfsdrct.h
2014-11-02 19:56 - 2001-08-17 22:36 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcachdll.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2014-11-02 19:56 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsiisex.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3ext.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisclex4.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\convlog.exe
2014-11-02 19:50 - 2004-08-10 05:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\convlog.exe
2014-11-02 19:50 - 2004-08-10 05:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nextlink.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adrot.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\browscap.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00038576 _____ () C:\WINDOWS\system32\w3ctrs.ini
2014-11-02 19:50 - 2004-08-10 05:00 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\controt.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pagecnt.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asptxn.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mdsync.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logscrpt.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\permchk.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\counters.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsloc.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iiscrmap.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\status.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-11-02 19:50 - 2004-08-10 05:00 - 00011435 _____ () C:\WINDOWS\system32\infoctrs.ini
2014-11-02 19:50 - 2004-08-10 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aspperf.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspperf.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00010225 _____ () C:\WINDOWS\system32\axperf.ini
2014-11-02 19:50 - 2004-08-10 05:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamps51.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iwrps.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\authfilt.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\infoctrs.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infoctrs.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isapips.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iissync.exe
2014-11-02 19:50 - 2004-08-10 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftpsapi2.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admxprox.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\admxprox.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\w3svapi.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3svapi.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00005379 _____ () C:\WINDOWS\system32\w3ctrs.h
2014-11-02 19:50 - 2004-08-10 05:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\w3ctrs.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w3ctrs51.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iismui.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iismui.dll
2014-11-02 19:50 - 2004-08-10 05:00 - 00003276 _____ () C:\WINDOWS\system32\infoctrs.h
2014-11-02 19:50 - 2004-08-10 05:00 - 00002024 _____ () C:\WINDOWS\system32\axctrnm.h
2014-11-02 19:49 - 2014-11-02 19:59 - 00000000 ____D () C:\Inetpub
2014-11-02 19:49 - 2014-11-02 19:49 - 00000000 ____D () C:\WINDOWS\system32\msmq
2014-11-02 13:00 - 2014-11-03 05:22 - 00049046 _____ () C:\WINDOWS\ocgen.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00048040 _____ () C:\WINDOWS\FaxSetup.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00041774 _____ () C:\WINDOWS\msmqinst.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00030516 _____ () C:\WINDOWS\tsoc.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00029856 _____ () C:\WINDOWS\comsetup.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00027359 _____ () C:\WINDOWS\ntdtcsetup.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00013486 _____ () C:\WINDOWS\plusoc.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00009855 _____ () C:\WINDOWS\netfxocm.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00005440 _____ () C:\WINDOWS\ehOCGen.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00004819 _____ () C:\WINDOWS\imsins.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00004511 _____ () C:\WINDOWS\MedCtrOC.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00003339 _____ () C:\WINDOWS\ocmsn.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00003249 _____ () C:\WINDOWS\msgsocm.log
2014-11-02 13:00 - 2014-11-03 05:22 - 00001555 _____ () C:\WINDOWS\tabletoc.log
2014-11-02 13:00 - 2014-11-02 20:02 - 00004819 _____ () C:\WINDOWS\imsins.BAK
2014-11-02 13:00 - 2014-11-02 13:33 - 00080287 _____ () C:\WINDOWS\spuninst.log
2014-11-02 12:34 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-11-02 11:40 - 2014-11-02 20:27 - 00035761 _____ () C:\WINDOWS\svcpack.log
2014-11-02 11:40 - 2014-11-02 20:17 - 00000000 ____D () C:\WINDOWS\system32\CatRoot_bak
2014-11-02 09:46 - 2014-11-02 09:59 - 00008254 _____ () C:\WINDOWS\KB942288-v3.log
2014-11-02 08:38 - 2014-11-02 08:37 - 00090112 _____ () C:\WINDOWS\Minidump\Mini110214-01.dmp
2014-11-02 07:14 - 2014-11-02 13:46 - 00001350 _____ () C:\WINDOWS\DHCPUPG.LOG
2014-11-02 07:14 - 2014-11-02 13:46 - 00000590 _____ () C:\WINDOWS\WINNT32.LOG
2014-11-01 12:02 - 2014-11-01 12:02 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Application Data\Logitech
2014-10-31 21:07 - 2014-10-31 21:09 - 00000000 ____D () C:\591e9b114391426eb244
2014-10-31 21:07 - 2014-10-31 21:07 - 00000000 ____D () C:\Program Files\ACW
2014-10-31 04:34 - 2004-08-10 05:00 - 00107882 _____ () C:\WINDOWS\system32\mib_ii.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00049275 _____ () C:\WINDOWS\system32\wfospf.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00048593 _____ () C:\WINDOWS\system32\hostmib.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00038608 _____ () C:\WINDOWS\system32\nipx.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00034317 _____ () C:\WINDOWS\system32\msiprip2.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00030448 _____ () C:\WINDOWS\system32\mcastmib.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00026236 _____ () C:\WINDOWS\system32\wins.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00026100 _____ () C:\WINDOWS\system32\lmmib2.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00021386 _____ () C:\WINDOWS\system32\mipx.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00020079 _____ () C:\WINDOWS\system32\http.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00016617 _____ () C:\WINDOWS\system32\authserv.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsm.dll
2014-10-31 04:34 - 2004-08-10 05:00 - 00015799 _____ () C:\WINDOWS\system32\ipforwd.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00015597 _____ () C:\WINDOWS\system32\accserv.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00013767 _____ () C:\WINDOWS\system32\msipbtp.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00010313 _____ () C:\WINDOWS\system32\mripsap.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpstup.dll
2014-10-31 04:34 - 2004-08-10 05:00 - 00006179 _____ () C:\WINDOWS\system32\ftp.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smimsgif.dll
2014-10-31 04:34 - 2004-08-10 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsy.dll
2014-10-31 04:34 - 2004-08-10 05:00 - 00004597 _____ () C:\WINDOWS\system32\dhcp.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00004332 _____ () C:\WINDOWS\system32\smi.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00000698 _____ () C:\WINDOWS\system32\inetsrv.mib
2014-10-31 04:34 - 2004-08-10 05:00 - 00000581 _____ () C:\WINDOWS\system32\msft.mib
2014-10-31 04:33 - 2014-11-03 05:22 - 00328748 _____ () C:\WINDOWS\iis6.log
2014-10-30 03:59 - 2014-10-30 03:59 - 00090112 _____ () C:\WINDOWS\Minidump\Mini103014-01.dmp
2014-10-29 19:28 - 2014-10-29 19:28 - 00026128 _____ () C:\Documents and Settings\pkmcclellan\Desktop\attach.txt
2014-10-29 19:28 - 2014-10-29 19:28 - 00013400 _____ () C:\Documents and Settings\pkmcclellan\Desktop\dds.txt
2014-10-27 05:16 - 2014-10-27 05:16 - 00090112 _____ () C:\WINDOWS\Minidump\Mini102714-02.dmp
2014-10-27 03:28 - 2014-11-03 12:47 - 00942193 _____ () C:\WINDOWS\setupapi.log
2014-10-27 03:12 - 2014-10-27 03:12 - 00090112 _____ () C:\WINDOWS\Minidump\Mini102714-01.dmp
2014-10-26 22:43 - 2014-11-07 22:06 - 00207404 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-26 22:19 - 2014-11-02 19:59 - 00000429 _____ () C:\WINDOWS\setupact.log
2014-10-26 22:19 - 2014-11-02 19:59 - 00000116 _____ () C:\WINDOWS\setuperr.log
2014-10-26 22:15 - 2014-10-26 22:16 - 00009996 _____ () C:\Documents and Settings\pkmcclellan\My Documents\cc_20141026_231413.reg
2014-10-26 22:06 - 2014-11-04 08:15 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Application Data\Solvusoft
2014-10-26 21:48 - 2014-10-26 21:48 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ujovcqjd.sys
2014-10-26 21:47 - 2014-10-26 21:47 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-10-26 21:29 - 2014-10-26 21:29 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-10-26 18:26 - 2014-10-31 03:52 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-10-26 11:01 - 2014-10-26 11:01 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\lenlyijk.sys
2014-10-26 11:01 - 2014-10-26 11:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-10-26 10:06 - 2014-10-26 20:47 - 00034808 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-10-26 10:06 - 2014-10-26 10:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-10-26 09:56 - 2014-10-26 09:56 - 00000000 __SHD () C:\WINDOWS\CSC
2014-10-26 06:56 - 2014-10-26 06:56 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\iolo
2014-10-26 06:00 - 2014-10-26 06:00 - 00000408 _____ () C:\WINDOWS\system32\iolo.ini
2014-10-24 20:59 - 2014-10-24 20:59 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-10-24 20:59 - 2014-10-24 20:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-10-24 20:58 - 2014-10-24 20:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-10-20 19:07 - 2014-10-20 19:08 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-20 19:07 - 2014-10-20 19:07 - 00001734 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
2014-10-10 04:27 - 2014-10-10 04:27 - 00049059 ____N () C:\Documents and Settings\pkmcclellan\Desktop\Basketball Drills.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 22:13 - 2006-01-11 05:33 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Local Settings\Temp
2014-11-07 22:08 - 2005-08-16 04:49 - 00000178 ___SH () C:\Documents and Settings\NetworkService\ntuser.ini
2014-11-07 20:48 - 2010-08-03 12:51 - 01048576 _____ () C:\WINDOWS\system32\config\iolo App.evt
2014-11-07 20:48 - 2006-01-11 05:33 - 00000178 ___SH () C:\Documents and Settings\pkmcclellan\ntuser.ini
2014-11-07 20:09 - 2006-01-09 22:50 - 00000000 ____D () C:\WINDOWS\Minidump
2014-11-07 19:44 - 2005-08-16 04:18 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-07 16:52 - 2009-01-31 20:01 - 00002339 _____ () C:\Documents and Settings\pkmcclellan\Start Menu\Programs\Windows Install Clean Up.lnk
2014-11-04 14:52 - 2005-08-16 04:22 - 00000000 ____D () C:\WINDOWS\Help
2014-11-04 08:22 - 2006-01-11 05:33 - 00000000 ____D () C:\Documents and Settings\pkmcclellan
2014-11-04 08:21 - 2009-04-20 18:28 - 00000803 _____ () C:\Documents and Settings\pkmcclellan\Start Menu\Programs\Internet Explorer.lnk
2014-11-04 08:21 - 2005-08-16 04:38 - 00000785 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2014-11-03 06:31 - 2006-01-05 15:38 - 62652416 _____ () C:\WINDOWS\system32\config\Software.bak
2014-11-03 06:31 - 2006-01-05 15:38 - 11272192 _____ () C:\WINDOWS\system32\config\SYSTEM.bak
2014-11-03 06:31 - 2005-08-16 04:49 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-11-03 06:31 - 2005-08-15 22:27 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-11-03 06:30 - 2005-08-16 04:49 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-11-03 06:24 - 2005-08-15 22:27 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-11-03 05:28 - 2005-08-16 04:22 - 00000000 ____D () C:\WINDOWS\security
2014-11-03 05:22 - 2005-08-16 04:33 - 00694744 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-02 20:03 - 2005-08-16 04:22 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-11-02 19:13 - 2011-07-11 08:58 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2014-11-02 14:09 - 2010-02-01 05:27 - 00041981 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-11-02 08:44 - 2005-08-16 04:50 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-11-01 09:26 - 2005-08-16 04:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-10-31 21:21 - 2007-03-26 04:07 - 00000000 ____D () C:\WINDOWS\pss
2014-10-31 21:21 - 2006-01-05 09:38 - 00000209 __RSH () C:\boot.ini
2014-10-31 21:21 - 2005-08-16 04:18 - 00000582 _____ () C:\WINDOWS\win.ini
2014-10-31 21:21 - 2005-08-16 04:18 - 00000227 _____ () C:\WINDOWS\system.ini
2014-10-31 21:18 - 2014-04-09 16:19 - 00005212 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-10-31 04:17 - 2011-05-04 09:04 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-10-31 04:16 - 2014-07-28 12:43 - 00001854 _____ () C:\Documents and Settings\pkmcclellan\Desktop\LiveBoost.lnk
2014-10-31 04:16 - 2014-07-28 12:43 - 00001806 _____ () C:\Documents and Settings\pkmcclellan\Desktop\System Mechanic Professional.lnk
2014-10-31 04:16 - 2014-07-28 12:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic Professional
2014-10-31 04:15 - 2007-01-19 05:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\iolo
2014-10-26 21:59 - 2014-09-16 05:06 - 00000000 ____D () C:\AdwCleaner
2014-10-26 06:39 - 2010-12-29 11:44 - 00524288 _____ () C:\WINDOWS\system32\config\ACS.evt
2014-10-26 06:39 - 2005-08-16 04:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-26 06:35 - 2008-01-08 09:29 - 00000434 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{498E3F7D-1B17-418B-9F9C-FF065F0AC20E}.job
2014-10-26 06:25 - 2014-07-12 12:25 - 00000404 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{EB9F45F2-DD33-432E-AF41-2B4DA5EB25E5}.job
2014-10-26 06:24 - 2012-04-01 05:55 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-26 06:09 - 2014-03-30 04:56 - 00000234 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-10-26 06:09 - 2012-08-26 08:50 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 06:08 - 2012-08-26 08:50 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-26 06:00 - 2009-12-24 08:11 - 00000392 _____ () C:\WINDOWS\system32\iolo.ini.txt
2014-10-25 06:24 - 2006-01-12 20:34 - 00000000 ____D () C:\WINDOWS\system32\config\SM Registry Backup
2014-10-25 06:23 - 2013-03-30 11:05 - 04888396 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1177899150-3433354104-1715971161-1008-0.dat
2014-10-25 06:23 - 2013-03-26 08:56 - 00352600 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-10-24 20:59 - 2009-03-23 04:27 - 00000000 ____D () C:\Program Files\iTunes
2014-10-24 20:58 - 2014-09-28 07:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-10-24 20:58 - 2007-07-04 07:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-24 20:58 - 2006-01-13 23:06 - 00000000 ____D () C:\Program Files\iPod
2014-10-24 17:30 - 2011-08-04 14:15 - 00005272 _____ () C:\WINDOWS\mozy.blk
2014-10-24 17:30 - 2011-08-04 14:15 - 00000448 _____ () C:\WINDOWS\mozy.flt
2014-10-24 17:29 - 2005-08-16 04:22 - 00000000 ____D () C:\WINDOWS\repair
2014-10-23 05:33 - 2005-08-16 04:38 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-22 09:08 - 2014-09-16 19:57 - 00000000 ____D () C:\Avenger
2014-10-21 18:03 - 2011-08-12 01:49 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
2014-10-20 19:08 - 2006-01-13 23:54 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-20 19:07 - 2007-01-13 19:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-10-20 19:06 - 2006-01-05 10:00 - 00000000 ____D () C:\Program Files\Adobe
2014-10-18 12:32 - 2011-05-04 08:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-10-15 10:57 - 2013-07-14 20:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-12 06:56 - 2006-01-12 06:44 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Start Menu\Programs\TurboTax ItsDeductible
2014-10-12 06:56 - 2006-01-12 06:44 - 00000000 ____D () C:\Documents and Settings\pkmcclellan\Start Menu\Programs\ItsDeductibleEX
2014-10-12 06:56 - 2006-01-12 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Kodak
2014-10-10 06:26 - 2014-01-06 09:26 - 00000520 _____ () C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2014-10-10 03:38 - 2014-03-30 04:56 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

Some content of TEMP:
====================
C:\Documents and Settings\pkmcclellan\Local Settings\Temp\dllnt_dump.dll
C:\Documents and Settings\pkmcclellan\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\pkmcclellan\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by pkmcclellan at 2014-11-07 22:15:01
Running from E:\Bleeping Computer
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (Version: 50.0.165.000 - Hewlett-Packard) Hidden
944plc32 (HKLM\...\{50AF9AC4-6E62-405A-A269-C02B70A21E64}) (Version: 1.0.0 - Dell)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.41612 - ABBYY Software House)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Alohabob PC Relocator Ultra Control (HKLM\...\InstallShield_{ADF98CF7-1458-412F-976F-BF761A26F2A0}) (Version: 6.2.10.14 - Eisenworld, Inc.)
Alohabob PC Relocator Ultra Control (Version: 6.2.10.14 - Eisenworld, Inc.) Hidden
AOLIcon (Version: 1.00.0000 - Dell) Hidden
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Aventail Access Manager (HKCU\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.3.42 - SonicWALL Inc)
Aventail Access Manager (Version: 10.3.42 - SonicWALL Inc) Hidden
Aventail Connect (HKLM\...\{A2A78788-2792-49BF-AF22-5E9296E568F3}) (Version: 10.3.42 - SonicWALL Aventail)
Aventail Web Proxy Agent (HKLM\...\{9B0B46B3-10DF-4ADA-9501-0129D784563D}) (Version: 10.3.42 - SonicWALL Inc)
Aventail Webifiers (HKLM\...\{54D44AD1-A083-48B9-BD6F-AFD517B7C775}) (Version: 10.3.42 - SonicWALL Inc)
AVSDK5 (Version: 5.4.11 - CYREN Inc.) Hidden
Banctec Service Agreement (HKLM\...\{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}) (Version: 1.11.0000 - Dell)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
Consumer Complete Care Services Agreement (HKLM\...\{E8C06CB3-5DB2-4689-B1DC-4A0220DEA96C}) (Version: 1.11.0000 - Dell)
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.0.0.0 - Dell Inc.)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell Game Console (HKLM\...\Dell Game Console) (Version: - WildTangent)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DocMgr (Version: 120.0.000.000 - Hewlett-Packard) Hidden
DocProc (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Fax (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GPBaseService2 (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HP Customer Participation Program 12.0 (HKLM\...\HPExtendedCapabilities) (Version: 12.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 12.0 (HKLM\...\HP Imaging Device Functions) (Version: 12.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{FA0F0A01-4631-4161-A6C2-948BF694382E}) (Version: 12.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.05 - HP)
HP Solution Center 12.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 12.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Intel A/V Codecs V2.0 (HKLM\...\CodInstl) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® PROSet for Wired Connections (HKLM\...\{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}) (Version: 9.20.0000 - Dell)
iolo technologies' System Mechanic Professional (HKLM\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 14.0.1 - iolo technologies, LLC)
iPod for Windows 2006-06-28 (HKLM\...\InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}) (Version: 4.7.0 - Apple Computer, Inc.)
iPod for Windows 2006-06-28 (Version: 4.7.0 - Apple Computer, Inc.) Hidden
iPod Reset Utility (HKLM\...\{20ED157B-1A84-4DF7-945E-4951A38A9CBA}) (Version: 1.0.4.71 - Apple Inc.)
ItsDeductible Express (HKLM\...\{36495C59-089C-49D1-BD15-9E5BD86DC9A1}) (Version: 1.00.0000 - Intuit)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Macromedia Flash Player (HKLM\...\{0456ebd7-5f67-4ab6-852e-63781e3f389c}) (Version: 7.0.19.0 - Macromedia, Inc.)
MarketResearch (Version: 120.0.226.000 - Hewlett-Packard) Hidden
MCU (Version: 1.00.0000 - Dell) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Web Access S/MIME (HKLM\...\{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}) (Version: 6.5.7651.60 - Microsoft)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version: - )
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
MozyHome (HKLM\...\{DCFDCF4D-F10C-322C-AA4B-5B9A5E3D278B}) (Version: 2.26.7.405 - Mozy, Inc.)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
Network (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
NVIDIA nView 135.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.95 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 1.5.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.5.20 - NVIDIA Corporation)
OCR Software by I.R.I.S. 12.0 (HKLM\...\HPOCR) (Version: 12.0 - HP)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.4.16 - Nikon)
PowerDVD 5.5 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Quicken 2014 (HKLM\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.7.6 - Intuit)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 1.00.0000 - NETGEAR)
Scan (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4493.0 - SigmaTel)
SmartWebPrinting (Version: 120.0.194.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Sonic Audio module (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic Copy Module (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.97 - Sonic Solutions)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.1 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Sound Blaster Audigy ADVANCED MB (HKLM\...\{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}) (Version: 1.0 - )
Sound Blaster Audigy ADVANCED MB Product Registration (HKLM\...\Sound Blaster Audigy ADVANCED MB Product Registration) (Version: - )
Status (Version: 120.0.194.000 - Hewlett-Packard) Hidden
System Mechanic 14 Professional (Version: 14.0.1 - ) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
Toolbox (Version: 120.0.194.000 - Hewlett-Packard) Hidden
TrayApp (Version: 120.0.194.000 - Hewlett-Packard) Hidden
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Unity Web Player (HKLM\...\UnityWebPlayer) (Version: 2.5.0f5_21627 - Unity Technologies ApS)
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.8.3 - Nikon)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 120.0.194.000 - Hewlett-Packard) Hidden
WexTech AnswerWorks (HKLM\...\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}) (Version: 1.00.000 - )
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Easy Transfer for Windows 7 (HKLM\...\WET7Cable) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version: - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinZip 14.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
WN111v2 (Version: 1.00.0000 - NETGEAR) Hidden
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\MFC42U.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\MFC42U.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\MFC42U.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{17D165A2-DD58-4CD9-A155-6F22590BCB5C}\localserver32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\ewpca\ewpca.exe (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{225A2EEC-CD07-F926-E472-053CDEB2AEE1}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{2A1BE1E7-C550-4D67-A553-7F2D3A39233D}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\epi\epi.dll (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}\InprocServer32 -> C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{51DBAF4C-E1BF-40DC-B229-0963EB3D4729}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\webifier\CitrixWrapper.dll (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{699DDBCC-DC7E-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{6D835690-900B-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{7F33E95D-5A77-103B-2CE7-A556A261AC84}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{88FC690D-93F7-4A46-B920-4F611E7BE891}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\epi\epiVersion.dll (Aventail)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{94508EF1-415F-4642-9797-5125BF3F4F16}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\webifier\avrdpwrap.dll (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{A7BC4157-A8EC-488F-9808-C63E2ACB0996}\InprocServer32 -> C:\Documents and Settings\pkmcclellan\Application Data\Aventail\epi\epi.dll (Aventail Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{B8DA6310-E19B-11D0-933C-00A0C90DCAA9}\InprocServer32 -> C:\WINDOWS\system32\ACTXPRXY.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{FD8C4664-A2D4-97EC-185D-875E454333FE}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177899150-3433354104-1715971161-1008_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (InstallShield Software Corporation)

==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 04:18 - 2014-10-26 19:47 - 00000707 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\SystemToolsDailyTest.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{498E3F7D-1B17-418B-9F9C-FF065F0AC20E}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{EB9F45F2-DD33-432E-AF41-2B4DA5EB25E5}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseqrts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseqrts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupreg: VoiceCenter =>

========================= Accounts: ==========================

Administrator (S-1-5-21-1177899150-3433354104-1715971161-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1177899150-3433354104-1715971161-1009 - Limited - Enabled)
Guest (S-1-5-21-1177899150-3433354104-1715971161-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1177899150-3433354104-1715971161-1005 - Limited - Disabled)
IUSR_MCCLELLAN (S-1-5-21-1177899150-3433354104-1715971161-1011 - Limited - Enabled)
pkmcclellan (S-1-5-21-1177899150-3433354104-1715971161-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\pkmcclellan
SUPPORT_388945a0 (S-1-5-21-1177899150-3433354104-1715971161-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-1177899150-3433354104-1715971161-1010 - Limited - Enabled) => %SystemDrive%\Documents and Settings\UpdatusUser

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/07/2014 10:05:38 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (11/07/2014 10:05:38 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (11/07/2014 07:47:15 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The remote name could not be resolved: 'ftp.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.WebClient.OpenRead(Uri address)
at eSupport.Common.Client.Service.Core.ConfigurationInformation.SynchronizeOSInfoConfig()]]></StackTrace><Method>Synchronize OS INFO failed</Method></Exception>

Error: (11/07/2014 07:44:03 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (11/07/2014 07:44:03 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (11/07/2014 07:43:49 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (11/07/2014 07:43:49 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (11/07/2014 04:48:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 4.11.2014.0, faulting module frst.exe, version 4.11.2014.0, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]

Error: (11/07/2014 04:29:31 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (11/07/2014 04:29:31 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.


System errors:
=============
Error: (11/02/2014 08:38:43 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (11/02/2014 08:01:46 PM) (Source: PlugPlayManager) (EventID: 11) (User: )
Description: The device Root\LEGACY_MQAC\0000 disappeared from the system without first being prepared for removal.

Error: (11/02/2014 07:59:25 PM) (Source: PlugPlayManager) (EventID: 11) (User: )
Description: The device Root\LEGACY_MQAC\0000 disappeared from the system without first being prepared for removal.

Error: (11/02/2014 02:19:26 PM) (Source: NtServicePack) (EventID: 4373) (User: MCCLELLAN)
Description: Windows XP Service Pack 3 installation failed.
The system cannot find the file specified.

Error: (10/26/2014 06:37:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Office Software Protection Platform service failed to start due to the following error:
%%1053

Error: (10/26/2014 06:37:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Office Software Protection Platform service to connect.

Error: (10/26/2014 06:37:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Office Software Protection Platform service failed to start due to the following error:
%%1053

Error: (10/26/2014 06:37:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Office Software Protection Platform service to connect.

Error: (10/26/2014 06:37:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Office Software Protection Platform service failed to start due to the following error:
%%1053

Error: (10/26/2014 06:37:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Office Software Protection Platform service to connect.


Microsoft Office Sessions:
=========================
Error: (11/07/2014 10:05:38 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (11/07/2014 10:05:38 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (11/07/2014 07:47:15 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The remote name could not be resolved: 'ftp.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.WebClient.OpenRead(Uri address)
at eSupport.Common.Client.Service.Core.ConfigurationInformation.SynchronizeOSInfoConfig()]]></StackTrace><Method>Synchronize OS INFO failed</Method></Exception>

Error: (11/07/2014 07:44:03 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (11/07/2014 07:44:03 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (11/07/2014 07:43:49 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (11/07/2014 07:43:49 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (11/07/2014 04:48:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe4.11.2014.0frst.exe4.11.2014.00001f09e

Error: (11/07/2014 04:29:31 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (11/07/2014 04:29:31 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}


==================== Memory info ===========================

Processor: Intel® Pentium® D CPU 2.80GHz
Percentage of memory in use: 26%
Total physical RAM: 1022.07 MB
Available physical RAM: 752.37 MB
Total Pagefile: 2462.63 MB
Available Pagefile: 2374.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:143.81 GB) (Free:28.63 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: () (Removable) (Total:0.98 GB) (Free:0.59 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: E686F016)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Active) - (Size=143.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5.1 GB) - (Type=DB)

========================================================
Disk: 1 (Size: 1004 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
BCCode : 1000000a BCP1 : 488C4DFC BCP2 : 00000002 BCP3 : 00000000
BCP4 : 804E7629 OSVer : 5_1_2600 SP : 3_0 Product : 256_1

Attached Files


Edited by Oh My!, 08 November 2014 - 02:37 PM.
Posted logs


#10 pm0620

pm0620
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 07 November 2014 - 11:36 PM

Cannot repair wireless or internet as TCP/IP is not operating, according to error that just popped up.



#11 pm0620

pm0620
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 07 November 2014 - 11:49 PM

Lastly I just tried to restart and blue screen with IRQL_NOT_Less_OR_EQUAL

Technical Information:

***STOP: 0x0000000A (0x00000054, 0x0000001C, 0x00000001, 0x80502DC0)



#12 pm0620

pm0620
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 08 November 2014 - 07:04 AM

I restarted the computer this morning just to see how it was behaving again and I left it on for about 20 minutes to go do some other things.  Unfortunately now that services appear to be activated, my antivirus program (iolo System Mechanic) launched and went in an auto registry scan fix, plus it must have tried to fix the internet connection. Some of the icons that came back were gone again and then nothing worked, Some new .dll errors popped up and I couldnt even click on START to get anything to respond, so I just forced shut down via power button.  I restarted again and now everything seems to be activating.  I am going to let it rest as it is continuing to boot in the background for quite a time and see if some files can open.  Will let you know later.



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,419 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:03 AM

Posted 08 November 2014 - 02:48 PM

Before we do anything else I want to wait for an update on the condition of your computer.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 pm0620

pm0620
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 09 November 2014 - 07:15 AM

Gary,

 

It seems to be working now fine now.  I can open everything.  Internet working as well.  I just disable/renable my wireless router connection and so I am now operational directly from the desktop at this point.

 

However, my antivirus software quarantined the following as malicious software:

 

W32/Patched.A.gen!.Camelot

 

Infected Objects:

C:WINDOWS\SYSTEM32\DLLCACHE\rpcss.dll.new

C:\WINDOWS\SYSTEM32\rpcss.dll.new



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,419 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:03 AM

Posted 09 November 2014 - 09:41 AM

Very good. :thumbsup2:

===================================================

Emsisoft Emergency Kit Scan

--------------------
  • Download Emsisoft Emergency Kit and save it to your desktop.
  • Double click on the EmsisoftEmergencyKit.exe icon, click Run then Extract
  • Double click the Start Emsisoft Emergency Kit icon that will appear after extraction
  • Click Yes to update the program
  • Once the update is completed click the Back button
  • Click on 2. Scan (not Quick Scan or Smart Scan)
  • Click Yes to detect Potentially Unwanted Programs (PUPs)
  • Patiently wait for the thorough scan to complete, this can be a lengthy process
  • Once completed click Quarantine selected objects (if computer is clean you will not have this option) then click OK
  • Click View Report
  • Attach the report to your reply
  • Close the program then click Close
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double click the icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message attempt to run the program in Safe Mode
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Emsisoft report (if applicable)
  • Security Check log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users